www.hackread.com Open in urlscan Pro
67.227.194.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1...
Effective URL:
https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2A...
Submission: On May 17 via api (May 17th 2021, 12:35:52 am UTC) from SG

Summary HTTP 129 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 129 HTTP transactions. The main IP is 67.227.194.195, located in United States and belongs to LIQUIDWEB, US. The main domain is www.hackread.com.
TLS certificate: Issued by R3 on April 5th 2021. Valid for: 3 months.

This is the only time www.hackread.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
42	67.227.194.195 67.227.194.195	32244 (LIQUIDWEB) (LIQUIDWEB)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	54.194.230.135 54.194.230.135	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
129	20

2 199.60.103.2 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 67.227.194.195 (United States)

ASN32244 (LIQUIDWEB, US)

www.hackread.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.230.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-230-135.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	hackread.com www.hackread.com	744 KB
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	611 KB
19	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	89 KB
7	google.com 4 redirects adservice.google.com www.google.com	810 B
5	googletagservices.com www.googletagservices.com	171 KB
4	gstatic.com fonts.gstatic.com	70 KB
3	google.de adservice.google.de www.google.de	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	revcontent.com trends.revcontent.com	2 KB
2	gravatar.com secure.gravatar.com	11 KB
2	cloudflare.com cdnjs.cloudflare.com	7 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	4 KB
1	googleadservices.com partner.googleadservices.com	642 B
1	googletagmanager.com www.googletagmanager.com	35 KB
129	15

	Domain	Requested by
42	www.hackread.com	go.recordedfuture.com www.hackread.com
30	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.hackread.com pagead2.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.hackread.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
5	www.google.com	4 redirects www.hackread.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.hackread.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	trends.revcontent.com	www.hackread.com trends.revcontent.com
2	secure.gravatar.com	www.hackread.com
2	cdnjs.cloudflare.com	www.hackread.com
2	go.recordedfuture.com	1 redirects
1	www.google.de	www.hackread.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.hackread.com
129	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.ipvanish.com
en.wikipedia.org
pinterest.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
www.hackread.com R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Frame ID: 3289FA860F7EA1BAA4BFD9802DEF5C35
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html
Frame ID: CB81C2AF05C0E1C75244679336084FBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=4017573127&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729400&bpp=5&bdt=1182&idt=71&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4524932979980&frm=20&pv=2&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=291&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pElC1LFLmW&p=https%3A//www.hackread.com&dtd=90
Frame ID: D114E45DA8A8AD31B06D6098955474F4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98
Frame ID: D718228742CBB76F4C61E569BC7D9C9F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103
Frame ID: 8B415C795146C094960421AADA99F344
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111
Frame ID: 9A0792067E8370B6EDDB260B565BC0B9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html
Frame ID: CB8505725D31A751AF38C137DBBD2109
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 21E5283E317F016DF4EC7BFCE4C29DA9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&adk=1812271804&adf=3025194257&lmt=1621211729&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729826&bpp=2&bdt=1608&idt=2&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=39
Frame ID: 06BC32EE9E6709552372981B18C0DDB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html
Frame ID: 8ACD8CAED9FCE9501326C2166093EE46
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7B8906A20B423B8803695DB745005346
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1D70BB5F17EAE8E1DD7F807FCA9CCA98
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 09239DA7A14F981353490CF432358E1E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: 099FD206C4FFDD7E23BD12F793F81627
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: F65DC54BB43753916F8B3ABCB4119788
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 24C17FC64527CA01DF18FCAFC9B365A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVf... Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnp... HTTP 307
https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

129
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

19
Subdomains

20
IPs

4
Countries

1779 kB
Transfer

4400 kB
Size

7
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HackRead/

Search URL Search Domain Scan URL

URL: https://twitter.com/HackRead

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hackread/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCxMxPRftuzl5qT8zV4AZH9A

Search URL Search Domain Scan URL

URL: https://www.ipvanish.com/?a_aid=58989cb68596c&a_bid=48f95966
Title: IPVanish

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Avaddon%20ransomware%20gang%3A%20%E2%80%98We%20stole%203TB%20of%20French%20AXA%20Group%20data%E2%80%99&url=https://www.hackread.com/?p=85883&via=hackread
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Axa
Title: AXA Group

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HackRead/posts/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Avaddon%20ransomware%20gang:%20%E2%80%98We%20stole%203TB%20of%20French%20AXA%20Group%20data%E2%80%99&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F&title=Avaddon%20ransomware%20gang:%20%E2%80%98We%20stole%203TB%20of%20French%20AXA%20Group%20data%E2%80%99
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/&media=https://www.hackread.com/wp-content/uploads/2021/05/avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-4.jpg
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/WAK4S

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_YKyNbW8sW85d2Z27_1Vg-ffl3RwNsVW6rLL_S6zxQXrW6c74HQ2dzyY9W82j7X63lB9vYW2Wzg-Z4dHVT_W5rRHFm6JWGZKW3XqxS47z93s8W8pyGlC5ZrtlmVLCGcY3D1CJtW61D5CF3hfXx9W5k9YlC6VkyDXW3J9rPJ7vhPTcN3Fl7Bn9wYBLVNkTKR8JmRf-39Hq1 Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_YKyNbW8sW85d2Z27_1Vg-ffl3RwNsVW6rLL_S6zxQXrW6c74HQ2dzyY9W82j7X63lB9vYW2Wzg-Z4dHVT_W5rRHFm6JWGZKW3XqxS47z93s8W8pyGlC5ZrtlmVLCGcY3D1CJtW61D5CF3hfXx9W5k9YlC6VkyDXW3J9rPJ7vhPTcN3Fl7Bn9wYBLVNkTKR8JmRf-39Hq1?_ud=73e6f566-a14b-460f-85de-f05f30737bc9&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

129 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_Y... Show response
go.recordedfuture.com/e2t/tc/ 9 KB
3 KB 232ms
107ms Document
text/html 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_YKyNbW8sW85d2Z27_1Vg-ffl3RwNsVW6rLL_S6zxQXrW6c74HQ2dzyY9W82j7X63lB9vYW2Wzg-Z4dHVT_W5rRHFm6JWGZKW3XqxS47z93s8W8pyGlC5ZrtlmVLCGcY3D1CJtW61D5CF3hfXx9W5k9YlC6VkyDXW3J9rPJ7vhPTcN3Fl7Bn9wYBLVNkTKR8JmRf-39Hq1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de0ec5aa13a1afa106f706929d698c2e836963f741c652ecb3326e30ef7c3c9

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_YKyNbW8sW85d2Z27_1Vg-ffl3RwNsVW6rLL_S6zxQXrW6c74HQ2dzyY9W82j7X63lB9vYW2Wzg-Z4dHVT_W5rRHFm6JWGZKW3XqxS47z93s8W8pyGlC5ZrtlmVLCGcY3D1CJtW61D5CF3hfXx9W5k9YlC6VkyDXW3J9rPJ7vhPTcN3Fl7Bn9wYBLVNkTKR8JmRf-39Hq1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:24 GMT
content-type: text/html;charset=utf-8
cf-ray: 6508c3ff7fdb1fa2-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a1958d3ab00001fa2c9b4b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 72562514-62b2-45cf-a45c-56e382ab4883
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6SGmwsrmTriGWEOSYkUHxpBWHetJfC8iAKRlCXvYXF%2Bfi41bb9CWYmlkQMzkmd%2F%2BfnyG%2F1AEHTLcrNQL6MMPh43kgF2tnFrRdTkXxS4YqiXowIEwZOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=05dd9c058a8b0d2fbd7d64562456e6787562066a-1621211724; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request / Show response
www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW27...
https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6r...

89 KB
16 KB

3202ms
2894ms

Document
text/html

67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_YKyNbW8sW85d2Z27_1Vg-ffl3RwNsVW6rLL_S6zxQXrW6c74HQ2dzyY9W82j7X63lB9vYW2Wzg-Z4dHVT_W5rRHFm6JWGZKW3XqxS47z93s8W8pyGlC5ZrtlmVLCGcY3D1CJtW61D5CF3hfXx9W5k9YlC6VkyDXW3J9rPJ7vhPTcN3Fl7Bn9wYBLVNkTKR8JmRf-39Hq1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: d98f3c2459c1361d3f8325fee24d63836ed73e97bc2e104781a331d5cb0e3c16

Request headers

Host: www.hackread.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_YKyNbW8sW85d2Z27_1Vg-ffl3RwNsVW6rLL_S6zxQXrW6c74HQ2dzyY9W82j7X63lB9vYW2Wzg-Z4dHVT_W5rRHFm6JWGZKW3XqxS47z93s8W8pyGlC5ZrtlmVLCGcY3D1CJtW61D5CF3hfXx9W5k9YlC6VkyDXW3J9rPJ7vhPTcN3Fl7Bn9wYBLVNkTKR8JmRf-39Hq1

Response headers

Date: Mon, 17 May 2021 00:35:25 GMT
Server: Apache
Link: <https://www.hackread.com/wp-json/>; rel="https://api.w.org/", <https://www.hackread.com/?p=85883>; rel=shortlink
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Expires: Wed, 16 Jun 2021 00:35:25 GMT
Content-Encoding: gzip
Content-Length: 16177
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Mon, 17 May 2021 00:35:24 GMT
location: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
cf-ray: 6508c400387d1fa2-AMS
link: <https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a1958d41e00001fa287aae000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: e704f4ee-d602-42fc-8a05-28766b15f566
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=alEaybs7XPX3YCO%2FNYY1Rx5QbBvOkF1b9SLYkOwDsEyj7wGmj8ntssxisTGA37io6RUhNBWgggyWwYmGblXzCE5gA1HLbyRQzEYEtBOxq%2FMioldQCk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 4 KB
771 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Roboto%20Slab&subset=latin&display=swap&ver=1588795865

Requested by

Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5ff65f6176a9728855bd5ffdefe5186f5247ac00a08ccba5eed97fbd1c183f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 00:35:28 GMT
server: ESF
date: Mon, 17 May 2021 00:35:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 00:35:28 GMT

GET
H/1.1 200
OK style.min.css
www.hackread.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 271ms
154ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.11
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 22:00:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 4788
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK styles.css
www.hackread.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 426ms
153ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.9
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 21:27:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 677
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK mashsb.min.css
www.hackread.com/wp-content/plugins/mashsharer/assets/css/ 46 KB
28 KB 460ms
154ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.7.9
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Feb 2021 21:42:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 28578
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.hackread.com/wp-content/themes/newsgamer/assets/css/ 120 KB
20 KB 466ms
157ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/bootstrap.min.css?ver=3.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 21:18:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 19883
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK mip.external.css
www.hackread.com/wp-content/themes/newsgamer/assets/css/ 87 KB
18 KB 467ms
157ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/mip.external.css?ver=3.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 8afc1a2899ec2d2c29c203e17c69fe00b369d1aec1634a58653208d6db298958

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 21:18:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 17673
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK style.css
www.hackread.com/wp-content/themes/newsgamer/ 113 KB
18 KB 473ms
160ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/style.css?ver=3.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: aec82224c09d294beea4160203832ee036a5205cbf13f4614da26b4f558e497b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 May 2020 21:19:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 18556
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK media-queries.css
www.hackread.com/wp-content/themes/newsgamer/assets/css/ 26 KB
4 KB 475ms
159ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/media-queries.css?ver=3.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: b5b0cab3bf2be0ec59bd3b301364a639d993e99d0d526e436442065b9406067b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 21:18:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 3798
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK dynamic.css
www.hackread.com/wp-content/themes/newsgamer/assets/css/ 508 KB
18 KB 583ms
158ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: fb0bbf07d7522a4708c0e706ffcd3f92f2e0657bde2745d67b5716d56dc89675

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 May 2021 23:21:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 18256
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK typography.css
www.hackread.com/wp-content/themes/newsgamer/assets/css/ 21 KB
2 KB 632ms
156ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/typography.css?ver=1621207275
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 29684c69851d503e4dbcbf9741b727d47b5fe76076b7eef2009fc404a5ceaa54

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 May 2021 23:21:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1941
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK button-styles.css
www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 9 KB
2 KB 744ms
153ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 May 2020 11:14:51 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1370
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK jquery.js Show response
www.hackread.com/wp-includes/js/jquery/ 95 KB
33 KB 750ms
158ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 07:16:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 33776
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.hackread.com/wp-includes/js/jquery/ 10 KB
4 KB 746ms
154ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2016 19:13:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 4014
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK mashsb.min.js Show response
www.hackread.com/wp-content/plugins/mashsharer/assets/js/ 4 KB
2 KB 754ms
156ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.7.9
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: a13a1fe4a87c09c6e9122834b5351f80012e2c539b32bc1d33c6982efab21b4b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Feb 2021 21:42:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1533
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
1 KB 11ms
10ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 272041
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
cf-request-id: 0a1958e16100002c428294b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OxEn8kXF2c3MWWFSxyAI%2B35c7eclK8Zdk4DH693uuzSrMs8RrMXSeKoIXIayK8qzuwON69eSevsEbMZMHW4BZ1gcQw3mUaAmDZUh0w1RFKg9XMWhnPcsXPUleVWQAumlPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6508c415698d2c42-FRA
expires: Sat, 07 May 2022 00:35:28 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 12ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2266351
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
cf-request-id: 0a1958e16200002c4279187000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DfHfs2k2xxFvj0yWx2xKEQDcae%2F9ECkFOvohfblMF0oJy486pqzHiI8dCFWZRGJ46RSetSQUWj0%2BDZ%2BmbPb%2BStUaXU%2Bx5%2FaDxB2ALmZw5SfhPipIen%2B7gopaxAbdqVSxVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6508c415698f2c42-FRA
expires: Sat, 07 May 2022 00:35:28 GMT

GET
H/1.1 200
OK hackread-logo.png
www.hackread.com/wp-content/uploads/2015/12/ 5 KB
6 KB 271ms
154ms Image
image/png 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2015/12/hackread-logo.png
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: c89ff58885f6c99c896f0d833df56bd3ffd048276624c7b31b934cadc9e57ee1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Thu, 19 Jul 2018 23:37:46 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 5496
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H2 200 cf728b76a63b387b11edeafcb1b9b654
secure.gravatar.com/avatar/ 5 KB
5 KB 24ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/cf728b76a63b387b11edeafcb1b9b654?s=100&d=mm&r=g
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: cef751c2539d57a209824973bf2687ce2923e6b3b349b2984dbb79e9cf8e7e26

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 17 May 2021 00:35:29 GMT
last-modified: Wed, 27 Nov 2019 23:34:40 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="cf728b76a63b387b11edeafcb1b9b654.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/cf728b76a63b387b11edeafcb1b9b654?s=100&d=mm&r=g>; rel="canonical"
content-length: 4838
expires: Mon, 17 May 2021 00:40:29 GMT

GET
H/1.1 200
OK 410njbnz9ol_go1_icon.ico
www.hackread.com/wp-content/uploads/2015/12/ 37 KB
3 KB 403ms
161ms Image
image/x-icon 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2015/12/410njbnz9ol_go1_icon.ico
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: a83b6dc4e04e6e657a3c36c83d61e410ac5ef9615e0c3dfcf3c454cde68bf243

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Aug 2019 11:48:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/x-icon
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 2909
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49888
x-xss-protection: 0
server: cafe
etag: 503174456932000003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 May 2021 00:35:29 GMT

GET
H/1.1 200
OK avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-3-768x652.jpg
www.hackread.com/wp-content/uploads/2021/05/ 88 KB
88 KB 157ms
156ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-3-768x652.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 868ea210ca2c72e4cec557044b626ab2176d084546263617f49c9975e902b49b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Sun, 16 May 2021 19:33:42 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=94
Content-Length: 90235
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-1-630x430.jpg
www.hackread.com/wp-content/uploads/2021/05/ 34 KB
34 KB 157ms
156ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-1-630x430.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 005cca26fed5152e1dcae725cdcea6e60d662c2ec7845b3ee005d97b1201f99c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Sun, 16 May 2021 19:58:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 34962
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-2-526x430.jpg
www.hackread.com/wp-content/uploads/2021/05/ 34 KB
34 KB 156ms
155ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-2-526x430.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: e3c434425c454a821d998b376d3602904f443c0de6c3e6821a92510f64f1e136

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Mon, 17 May 2021 00:35:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 34403
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H2 200 cf728b76a63b387b11edeafcb1b9b654
secure.gravatar.com/avatar/ 6 KB
6 KB 24ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/cf728b76a63b387b11edeafcb1b9b654?s=115&d=mm&r=g
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 300ecda43616d76a68644bdd74c139eb08f811ab4acd6abdc1f18a67be50c3f8

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 17 May 2021 00:35:29 GMT
last-modified: Wed, 27 Nov 2019 23:34:40 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="cf728b76a63b387b11edeafcb1b9b654.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/cf728b76a63b387b11edeafcb1b9b654?s=115&d=mm&r=g>; rel="canonical"
content-length: 5940
expires: Mon, 17 May 2021 00:40:29 GMT

GET
H/1.1 200
OK avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-4-277x190.jpg
www.hackread.com/wp-content/uploads/2021/05/ 13 KB
14 KB 360ms
157ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-4-277x190.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: c79b9878da3c51b0c78bd340bfbcde214bfc314bb430f92c1acc461abd7411b0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Sun, 16 May 2021 19:33:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 13501
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK darkside-ransomware-quits-bitcoin-servers-seize-277x190.jpg
www.hackread.com/wp-content/uploads/2021/05/ 18 KB
18 KB 358ms
155ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/darkside-ransomware-quits-bitcoin-servers-seize-277x190.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 9801df43f7a2c3d1e3d04eb22c2bf5fb17db35d9b55d0450c00c65815b5c048e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Fri, 14 May 2021 22:32:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 18216
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK ransomware-attack-cripples-largest-us-gas-pipeline-2-277x190.jpg
www.hackread.com/wp-content/uploads/2021/05/ 14 KB
15 KB 156ms
156ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/ransomware-attack-cripples-largest-us-gas-pipeline-2-277x190.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: fa269da1269d3994bf924b91deb512641df1378d2ec6070c28a6c51f8b23d2eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Sun, 09 May 2021 22:28:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 14801
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-4-176x120.jpg
www.hackread.com/wp-content/uploads/2021/05/ 7 KB
7 KB 159ms
157ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-4-176x120.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 180cd8e8208ef288cb3dc6d009b5a2e7f3df5854efff23d348d6b5beb1667e03

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Cookie: __gads=ID=36f9d391353fc246-22d8aa9713c800d1:T=1621211729:RT=1621211729:S=ALNI_MZ3_ELieCQWUSi2OzFNnfrMjJI3Tw
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Sun, 16 May 2021 19:33:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=94
Content-Length: 6693
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK darkside-ransomware-quits-bitcoin-servers-seize-176x120.jpg
www.hackread.com/wp-content/uploads/2021/05/ 8 KB
8 KB 159ms
157ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/darkside-ransomware-quits-bitcoin-servers-seize-176x120.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 9c0cbb5a374f89014dae3f9d2fe5ac86b517a059f7c150508bac13421fb5abd8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Cookie: __gads=ID=36f9d391353fc246-22d8aa9713c800d1:T=1621211729:RT=1621211729:S=ALNI_MZ3_ELieCQWUSi2OzFNnfrMjJI3Tw
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Fri, 14 May 2021 22:32:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=91
Content-Length: 7795
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK top-certifications-network-security-administrators-in-2021-176x120.jpg
www.hackread.com/wp-content/uploads/2021/05/ 4 KB
4 KB 351ms
154ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/top-certifications-network-security-administrators-in-2021-176x120.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: d7ab68b8a200b0714519d7d4420ac52b7a50fcc3460d5c55eff743d26a623bb8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Fri, 14 May 2021 20:03:56 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 3743
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK hackread-logo.png
www.hackread.com/wp-content/uploads/2015/12/ 5 KB
6 KB 166ms
160ms Image
image/png 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2015/12/hackread-logo.png?x62286
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: c89ff58885f6c99c896f0d833df56bd3ffd048276624c7b31b934cadc9e57ee1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Cookie: __gads=ID=36f9d391353fc246-22d8aa9713c800d1:T=1621211729:RT=1621211729:S=ALNI_MZ3_ELieCQWUSi2OzFNnfrMjJI3Tw
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Thu, 19 Jul 2018 23:37:46 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=94
Content-Length: 5496
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK scripts.js Show response
www.hackread.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 163ms
162ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.9
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 21:27:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 4039
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK ta.js Show response
www.hackread.com/wp-content/plugins/thirstyaffiliates/js/app/ 10 KB
3 KB 153ms
153ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.10.2
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 31c020e98d623d9d86a904d64f4b923726a1ab664bff40a7550866ea2d4f5e03

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jan 2021 11:44:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 2584
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.hackread.com/wp-content/themes/newsgamer/assets/js/ 36 KB
10 KB 161ms
156ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/js/bootstrap.min.js?ver=3.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 21:18:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 9745
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK mip.external.min.js Show response
www.hackread.com/wp-content/themes/newsgamer/assets/js/ 135 KB
42 KB 167ms
163ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/js/mip.external.min.js?ver=3.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: cd605c7d4107ef5b9d511b13cb1e053db59d2daa7df99e1e5754e54c0c7cec87

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 21:18:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 42900
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK functions.js Show response
www.hackread.com/wp-content/themes/newsgamer/assets/js/ 17 KB
5 KB 159ms
154ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/js/functions.js?ver=3.1
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: afe9c8752a20b726104d37ce2f099e89eba3b62bb31a3307c5a9bbf9de3c2e2d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 21:18:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 4438
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.hackread.com/wp-includes/js/ 1 KB
1 KB 161ms
156ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-includes/js/wp-embed.min.js?ver=5.2.11
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 22:00:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 739
Expires: Tue, 17 May 2022 00:35:28 GMT

GET
H/1.1 200
OK form.js Show response
www.hackread.com/wp-content/plugins/akismet/_inc/ 700 B
715 B 158ms
158ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Cookie: __gads=ID=36f9d391353fc246-22d8aa9713c800d1:T=1621211729:RT=1621211729:S=ALNI_MZ3_ELieCQWUSi2OzFNnfrMjJI3Tw
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 13:57:17 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=93
Content-Length: 318
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
www.hackread.com/wp-includes/js/ 2 KB
1 KB 154ms
153ms Script
application/javascript 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-includes/js/comment-reply.min.js?ver=5.2.11
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: aeb40c559d97e7bbb79841388a3b9a371c1d23ad07f69499ffd0f4625c35ec61

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 22:00:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=93
Content-Length: 1044
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 42ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36230183-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a43ea9ee8c8781ee4b336bd35c48a0733ffa1bbafe5af97b312340173344acec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35636
x-xss-protection: 0
last-modified: Mon, 17 May 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 May 2021 00:35:29 GMT

GET
H/1.1 200
OK dashicons.min.css
www.hackread.com/wp-includes/css/ 46 KB
28 KB 155ms
154ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-includes/css/dashicons.min.css
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Connection: keep-alive
Referer: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 22:00:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 28487
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 86 KB
13 KB 156ms
155ms Stylesheet
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Connection: keep-alive
Referer: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 May 2020 11:14:51 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 12863
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK dynamic.css
www.hackread.com/wp-content/themes/newsgamer/assets/css/ 64 KB
64 KB 254ms
157ms Image
text/css 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Connection: keep-alive
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 May 2021 23:21:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 18256
Expires: Wed, 16 Jun 2021 00:35:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto%20Slab&subset=latin&display=swap&ver=1588795865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hackread.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 341517
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 13 May 2022 01:43:32 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/fonts/ 43 KB
44 KB 170ms
154ms Font
x-font/woff 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.hackread.com
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Connection: keep-alive
Origin: https://www.hackread.com
Referer: https://www.hackread.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 May 2020 11:14:51 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: x-font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=94
Content-Length: 44427
Expires: Wed, 16 Jun 2021 00:35:28 GMT

GET
H/1.1 200
OK vertical-right-shadow.png
www.hackread.com/wp-content/themes/newsgamer/images/ 3 KB
4 KB 254ms
160ms Image
image/png 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/images/vertical-right-shadow.png
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: dfbf744b87270c5e4148371216220d1421d01dfdbf7ad35afff64763cb852484

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Connection: keep-alive
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Thu, 19 Jul 2018 21:18:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 3353
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H/1.1 200
OK top-left-shadow.png
www.hackread.com/wp-content/themes/newsgamer/images/ 2 KB
2 KB 254ms
157ms Image
image/png 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/images/top-left-shadow.png
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 3329ee5bb1edc52b18015e9bdedd275415080788f9c1fdd7165bca609874c9c5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
Connection: keep-alive
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/dynamic.css?ver=1621207275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Thu, 19 Jul 2018 21:18:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 1877
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H3-29 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v13/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto%20Slab&subset=latin&display=swap&ver=1588795865

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a693ec553fed00d0a2992eb32b82b250e7c64ef7928c117d4c0949b62d4dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hackread.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:04:05 GMT
server: sffe
age: 52311
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19252
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9

Request headers

Origin: https://www.hackread.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
2 KB 214ms
72ms Script
text/html 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=3420&t=rc_447&c=1621211729371&width=1600&referer=https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-230-135.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

13af7fafce9aec6f8a24870535c592ab2a47c557c166d1ed91ff0d1fda8b117c

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.hackread.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1380

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/ 223 KB
82 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675825324474978&plah=www.hackread.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84097
x-xss-protection: 0
server: cafe
etag: 12558658968377452156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 May 2021 00:35:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/ Frame CB81 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210511/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackread.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackread.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 16 May 2021 20:24:49 GMT
expires: Sun, 30 May 2021 20:24:49 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 15040
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
642 B 259ms
78ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hackread.com&callback=_gfp_s_&client=ca-pub-3675825324474978

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675825324474978&plah=www.hackread.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

386e90187892e4197810ec744a78a68a487d6899ff6d378b26ae7f5aec64f190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hackread.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hackread.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D114 58 KB
20 KB 193ms
192ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=4017573127&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729400&bpp=5&bdt=1182&idt=71&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4524932979980&frm=20&pv=2&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=291&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pElC1LFLmW&p=https%3A//www.hackread.com&dtd=90

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

814f42691853c7f9ba005308030f114ebc2bfc863c367091645b3fddca62ec97

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnn-Km8z_ACFTnkuwgdIwEBCw&gqi=UbqhYLW8HuyI7_UPtZG2wA8&layout=/sadbundle/%24csp%253Der3%24/12446439910036996096/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=4017573127&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729400&bpp=5&bdt=1182&idt=71&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4524932979980&frm=20&pv=2&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=291&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pElC1LFLmW&p=https%3A//www.hackread.com&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackread.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackread.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnn-Km8z_ACFTnkuwgdIwEBCw&gqi=UbqhYLW8HuyI7_UPtZG2wA8&layout=/sadbundle/%24csp%253Der3%24/12446439910036996096/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 May 2021 00:35:29 GMT
server: cafe
content-length: 20189
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-May-2021 00:50:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Mon, 17 May 2021 00:35:29 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D718 58 KB
20 KB 497ms
496ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0004c51e30a86b9a6001d7225cf32723ad1dbbd76d1dcd0634982f0e588731b4

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN7G-am8z_ACFVH-uwgdwJsBGQ&gqi=UbqhYM-VH8nH7_UPvceeqAo&layout=/sadbundle/%24csp%253Der3%24/12446439910036996096/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackread.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackread.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN7G-am8z_ACFVH-uwgdwJsBGQ&gqi=UbqhYM-VH8nH7_UPvceeqAo&layout=/sadbundle/%24csp%253Der3%24/12446439910036996096/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 May 2021 00:35:29 GMT
server: cafe
content-length: 20145
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-May-2021 00:50:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:29 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B41 60 KB
22 KB 530ms
529ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e4f06e8f6d650b78e5b4a0205b9ebbf0a6790feecb1fdd486bf7a57f2c4e9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackread.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackread.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 May 2021 00:35:30 GMT
server: cafe
content-length: 22835
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-May-2021 00:50:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:30 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A07 60 KB
22 KB 291ms
291ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f79a45e5222c53267aa860f2183f55c645d92d9cac7a84d2bdcce1cc42a9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackread.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackread.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 May 2021 00:35:29 GMT
server: cafe
content-length: 22713
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-May-2021 00:50:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:29 GMT
cache-control: private

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.hackread.com/wp-content/themes/newsgamer/assets/fonts/ 75 KB
76 KB 249ms
156ms Font
font/woff2 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/mip.external.css?ver=3.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.hackread.com
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/mip.external.css?ver=3.1
Connection: keep-alive
Origin: https://www.hackread.com
Referer: https://www.hackread.com/wp-content/themes/newsgamer/assets/css/mip.external.css?ver=3.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 21:18:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=10368000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Expires: Tue, 14 Sep 2021 00:35:29 GMT

POST
H2 404 serve.js.php Show response
trends.revcontent.com/ 0
454 B 83ms
83ms XHR
text/html 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=3420&t=rc_447&c=1621211729371&width=1600&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email&site_url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=3420&t=rc_447&c=1621211729371&width=1600&referer=https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-230-135.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: https://www.hackread.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0

GET
H/1.1 200
OK avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-4.jpg
www.hackread.com/wp-content/uploads/2021/05/ 37 KB
37 KB 157ms
153ms Image
image/jpeg 67.227.194.195
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hackread.com/wp-content/uploads/2021/05/avaddon-ransomwarefrench-insurance-axa-3tb-data-stolen-4.jpg
Requested by: Host: www.hackread.com
URL: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.227.194.195 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 4a7913eae47a8ce1a2b6f607d1b1ca19191c8a3c270c7bad5882e805e4a39b55

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.hackread.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
Connection: keep-alive
Referer: https://www.hackread.com/avaddon-ransomware-french-insurance-axa-data-stolen/?utm_medium=email&_hsmi=127595845&_hsenc=p2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg&utm_content=127595845&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:35:29 GMT
Last-Modified: Sun, 16 May 2021 19:33:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=92
Content-Length: 37878
Expires: Tue, 17 May 2022 00:35:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame D114 2 KB
1 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=4017573127&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729400&bpp=5&bdt=1182&idt=71&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4524932979980&frm=20&pv=2&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=291&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pElC1LFLmW&p=https%3A//www.hackread.com&dtd=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:24:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D114 117 KB
36 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 00:35:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame D114 13 KB
6 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:16:45 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame CB85 181 KB
26 KB 19ms
10ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47588c62570f493913955e4db8ef2ffdcaea17db9586cb191b8cd23f86b9b2bb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12446439910036996096/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 11 May 2021 07:30:12 GMT
expires: Wed, 11 May 2022 07:30:12 GMT
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 24887
age: 493517
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D114 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHnuBUbqhYOn6HrnI7_UPo4KEWNOs9uJizIDVxdcNmujS4LIBEAEg-Jq4HmCVAqAB1NDQlwPIAQmpAs6P_jB0YLQ-qAMByAMCqgSSA0_Q2lYsY2sTgE3BAb5ENnYDR9KWF8lX1eHrFcEY7yLMLgdG63L8Hw5y7YUBoRrSLO13tCvGx54jiZICGECJZjwwzLPgHOQinq5Yj7nYFViY0CigyCqq8sv_2USxbRnBUsua7dr4YxJEBhxMsxYDdXSo_HkM80NasUKIkHKngMArwLiIDcQ5G2f53weTY2b8C4_Tjm_CsclQBmhCLKsQ2hZwjPNBs4saXIqPzAI3r9prOC_JF1OgCpp2p5ezoybDp58iKsTHArDqxJizG1aTS1XJZQc1VsPdmBTYXJ1EcWAcWZ5RkH4Rb6FUj7mK5M9qfKnOA3Z9SWKdvf8EW66SNsRAPIfy46jg1qKGr-NB506LJfnJi0Z5LjbsLeWtiSBiaDgAe9rfraU7mGWpZDsA1SUOStvbSvhjagIIBgHhpC21hQdh6euheckVCVuEBPNx2BZOnH1Q6CbY6Z6g-Odm7htvsWtu6Ib74UsdOvUsoSa5vuj-vHrkOro06M0bGLUAqWWEb2Tepjx8DBBdEimdrcH_5sAEoduM7okDkgUECAQYAZIFBAgFGASgBl2AB8v_3GyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ5fET0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTM2NzU4MjUzMjQ0NzQ5Nzg&sigh=jCYlJpB_vrI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=4017573127&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729400&bpp=5&bdt=1182&idt=71&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4524932979980&frm=20&pv=2&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=291&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pElC1LFLmW&p=https%3A//www.hackread.com&dtd=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 17 May 2021 00:35:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 17 May 2021 00:35:29 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21E5 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=4017573127&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729400&bpp=5&bdt=1182&idt=71&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4524932979980&frm=20&pv=2&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=291&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pElC1LFLmW&p=https%3A//www.hackread.com&dtd=90
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=4017573127&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729400&bpp=5&bdt=1182&idt=71&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4524932979980&frm=20&pv=2&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=291&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pElC1LFLmW&p=https%3A//www.hackread.com&dtd=90

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 23:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2299
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&tn=DIV&cls=imageHolder&ign=false

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:35:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hackread.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hackread.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06BC 0
16 B 63ms
62ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&adk=1812271804&adf=3025194257&lmt=1621211729&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729826&bpp=2&bdt=1608&idt=2&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=39

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3675825324474978&output=html&adk=1812271804&adf=3025194257&lmt=1621211729&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729826&bpp=2&bdt=1608&idt=2&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=39
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackread.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackread.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:29 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36230183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 517
date: Mon, 17 May 2021 00:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 02:26:52 GMT

GET
DATA 200
OK truncated
/ Frame D114 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 060c02b4ff758b513229a1cfd8e8a5f94e08c8c94fd8c8eb50f7d6a01e72637f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame CB85 2 KB
566 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 00:01:09 GMT
server: ESF
date: Mon, 17 May 2021 00:35:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 00:35:30 GMT

GET
H3-29 200 12974621997242112035
tpc.googlesyndication.com/simgad/ Frame 9A07 34 KB
35 KB 26ms
10ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12974621997242112035?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkmw01TSPVco6Vdj-WHnMZA6nmjuw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e1a8295b37d834071ccb41155fbe01d3fab48770dec4e9be8bd9f5963e7ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:35:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 15:52:46 GMT
server: sffe
age: 291582
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35327
x-xss-protection: 0
expires: Fri, 13 May 2022 15:35:48 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 9A07 17 KB
7 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:25:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9A07 2 KB
1 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:24:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A07 117 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 00:35:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9A07 13 KB
6 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:16:45 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9A07 25 KB
10 KB 21ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 14:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 14:21:41 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9A07 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfmDwUbqhYOTVIJLL7_UP1qmLgAOwkvXiYufp7I7JDaTn8u2VAhABIPiauB5glQKgAYeiqdwCyAECqAMByAPJBKoEkwNP0JyMbCatZ5ZEKkmiR9ZRGmQwxCE94YqfUZSmeVU8m0ghs1oFcgMhu0PRTrTKtFxuaFGYv-3t0bnO6FSZXf73wJUvlKafxHY_x2yEUvdSuL_n3MrOaWHSYCFSYMQtn1l5cY7KMdO-hnD_vU9oLbXii2aShtAB0gSr1J5RPoYE3fD6Wr4buH9_PEAHZufct4y67gWlHYU8e0uN8lxWSsz4kDXpN-O59EnQXcECzo2GoSjb-EgNDb7Z_RT2vl4u3rQo-032FMZIkXDJ_I2QPX8Vm9WtOgAzHGkZcCHt7uLl0FWhKLLeLb0NXy5J-EFtIwdumy1K0-UifQakf_cQptyqIY1JEv947rpplncBKqgr0mxI23oqjEPS3PaLvm9hDPfHaTpoA0zIssIVdvqah0S28PZypZSJjTAty0LE3qDyxbKtg8macBPSiJ2avWxLCMOl1uLKflgLm5o71JG-z0Cq6OrtsTlR03DxY3kXYAhoJIrMEL4wCdVKKm8Ot9h8sL3pspcOPgtRYmQ7P0ZgbUDO9vHjwATrq5jcjwOSBQQIBBgBkgUECAUYBKAGAoAH2P343QGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ4p8G0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTM2NzU4MjUzMjQ0NzQ5Nzg&sigh=bFLeoDnDmQw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 17 May 2021 00:35:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1619688195&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Avaddon%20ransomware%20gang%3A%20%27We%20stole%203TB%20of%20French%20AXA%20Group%20data%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=174100817&gjid=574283865&cid=604263973.1621211729&tid=UA-36230183-1&_gid=182311018.1621211730&_r=1&gtm=2ou5c1&z=1205363752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:35:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hackread.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CB85 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CB85 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 23:11:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-36230183-1&cid=604263973.1621211729&jid=174100817&gjid=574283865&_gid=182311018.1621211730&_u=YAhAAUAAAAAAAC~&z=1272664518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 00:35:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.hackread.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21E5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
13ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 17-May-2021 01:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame D718 2 KB
1 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:24:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D718 117 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 00:35:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame D718 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:16:45 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame 8ACD 181 KB
24 KB 9ms
9ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47588c62570f493913955e4db8ef2ffdcaea17db9586cb191b8cd23f86b9b2bb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12446439910036996096/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 11 May 2021 07:30:12 GMT
expires: Wed, 11 May 2022 07:30:12 GMT
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 24887
age: 493518
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D718 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C30QcUbqhYJ7aH9H87_UPwLeGyAHTrPbiYsyA1cXXDZro0uCyARABIPiauB5glQKgAdTQ0JcDyAEJqQLOj_4wdGC0PqgDAcgDAqoElQNP0Dz5Z3wMfJMLWrJo9a36rZa0edsSY1fyFXUpG677T4IvN9YcOV_MMl5QSvmGsBLnwTFpEkZy2W7CGcORIogLL6Q0tCpUOVpSIWLXVZGxSaqsvlIjvaOsEKE9c7gP2n6jliIpFklo1fdvMfNs34nq4OrUIPPAdqEeN_RYoMYIGMkvtVL9K0JhJtm8M66SdiTz6Nh7DfB8NGy5IIKp8Ii388_iPHyj5Nu6KKq1ZyWt5HjSZiiwRmm4gJQo03j1komJK3pHOLOE7HVPgFI0l1oMQyEDOGHwhmhMX2tf4H4nAtUJ_TyQknMDxJyF0QqZ_S-QiYFGOssfjYiB5--U9ku_5aLyPHK7oXIYacXsK2rXXsfxGufWHpzgdPfwjp3_K1d3aCFJRH20cL_R3vRPnXJyQXFL0PVDVp1KeuTIoPssmDBzMhRCDL1MNnST0qd8e_tWQ-rPWLZ88oSNjfGBs8HaXF5eV2XGLT9AOnR6PtPlVGYNejdYS2UZ3kG2BHzxp_gp5p6ytqeQLsXZusMmMFOCnJOKBrvABKHbjO6JA5IFBAgEGAGSBQQIBRgEoAZdgAfL_9xsqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELvNEtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0zNjc1ODI1MzI0NDc0OTc4&sigh=lJBpOFnglAY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 17 May 2021 00:35:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B89 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 23:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2300
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D70 143 B
163 B 7ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 23:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2300
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9A07 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e93889c529ef2fe00b9e4ab5bf25318402c7d3065d0649a84a558ca90fb534b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 2352380420852053461
tpc.googlesyndication.com/simgad/ Frame 8B41 43 KB
43 KB 15ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2352380420852053461?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnojEwhfxOnuA0G1N1WYrYB6Ww2Bg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 05:27:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Dec 2020 09:02:59 GMT
server: sffe
age: 155273
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44007
x-xss-protection: 0
expires: Sun, 15 May 2022 05:27:37 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 8B41 17 KB
7 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:25:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 8B41 2 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:24:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B41 117 KB
36 KB 35ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 00:35:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 8B41 13 KB
6 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:16:45 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 8B41 25 KB
10 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 14:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 14:21:41 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8B41 0
0 45ms
43ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca2eiUbqhYNaPIITP7_UPx8avuAzoxbm5YrXWi6rgDZXi2vqxCRABIPiauB5glQKgAcbB_pMDyAECqAMByAPJBKoElgNP0Dy_Pdwf6Ovhrd6E9-FldU6MshqVNJmHINch_7MFqqWIuQljtHDCpz3rBuZYPamIDyil8PPFH9peuL327c4nvaEHneFtDjjbgY28_ekRm_xBRrwvKUgB4OwNhMTYlk3Vo6vDPCVn5d1IC7yrXhPdR67Sn01Tbe5tmNnYP9ISVPCZt7wrafsV4JWDt0gD9lHbkgKKLtMhaLFBgrFXNoKtAPvxatcQ6bjxeHKMx3YuOFAuaLHx3cEvxmwOD8cZpTeGqZiGSERf40naid9kRqPQxxS8kasmc6uy0f4qA5lLjXbx19Ut9SuEUMamk_DkAQ7lYqYo6OQqYZRMC6Bw1J527UVNM0vculeEThS50v-h3EfkUhL5LLmkxmCqZalRS0VgK3DHC_i7R3BUOvE1ZruMUebavPz_PvaDkfdOiGfncfZQmue2f087LtKIQ1i2yoxdAHFay057RFe4vJoCYKwKYfmLpZv2MYksX8WYW6rL_9ptdsblR4ec4FAxBlRJYWyG36VV0MSyICelMQeS-J8MYlNxmxkVwAT5ofrU0QOSBQQIBBgBkgUECAUYBKAGAoAHor6BbKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCk1AvSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItMzY3NTgyNTMyNDQ3NDk3OA&sigh=Fre5OyNbXIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 17 May 2021 00:35:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 28ms
25ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-36230183-1&cid=604263973.1621211729&jid=174100817&_u=YAhAAUAAAAAAAC~&z=945930147

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:35:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-36230183-1&cid=604263973.1621211729&jid=174100817&_u=YAhAAUAAAAAAAC~&z=945930147

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:35:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame CB85 18 KB
18 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 03:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:31:27 GMT
server: sffe
age: 75530
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18116
x-xss-protection: 0
expires: Mon, 16 May 2022 03:36:40 GMT

GET
DATA 200
OK truncated
/ Frame D718 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c05306de7c700fb4198e29b35226bdabae6cc9cd2ac42470bf9011926cde7a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0923 143 B
163 B 15ms
13ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 23:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2300
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8B41 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01e9ae6ee5a4bd6ca7f8241556829aa1fd5b3e93ef17f9693314eb6e9ebacb68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 8ACD 2 KB
566 B 32ms
28ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 22:49:39 GMT
server: ESF
date: Mon, 17 May 2021 00:35:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 00:35:30 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8ACD 16 KB
6 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8ACD 26 KB
10 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 May 2021 23:11:01 GMT

GET
H3-29 200 Microsoft-logo_rgb_c-gray-s.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame CB85 9 KB
9 KB 15ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/Microsoft-logo_rgb_c-gray-s.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38a3671f996c113b463521575ad555cee1b7c36191326fbde2b03cba590b17be

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9558
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29 200 Grover_Logo_SoftBlack_RGB.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame CB85 4 KB
4 KB 18ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/Grover_Logo_SoftBlack_RGB.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

384303a22e22f4ea69565c900f857e40e2137df258856946daf32e6c17ab3b74

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4047
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29 200 gradient.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame CB85 8 KB
8 KB 18ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/gradient.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce47a338f176113a2af0389aee6724730e0a65673060d045c6174c451737093a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7756
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29 200 1-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame CB85 90 KB
90 KB 18ms
11ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/1-1.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b877278e870c47aa303fcaea7cf0fa9f5c2c559570dd857314588999dc11a9d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92432
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B89
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=504182354&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729405&bpp=2&bdt=1187&idt=93&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5LEcg885MP&p=https%3A//www.hackread.com&dtd=98

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 17-May-2021 01:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D70
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 17-May-2021 01:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 099F 14 KB
6 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=1862161395&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=106&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=4635&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xSBAMWpVQ3&p=https%3A//www.hackread.com&dtd=111

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 40650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame 8ACD 18 KB
18 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 03:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:31:27 GMT
server: sffe
age: 75530
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18116
x-xss-protection: 0
expires: Mon, 16 May 2022 03:36:40 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0923
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

26ms
25ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 17-May-2021 01:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 00:35:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 May 2021 00:35:30 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame F65D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675825324474978&output=html&h=250&slotname=3421156210&adk=1690305034&adf=505955919&pi=t.ma~as.3421156210&w=300&lmt=1621211729&psa=0&format=300x250&url=https%3A%2F%2Fwww.hackread.com%2Favaddon-ransomware-french-insurance-axa-data-stolen%2F%3Futm_medium%3Demail%26_hsmi%3D127595845%26_hsenc%3Dp2ANqtz--Tfq3PGN4CSrZ_d3pf7u2b2IB3EJku9p_kP5Bj5H3DRxFznF6F1yavomWbJvxmw-Rd7zM6rhQru5JFvdh71VvfA0qxRg%26utm_content%3D127595845%26utm_source%3Dhs_email&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621211729407&bpp=1&bdt=1189&idt=99&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4524932979980&frm=20&pv=1&ga_vid=604263973.1621211729&ga_sid=1621211729&ga_hid=1619688195&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=531255550336000&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7KnEg148qK&p=https%3A//www.hackread.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 40650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
21ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210511&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e39c8c33976c073768a4ea70cae32c243aac2a6d709b94dedc1d86bfc5b8a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8269
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D114 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-S2xLWNIIwTLGG4i7pT9y6F7hjeIqJJREK6JJca_uqPjKitduAd02cip1qae7G_cO_ol7mydhRvnb4_EKyq1sfT9lmA6BObkHtY1zWhadalXlpxfDjWvTmI0oGw&sai=AMfl-YSsqqwcnaVI-LgiZIxlWN4urI_reIx1IysmUoDmdMl3eDDvqThSMxEcmTf3HqHA_mKymhU90xvYIKIK&sig=Cg0ArKJSzEruzJI5cEssEAE&id=lidar2&mcvt=1116&p=1026,601,1276,901&mtos=0,0,1116,1116,1116&tos=0,0,1116,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=0.7&if=1&app=0&itpl=2&adk=1690305034&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621211729494&dlt=195&rpt=79&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Microsoft-logo_rgb_c-gray-s.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame 8ACD 9 KB
9 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/Microsoft-logo_rgb_c-gray-s.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38a3671f996c113b463521575ad555cee1b7c36191326fbde2b03cba590b17be

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9558
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29 200 Grover_Logo_SoftBlack_RGB.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame 8ACD 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/Grover_Logo_SoftBlack_RGB.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

384303a22e22f4ea69565c900f857e40e2137df258856946daf32e6c17ab3b74

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4047
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29 200 gradient.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame 8ACD 8 KB
8 KB 10ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/gradient.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce47a338f176113a2af0389aee6724730e0a65673060d045c6174c451737093a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7756
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29 200 1-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/ Frame 8ACD 90 KB
90 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/1-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12446439910036996096/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b877278e870c47aa303fcaea7cf0fa9f5c2c559570dd857314588999dc11a9d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92432
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:51:50 GMT
server: sffe
date: Tue, 11 May 2021 07:30:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:12 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 17 May 2021 00:35:31 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 24C1 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackread.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackread.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 23:48:26 GMT
expires: Mon, 16 May 2022 23:48:26 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2825
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 24C1 14 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 40651
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210511&jk=531255550336000&bg=!EBOlE1fNAAY59bwoOfU7ACkAdvg8Wth-1COeoIXDEXDp8FcRl_4PaKOHziAJACZ6GOZguiKTvY4YbQIAAACbUgAAAA1oAQcKANvuBm-sTC8fU43RTOk62tXEaiRJdxjqnZjHKpv6qJjE0CAg3C527VX45ehP7qg91AOvdUIYX_JdhLiof4XdSWdvv2k5W7d-S4r-gLA8YkgCt4QNUg-e33oOPBN-QkQVLK2jitlRhNg6xhkwyHJxSKGiS1FRAhV8i7bxcfRZIYTb1pTpW0tGKqqwxVTpv3dWa6AEY9TXkOfPuDC1xWrBGZrPdi_vyPho5nLH_N8fKx00mae1gHja10U0i77idmdo9nlhXGI-yHx_yl8TXctPL-W0WWM2AhbBeWOSkASZAkPhvLlIA5nqQ3siNW615vjSqo-cT9o9I7d2G82E6nhfCAnA4uVxs_9d4IPtWpXypczbj4Zm8xZun3fgmuck3oZjRyDcWIgjma_UYpnXppgLw8pq3mT4jmhvzTDsujLCx5VpWtM6byLuMJq7JUdMdc9yYjqBGHkh5a-dInfs_H4UUkaaXeEaOmW48AVWZIEYsfs9VEdw4OtunEe3u01diObuTHld4jgZqSkXwHMDUkhQN0obw3P6QJsHFy1QOx-eq2Vr3h9RF6AxmGl1-5pKSmiDLNhcnD5tKscBgqhR7uaqnryBk8zF723LIFBA_A3ZU4rAIwjxix53v9hjCbxxNqVb69mnizd8xhiOdS34EOSfDg2KiaSYSyCFlDKTOI00r0foVIQxBeZJydmqg_9paeS7pgu3-BYNnSIRvWwmRHYoIRBzZyBUtfQdZqyugTQYju93xdp1U5o35NZy8p9OzYPpJ7xl7PGhE8eULdmCZOtXXGtjWD6pYkq9oZ7iTOtgJkoaRFQDHBByaNXtTzlxVzGIy8Zz3RSYe7i2RjCK87rwbqRFFUFCs66bwC_oHBZzvarQD059-rpTuf4iS_gezNvAm1HJ_oJr4MWe18FKMk6N0rZfX3F2FneqRuf7b2d8wXzLvIXr0aw6LdHh506cqmz6YfYPFP6ACHp18XMQRAqgBn4B6UmclFjPYXnj-561RXfd5QB0KxMQtC4P2Su_TKqFTBso3gtX5tltu4iYL_rCSEZkmBMMQfmhO0iWO4zyClTvTa0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackread.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:20:15	Name: DSID Value: NO_DATA
.hackread.com/	1970-01-19 18:20:11	Name: _gat_gtag_UA_36230183_1 Value: 1
.hackread.com/	1970-01-19 18:21:38	Name: _gid Value: GA1.2.182311018.1621211730
.hackread.com/	1970-01-20 11:51:23	Name: _ga Value: GA1.2.604263973.1621211729
.doubleclick.net/	1970-01-20 03:41:47	Name: IDE Value: AHWqTUl0Yipiy5u4gLqFK1rYpwqnNHUNWT1zEWVxkJV1D0_6lAF33_6kK4Sya7TAVtw
.doubleclick.net/	1970-01-19 18:20:12	Name: test_cookie Value: CheckForPermission
.hackread.com/	1970-01-20 03:41:47	Name: __gads Value: ID=36f9d391353fc246-22d8aa9713c800d1:T=1621211729:RT=1621211729:S=ALNI_MZ3_ELieCQWUSi2OzFNnfrMjJI3Tw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/tc/VWS95s2H3n_2W1dq3Pc63TpVbW7Kkhd54rGWqdN1zSXsX3lGnpV1-WJV7CgMztN5ZYLVfR6TnNW2_h2D75D7YdRW1DBN8Z8w7-FjW4CBDH56yBfb3W32QTcY7MqmXkN988_NfCQ0ZfW276md781sd8VN5Gkt5RQB7rlW2_VNyn6zqfp1W3W2FRy5Ky2yWN8gmnH_YKyNbW8sW85d2Z27_1Vg-ffl3RwNsVW6rLL_S6zxQXrW6c74HQ2dzyY9W82j7X63lB9vYW2Wzg-Z4dHVT_W5rRHFm6JWGZKW3XqxS47z93s8W8pyGlC5ZrtlmVLCGcY3D1CJtW61D5CF3hfXx9W5k9YlC6VkyDXW3J9rPJ7vhPTcN3Fl7Bn9wYBLVNkTKR8JmRf-39Hq1(Line 13) Message: toS
console-api	log	URL: https://www.hackread.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://www.hackread.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.7.9(Line 1) Message: not rate limited: 1621211755

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
go.recordedfuture.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
secure.gravatar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
trends.revcontent.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.hackread.com
199.60.103.2
216.58.212.130
2606:4700::6810:125e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9c
2a04:fa87:fffe::c000:4902
54.194.230.135
67.227.194.195
0004c51e30a86b9a6001d7225cf32723ad1dbbd76d1dcd0634982f0e588731b4
005cca26fed5152e1dcae725cdcea6e60d662c2ec7845b3ee005d97b1201f99c
01e9ae6ee5a4bd6ca7f8241556829aa1fd5b3e93ef17f9693314eb6e9ebacb68
0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258
060c02b4ff758b513229a1cfd8e8a5f94e08c8c94fd8c8eb50f7d6a01e72637f
09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
13af7fafce9aec6f8a24870535c592ab2a47c557c166d1ed91ff0d1fda8b117c
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180cd8e8208ef288cb3dc6d009b5a2e7f3df5854efff23d348d6b5beb1667e03
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
29684c69851d503e4dbcbf9741b727d47b5fe76076b7eef2009fc404a5ceaa54
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b877278e870c47aa303fcaea7cf0fa9f5c2c559570dd857314588999dc11a9d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
300ecda43616d76a68644bdd74c139eb08f811ab4acd6abdc1f18a67be50c3f8
31c020e98d623d9d86a904d64f4b923726a1ab664bff40a7550866ea2d4f5e03
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3329ee5bb1edc52b18015e9bdedd275415080788f9c1fdd7165bca609874c9c5
384303a22e22f4ea69565c900f857e40e2137df258856946daf32e6c17ab3b74
386e90187892e4197810ec744a78a68a487d6899ff6d378b26ae7f5aec64f190
38a3671f996c113b463521575ad555cee1b7c36191326fbde2b03cba590b17be
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
3de0ec5aa13a1afa106f706929d698c2e836963f741c652ecb3326e30ef7c3c9
47588c62570f493913955e4db8ef2ffdcaea17db9586cb191b8cd23f86b9b2bb
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4a7913eae47a8ce1a2b6f607d1b1ca19191c8a3c270c7bad5882e805e4a39b55
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5e93889c529ef2fe00b9e4ab5bf25318402c7d3065d0649a84a558ca90fb534b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
65f79a45e5222c53267aa860f2183f55c645d92d9cac7a84d2bdcce1cc42a9cc
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
6e39c8c33976c073768a4ea70cae32c243aac2a6d709b94dedc1d86bfc5b8a4c
72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
814f42691853c7f9ba005308030f114ebc2bfc863c367091645b3fddca62ec97
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
868ea210ca2c72e4cec557044b626ab2176d084546263617f49c9975e902b49b
8afc1a2899ec2d2c29c203e17c69fe00b369d1aec1634a58653208d6db298958
9801df43f7a2c3d1e3d04eb22c2bf5fb17db35d9b55d0450c00c65815b5c048e
9c05306de7c700fb4198e29b35226bdabae6cc9cd2ac42470bf9011926cde7a9
9c0cbb5a374f89014dae3f9d2fe5ac86b517a059f7c150508bac13421fb5abd8
9e4f06e8f6d650b78e5b4a0205b9ebbf0a6790feecb1fdd486bf7a57f2c4e9a6
a13a1fe4a87c09c6e9122834b5351f80012e2c539b32bc1d33c6982efab21b4b
a43ea9ee8c8781ee4b336bd35c48a0733ffa1bbafe5af97b312340173344acec
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a83b6dc4e04e6e657a3c36c83d61e410ac5ef9615e0c3dfcf3c454cde68bf243
aeb40c559d97e7bbb79841388a3b9a371c1d23ad07f69499ffd0f4625c35ec61
aec82224c09d294beea4160203832ee036a5205cbf13f4614da26b4f558e497b
afe9c8752a20b726104d37ce2f099e89eba3b62bb31a3307c5a9bbf9de3c2e2d
b5b0cab3bf2be0ec59bd3b301364a639d993e99d0d526e436442065b9406067b
b6e1a8295b37d834071ccb41155fbe01d3fab48770dec4e9be8bd9f5963e7ce7
b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7
c5a693ec553fed00d0a2992eb32b82b250e7c64ef7928c117d4c0949b62d4dca
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c79b9878da3c51b0c78bd340bfbcde214bfc314bb430f92c1acc461abd7411b0
c89ff58885f6c99c896f0d833df56bd3ffd048276624c7b31b934cadc9e57ee1
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd605c7d4107ef5b9d511b13cb1e053db59d2daa7df99e1e5754e54c0c7cec87
ce47a338f176113a2af0389aee6724730e0a65673060d045c6174c451737093a
cef751c2539d57a209824973bf2687ce2923e6b3b349b2984dbb79e9cf8e7e26
d7ab68b8a200b0714519d7d4420ac52b7a50fcc3460d5c55eff743d26a623bb8
d98f3c2459c1361d3f8325fee24d63836ed73e97bc2e104781a331d5cb0e3c16
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
dfbf744b87270c5e4148371216220d1421d01dfdbf7ad35afff64763cb852484
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c434425c454a821d998b376d3602904f443c0de6c3e6821a92510f64f1e136
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f5ff65f6176a9728855bd5ffdefe5186f5247ac00a08ccba5eed97fbd1c183f2
fa269da1269d3994bf924b91deb512641df1378d2ec6070c28a6c51f8b23d2eb
fb0bbf07d7522a4708c0e706ffcd3f92f2e0657bde2745d67b5716d56dc89675

www.hackread.com Open in urlscan Pro 67.227.194.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

100 %HTTPS

79 %IPv6

15 Domains

19 Subdomains

20 IPs

4 Countries

1779 kBTransfer

4400 kBSize

7 Cookies

14 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hackread.com Open in urlscan Pro
67.227.194.195 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

19
Subdomains

20
IPs

4
Countries

1779 kB
Transfer

4400 kB
Size

7
Cookies

129 HTTP transactions
5 data transactions