urlscan.io logo urlscan.io
SecurityTrails logo

mrhacker.co Open in urlscan Pro
104.21.21.162  Public Scan

Go To Rescan Add Verdict Report
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-deman...
Submission: On September 10 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 6 countries across 50 domains to perform 213 HTTP transactions. The main IP is 104.21.21.162, located in and belongs to CLOUDFLARENET, US. The main domain is mrhacker.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.
This is the only time mrhacker.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 104.21.21.162 13335 (CLOUDFLAR...)
2 142.250.74.130 15169 (GOOGLE)
2 142.250.74.138 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 216.58.207.232 15169 (GOOGLE)
1 192.0.73.2 2635 (AUTOMATTIC)
1 192.124.249.55 30148 (SUCURI-SEC)
13 192.229.233.25 15133 (EDGECAST)
5 173.255.249.236 63949 (LINODE-AP...)
3 151.101.112.134 54113 (FASTLY)
3 104.21.60.175 13335 (CLOUDFLAR...)
6 142.250.74.98 15169 (GOOGLE)
19 148.251.1.246 24940 (HETZNER-AS)
4 142.250.74.131 15169 (GOOGLE)
1 216.58.211.2 15169 (GOOGLE)
1 3 142.250.74.66 15169 (GOOGLE)
4 142.250.74.142 15169 (GOOGLE)
23 99.86.116.33 16509 (AMAZON-02)
8 151.101.128.134 54113 (FASTLY)
1 172.67.164.18 13335 (CLOUDFLAR...)
1 104.21.59.46 13335 (CLOUDFLAR...)
1 172.67.208.52 13335 (CLOUDFLAR...)
1 104.21.88.2 13335 (CLOUDFLAR...)
1 104.21.64.18 13335 (CLOUDFLAR...)
1 104.21.4.127 13335 (CLOUDFLAR...)
1 104.21.25.241 13335 (CLOUDFLAR...)
1 172.67.204.82 13335 (CLOUDFLAR...)
1 104.21.235.52 13335 (CLOUDFLAR...)
1 104.21.62.171 13335 (CLOUDFLAR...)
1 172.67.213.190 13335 (CLOUDFLAR...)
1 104.21.3.136 13335 (CLOUDFLAR...)
1 172.67.147.50 13335 (CLOUDFLAR...)
1 172.67.175.114 13335 (CLOUDFLAR...)
1 172.67.164.36 13335 (CLOUDFLAR...)
1 104.244.42.200 13414 (TWITTER)
8 192.243.59.12 39572 (ADVANCEDH...)
4 12 185.94.236.246 42567 (MOJHOST-EU)
1 93.184.220.70 15133 (EDGECAST)
2 151.101.114.49 54113 (FASTLY)
2 185.60.216.19 32934 (FACEBOOK)
2 142.250.74.46 15169 (GOOGLE)
2 104.16.163.13 13335 (CLOUDFLAR...)
1 185.60.216.35 32934 (FACEBOOK)
2 142.250.74.109 15169 (GOOGLE)
4 151.101.112.64 54113 (FASTLY)
5 69.16.175.10 20446 (HIGHWINDS3)
2 5 104.18.101.40 13335 (CLOUDFLAR...)
1 172.217.21.163 15169 (GOOGLE)
6 104.16.94.42 13335 (CLOUDFLAR...)
1 104.19.241.83 13335 (CLOUDFLAR...)
2 2 35.244.174.68 15169 (GOOGLE)
1 1 142.250.74.110 15169 (GOOGLE)
1 99.86.116.95 16509 (AMAZON-02)
1 1 54.76.227.154 16509 (AMAZON-02)
2 4 34.250.127.107 16509 (AMAZON-02)
1 151.101.114.137 54113 (FASTLY)
2 162.247.243.146 13335 (CLOUDFLAR...)
213 55
35    104.21.21.162 (None, )

ASN13335 (CLOUDFLARENET, US)
mrhacker.co
2    142.250.74.130 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.74.138 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f10.1e100.net
fonts.googleapis.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    216.58.207.232 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f8.1e100.net
www.googletagmanager.com
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    192.124.249.55 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10055.sucuri.net
noticiasseguridad.com
13    192.229.233.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    173.255.249.236 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li259-236.members.linode.com
www.securitynewspaper.com
3    151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mrhackerco.disqus.com
referrer.disqus.com
3    104.21.60.175 (None, )

ASN13335 (CLOUDFLARENET, US)
adsxyz.com
6    142.250.74.98 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.com
19    148.251.1.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.1.251.148.clients.your-server.de
ad.a-ads.com
static.a-ads.com
4    142.250.74.131 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f3.1e100.net
fonts.gstatic.com
1    216.58.211.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: muc03s13-in-f2.1e100.net
partner.googleadservices.com
3    142.250.74.66 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f2.1e100.net
adservice.google.de
www.googletagservices.com
cm.g.doubleclick.net
4    142.250.74.142 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f14.1e100.net
www.google-analytics.com
fcmatch.youtube.com
23    99.86.116.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-33.lhr61.r.cloudfront.net
c.disquscdn.com
8    151.101.128.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    172.67.164.18 (United States)

ASN13335 (CLOUDFLARENET, US)
egirlgirl.com
1    104.21.59.46 (None, )

ASN13335 (CLOUDFLARENET, US)
fapbest.com
1    172.67.208.52 (United States)

ASN13335 (CLOUDFLARENET, US)
nude-hot.com
1    104.21.88.2 (None, )

ASN13335 (CLOUDFLARENET, US)
porns.photos
1    104.21.64.18 (None, )

ASN13335 (CLOUDFLARENET, US)
clipsex.online
1    104.21.4.127 (None, )

ASN13335 (CLOUDFLARENET, US)
fappinghd.com
1    104.21.25.241 (None, )

ASN13335 (CLOUDFLARENET, US)
javbest.co
1    172.67.204.82 (United States)

ASN13335 (CLOUDFLARENET, US)
thesexscene.com
1    104.21.235.52 (None, )

ASN13335 (CLOUDFLARENET, US)
jav1080.com
1    104.21.62.171 (None, )

ASN13335 (CLOUDFLARENET, US)
pornbebes.com
1    172.67.213.190 (United States)

ASN13335 (CLOUDFLARENET, US)
sex4viet.com
1    104.21.3.136 (None, )

ASN13335 (CLOUDFLARENET, US)
xdultchannel.com
1    172.67.147.50 (United States)

ASN13335 (CLOUDFLARENET, US)
null88.com
1    172.67.175.114 (United States)

ASN13335 (CLOUDFLARENET, US)
phancongkhanh.com
1    172.67.164.36 (United States)

ASN13335 (CLOUDFLARENET, US)
tongdongkhue.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
8    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.effectivedisplayformat.com
12    185.94.236.246 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
1    93.184.220.70 (London, United Kingdom)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a.disquscdn.com
2    185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
2    142.250.74.46 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f14.1e100.net
apis.google.com
2    104.16.163.13 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
1    185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
2    142.250.74.109 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f13.1e100.net
accounts.google.com
4    151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
links.services.disqus.com
glitter.services.disqus.com
5    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
i.jads.co
5    104.18.101.40 (None, )

ASN13335 (CLOUDFLARENET, US)
chaturbate.com
de.chaturbate.com
1    172.217.21.163 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s03-in-f3.1e100.net
ssl.gstatic.com
6    104.16.94.42 (None, )

ASN13335 (CLOUDFLARENET, US)
static-assets.highwebmedia.com
1    104.19.241.83 (None, )

ASN13335 (CLOUDFLARENET, US)
roomimg.stream.highwebmedia.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ejp.rlcdn.com
1    142.250.74.110 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f14.1e100.net
fcmatch.google.com
1    99.86.116.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-95.lhr61.r.cloudfront.net
live.rezync.com
1    54.76.227.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-227-154.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
4    34.250.127.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-127-107.eu-west-1.compute.amazonaws.com
io.narrative.io
1    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
35 mrhacker.co
mrhacker.co
534 KB
25 disquscdn.com
c.disquscdn.com
a.disquscdn.com
814 KB
19 a-ads.com
ad.a-ads.com
static.a-ads.com
2 MB
17 jads.co
poweredby.jads.co
i.jads.co
934 KB
15 disqus.com
mrhackerco.disqus.com
disqus.com
links.services.disqus.com
glitter.services.disqus.com
referrer.disqus.com
107 KB
14 twitter.com
platform.twitter.com
syndication.twitter.com
380 KB
8 effectivedisplayformat.com
www.effectivedisplayformat.com
7 highwebmedia.com
static-assets.highwebmedia.com
roomimg.stream.highwebmedia.com
93 KB
6 google.com
adservice.google.com
apis.google.com
accounts.google.com
fcmatch.google.com
42 KB
6 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
6 KB
5 chaturbate.com
chaturbate.com
de.chaturbate.com
34 KB
5 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
108 KB
5 securitynewspaper.com
www.securitynewspaper.com
125 KB
4 narrative.io
io.narrative.io
1 KB
3 google-analytics.com
www.google-analytics.com
39 KB
3 adsxyz.com
adsxyz.com
3 KB
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 rlcdn.com
ejp.rlcdn.com
idsync.rlcdn.com Failed
1 KB
2 viglink.com
cdn.viglink.com
530 B
2 facebook.net
connect.facebook.net
68 KB
2 googletagmanager.com
www.googletagmanager.com
89 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com
84 KB
2 googleapis.com
fonts.googleapis.com
3 KB
2 googlesyndication.com
pagead2.googlesyndication.com
142 KB
1 newrelic.com
js-agent.newrelic.com
16 KB
1 imrworldwide.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
140 B
1 rezync.com
live.rezync.com
1 KB
1 youtube.com
fcmatch.youtube.com
1 facebook.com
www.facebook.com
1 twimg.com
cdn.syndication.twimg.com
2 KB
1 tongdongkhue.com
tongdongkhue.com
911 B
1 phancongkhanh.com
phancongkhanh.com
921 B
1 null88.com
null88.com
937 B
1 xdultchannel.com
xdultchannel.com
1009 B
1 sex4viet.com
sex4viet.com
964 B
1 pornbebes.com
pornbebes.com
979 B
1 jav1080.com
jav1080.com
1011 B
1 thesexscene.com
thesexscene.com
1 KB
1 javbest.co
javbest.co
1 KB
1 fappinghd.com
fappinghd.com
1 KB
1 clipsex.online
clipsex.online
1 KB
1 porns.photos
porns.photos
1 KB
1 nude-hot.com
nude-hot.com
1 KB
1 fapbest.com
fapbest.com
1 KB
1 egirlgirl.com
egirlgirl.com
1 KB
1 googletagservices.com
www.googletagservices.com
27 KB
1 google.de
adservice.google.de
853 B
1 googleadservices.com
partner.googleadservices.com
657 B
1 noticiasseguridad.com
noticiasseguridad.com
32 KB
1 gravatar.com
secure.gravatar.com
3 KB
213 50
Domain Requested by
35 mrhacker.co mrhacker.co
adsxyz.com
23 c.disquscdn.com mrhackerco.disqus.com
disqus.com
c.disquscdn.com
mrhacker.co
13 ad.a-ads.com mrhacker.co
tongdongkhue.com
phancongkhanh.com
null88.com
13 platform.twitter.com mrhacker.co
platform.twitter.com
12 poweredby.jads.co 4 redirects xdultchannel.com
jav1080.com
pornbebes.com
poweredby.jads.co
sex4viet.com
8 www.effectivedisplayformat.com fapbest.com
fappinghd.com
javbest.co
porns.photos
clipsex.online
egirlgirl.com
thesexscene.com
nude-hot.com
8 disqus.com mrhackerco.disqus.com
c.disquscdn.com
6 static-assets.highwebmedia.com de.chaturbate.com
static-assets.highwebmedia.com
6 static.a-ads.com ad.a-ads.com
5 i.jads.co poweredby.jads.co
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 www.securitynewspaper.com mrhacker.co
4 io.narrative.io 2 redirects mrhacker.co
4 de.chaturbate.com 1 redirects poweredby.jads.co
de.chaturbate.com
4 fonts.gstatic.com fonts.googleapis.com
3 links.services.disqus.com c.disquscdn.com
mrhacker.co
3 www.google-analytics.com www.googletagmanager.com
mrhacker.co
de.chaturbate.com
3 adsxyz.com mrhacker.co
adsxyz.com
2 bam-cell.nr-data.net de.chaturbate.com
2 ejp.rlcdn.com 2 redirects
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 cdn.viglink.com mrhacker.co
2 apis.google.com c.disquscdn.com
apis.google.com
2 connect.facebook.net c.disquscdn.com
connect.facebook.net
2 a.disquscdn.com mrhacker.co
c.disquscdn.com
2 mrhackerco.disqus.com mrhacker.co
mrhackerco.disqus.com
2 www.googletagmanager.com mrhacker.co
adsxyz.com
2 netdna.bootstrapcdn.com mrhacker.co
netdna.bootstrapcdn.com
2 fonts.googleapis.com mrhacker.co
2 pagead2.googlesyndication.com mrhacker.co
pagead2.googlesyndication.com
1 js-agent.newrelic.com de.chaturbate.com
1 obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com 1 redirects
1 live.rezync.com c.disquscdn.com
1 fcmatch.youtube.com c.disquscdn.com
1 fcmatch.google.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 referrer.disqus.com mrhacker.co
1 glitter.services.disqus.com c.disquscdn.com
1 roomimg.stream.highwebmedia.com de.chaturbate.com
1 ssl.gstatic.com accounts.google.com
1 chaturbate.com 1 redirects
1 www.facebook.com c.disquscdn.com
1 cdn.syndication.twimg.com platform.twitter.com
1 syndication.twitter.com platform.twitter.com
mrhacker.co
1 tongdongkhue.com adsxyz.com
1 phancongkhanh.com adsxyz.com
1 null88.com adsxyz.com
1 xdultchannel.com adsxyz.com
1 sex4viet.com adsxyz.com
1 pornbebes.com adsxyz.com
1 jav1080.com adsxyz.com
1 thesexscene.com adsxyz.com
1 javbest.co adsxyz.com
1 fappinghd.com adsxyz.com
1 clipsex.online adsxyz.com
1 porns.photos adsxyz.com
1 nude-hot.com adsxyz.com
1 fapbest.com adsxyz.com
1 egirlgirl.com adsxyz.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 noticiasseguridad.com mrhacker.co
1 secure.gravatar.com mrhacker.co
0 idsync.rlcdn.com Failed live.rezync.com
213 66
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
noticiasseguridad.com
Starfield Secure Certificate Authority - G2		 2021-09-05 -
2022-09-05		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
securitynewspaper.com
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
a.disquscdn.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
effectivedisplayformat.com
R3		 2021-07-21 -
2021-10-19		 3 months crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2020-11-27 -
2021-12-28		 a year crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-26 -
2022-05-28		 a year crt.sh
*.highwebmedia.com
DigiCert ECC Secure Server CA		 2019-10-02 -
2021-10-04		 2 years crt.sh
*.stream.highwebmedia.com
DigiCert ECC Secure Server CA		 2019-10-07 -
2021-10-14		 2 years crt.sh
*.rezync.com
Amazon		 2021-01-26 -
2022-02-23		 a year crt.sh
*.narrative.io
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh
*.newrelic.com
R3		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 54 frames:

Primary Page: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Frame ID: 8A116E2FC7B4E7BDBB07B6340489EC75
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 48B6EEB03F2FBF2B70EAACFB09987904
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313465?size=728x90
Frame ID: 77F786A99B1E1F5AD9023F7A2079567F
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313461?size=200x200
Frame ID: 9546995A4EB0AFEDB15DCFAF6CE9FC3C
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: F618C3AED4226B4A80120D9AF27FCA30
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 575BF13AA888ABE71DF574B0DB2BA95A
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linkxyz/index.html
Frame ID: 3D7E11CBFBB3B5A4938D0403919DE004
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313466?size=990x90
Frame ID: 38B2C18AB464034F69AD090B1A748FED
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313463?size=320x50
Frame ID: 1C44A08E50CFA715039724042EF43887
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313465?size=728x90
Frame ID: 11300FACB93A40E4282F3EF89469C394
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313462?size=300x250
Frame ID: 5B68C4C377F2FEA1EB48DA483FEDD48A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631250423&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250418445&bpp=4897&bdt=338&idt=5137&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7590584911786&frm=20&pv=2&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=5187
Frame ID: AA49AD18B5540876FB05484AB1F939D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423369&bpp=5&bdt=5262&idt=284&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7590584911786&frm=20&pv=2&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BXZJVSGAEG&p=https%3A//mrhacker.co&dtd=292
Frame ID: C6185958F5F0A4716B920A55C411469A
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 6CCD70DC19714C9C6271812879ED1EC4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrhacker.co
Frame ID: 84003C0A22938C433B74C24C4F54ECC4
Requests: 2 HTTP requests in this frame

Frame: https://egirlgirl.com/banner/adsterra_300x250.html
Frame ID: 0CC011045C2A0FA024B90BEFF4D11F6F
Requests: 2 HTTP requests in this frame

Frame: https://fapbest.com/banner/adsterra_300x250.html
Frame ID: 4C0D52BB62572BC29E485A61B4E92B31
Requests: 2 HTTP requests in this frame

Frame: https://nude-hot.com/banner/adsterra_300x250.html
Frame ID: 66C52D592CC0DB689551E55FF3CAC1CA
Requests: 2 HTTP requests in this frame

Frame: https://porns.photos/banner/adsterra_300x250.html
Frame ID: 313110E033A84BCAB02E7DE00CDC35AE
Requests: 2 HTTP requests in this frame

Frame: https://clipsex.online/banner/adsterra_300x250.html
Frame ID: DD21B04F8AA2E8711A4FF6B7AF0E91E0
Requests: 2 HTTP requests in this frame

Frame: https://fappinghd.com/banner/adsterra_300x250.html
Frame ID: 1D9F1C7FD2784F59AE222DFAA9158475
Requests: 2 HTTP requests in this frame

Frame: https://javbest.co/banner/adsterra_300x250.html
Frame ID: 25E2AE57C71C9C98AEE7AB623576F05A
Requests: 2 HTTP requests in this frame

Frame: https://thesexscene.com/banner/adsterra_300x250.html
Frame ID: E56BEAC4DCF627C57E6867E426D9EBA1
Requests: 2 HTTP requests in this frame

Frame: https://jav1080.com/banner/juicyads_300x250.html
Frame ID: 4897185460CCC4D10D317107397E9E4F
Requests: 2 HTTP requests in this frame

Frame: https://pornbebes.com/banner/juicyads_300x250.html
Frame ID: 09FFBE6BC6B7796E9B4026159E508CDC
Requests: 2 HTTP requests in this frame

Frame: https://sex4viet.com/banner/juicyads_300x250.html
Frame ID: 4E84E40474935EE210F74EC3495F00A2
Requests: 2 HTTP requests in this frame

Frame: https://xdultchannel.com/banner/juicy_300x250.html
Frame ID: B8B84C5347162227CFE2B8463B181355
Requests: 2 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_300x250.html
Frame ID: C9EF729AD28DF3D06B900E226B4EA38A
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_300x250.html
Frame ID: 17CE905CA68BBAEB365A4E1A611A27A7
Requests: 1 HTTP requests in this frame

Frame: https://phancongkhanh.com/banner/aads_300x250.html
Frame ID: 39FC0090EBE533FCAA1A5FB4804FF51B
Requests: 1 HTTP requests in this frame

Frame: https://tongdongkhue.com/banner/aads_300x250.html
Frame ID: 337955685EB3820E1CF509FA87877DB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423374&bpp=1&bdt=5266&idt=341&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=gNEuJPMBF1&p=https%3A//mrhacker.co&dtd=346
Frame ID: 415844683DC09E35D17457F6E312900C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423375&bpp=2&bdt=5268&idt=359&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Sm9bps8Od1&p=https%3A//mrhacker.co&dtd=362
Frame ID: 429A8A1DA27D7F620E77CF56E448CE54
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Frame ID: 44ECF80893292F5C4D6AF1A18BD8777B
Requests: 19 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313462?size=300x250
Frame ID: A1A78B6D35FD3FF8ACF09D5B91E2C3EA
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1687802?size=300x250
Frame ID: 1EC84F9053074C3AFC43C842F1C05C13
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1687823?size=300x250
Frame ID: 7AF8A0B237504F33FA064EE88F14C698
Requests: 3 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929956
Frame ID: 4E98E81B3484F959B51AAF7E396341AE
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929956
Frame ID: 6BA5AA0FD53F34E9CEBD750EB86084D4
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929973
Frame ID: A381C9798C2D983D5250892560BC91EA
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929973
Frame ID: BD98306F3CA2C6545A233D62050A7D39
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Frame ID: 199C15F78D041F8E2C99C4C5158923EE
Requests: 12 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
Frame ID: 95264B4F0F375A3BEE323C33E0B159AF
Requests: 14 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929979
Frame ID: B287674DF853F67898DA71555FD2BA17
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929979
Frame ID: 1F326C89737423C6989C83E8B038D885
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331410?size=300x250
Frame ID: 4D66FB6FE9157C3B3D159D4D88BBE981
Requests: 3 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 811134EF48AA48E6628F86941BDC7635
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 05C5CBAE8F6AA25E42442FFDE813619F
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929967
Frame ID: 9E761A5C952D674E160466C33FC88965
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929967
Frame ID: 3DE3D77889C0CD12BBADCB74CDA14753
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: F23096F4DC25C46E9462AC6E94DC65CF
Requests: 3 HTTP requests in this frame

Frame: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Frame ID: 412BA0014DB02002577D397FCC34A2EA
Requests: 14 HTTP requests in this frame

Frame: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrvjRO_pQOWQ
Frame ID: D7310DC6211DFE129B2487AE1D6CF53D
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qn4bu2ib5tep&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
Frame ID: 3FC0698AFA67A89D1731CB266EF9A5CA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lockbit ransomware hacks Accenture, encrypts 2,500 computers, steals 6 TB of data and demands $50 million USD ransom | MrHacker

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

213
Requests

97 %
HTTPS

0 %
IPv6

50
Domains

66
Subdomains

55
IPs

6
Countries

5709 kB
Transfer

8864 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 114
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 125
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 178
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 194
  • https://chaturbate.com/in/?track=xdultchannel&tour=x1Rd&campaign=NcAyU&c=1&p=0&gender=f HTTP 302
  • https://de.chaturbate.com/in/?c=1&campaign=NcAyU&track=xdultchannel&gender=f&p=0&tour=x1Rd HTTP 302
  • https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Request Chain 213
  • https://ejp.rlcdn.com/501709.html HTTP 307
  • https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCPrP64kGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWcyM2FEaWs1dVM1MkNEd2VEZk1xNWFWSGxRemdtY05Pb2RRMWlHaHVRMA==&google_cm&gdpr=1&gdpr_consent=CPLPDEMPLPDN_ADABCENBoCsAP_AAH_AAAAAGSIF5C5URCFD4GJsIJIUIAEXwFAAAGAgBgQBA4AACBCAEAwEkAAAEAAAIAAAAAAAIAIAAAAACAkAAAAAQIAAIQAAAAQAIAAAIAIACAAAEAAAAAgAAoAQEAAAAAAAAAAAgAAAAAYAQMkQLyFyoiEKGwMDQQCQoQAIigKAAAMBADAACBgAAECEAIBgJIAAAAAAAQAAAAAAAQAQAAAAAABIAAAAAgQAAQgAAAAgAQAAAQAQAEAAAIAAAABAABQAgAAAAAAAAAAABAAAAAAwAgAA.YAAAAAAAA4AA HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrvjRO_pQOWQ HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrvjRO_pQOWQ
Request Chain 215
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac13qn4bu2ib5tep HTTP 302
  • https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qn4bu2ib5tep HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=f189b8f0-11f4-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qn4bu2ib5tep
Request Chain 216
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac13qn4bu2ib5tep&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=f1860f70-11f4-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac13qn4bu2ib5tep&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
Request Chain 220
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=6030769929203125969 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9ae06846-78d2-4ad7-a6a8-3dda45ea3ba3%3A1631250426.28&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc13qn4bu2ib5tep HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qn4bu2ib5tep
Request Chain 221
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9ae06846-78d2-4ad7-a6a8-3dda45ea3ba3%3A1631250426.28&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316022945603513 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qn4bu2ib5tep

213 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
mrhacker.co/malware/ 		107 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28cad4d2706759da473a781f88e9a39db97003858b646a2d30e87a3ca49b1291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-cf-powered-by
WP Rocket 3.3
link
<https://mrhacker.co/wp-json/>; rel="https://api.w.org/" <https://mrhacker.co/?p=50640>; rel=shortlink
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aqleSniHSA%2BU%2B4nWQAWnwRUiveTNIcwXdU7lYQD9ipT2wCkRsJVp0fFW5ULwQuq3qP2Z%2BggU882nKbD%2BFx%2FGJlXzmY8hJwoB700JxlIhpmHMW7v5Gu%2B176AbzSkhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c62141bbdcee79-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49407
x-xss-protection
0
server
cafe
etag
15848656404417496526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 05:06:58 GMT
style.min.css
mrhacker.co/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117848
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 17 Nov 2019 06:06:56 GMT
server
cloudflare
etag
W/"5dd0e380-a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrJ3YBv8n4Mr9cFR%2Bj%2B5UDnaC1BWhwHc1hxEhMX7WlgprmV%2BPxewbILfMMmcyFkgUilsAaEl77HygBc6jan%2BVzN3Ao56hsJ4VQ8m2ZQbbxwKZ%2F7SLuv3uqct%2B2GF%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495a9fee79-CDG
expires
Fri, 08 Oct 2021 20:22:49 GMT
style.css
mrhacker.co/wp-content/plugins/monarch/css/ 		113 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

:path
/wp-content/plugins/monarch/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-1c56d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaqTn%2Fttvq0Yh0KfQIJHkQ%2FeUqaJtcDuuzSWDecVC%2BMfzxz3CM%2BEeK3zCV%2BqYnRqesKy3PVqeaIqhy0NB%2FUJADejIO7I8PnR3g3EdINBxhaKFMSBFiOoNlbHZovdhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa0ee79-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f10.1e100.net
Software
ESF /
Resource Hash
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 03:37:36 GMT
server
ESF
date
Fri, 10 Sep 2021 05:07:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 05:07:03 GMT
reset.css
mrhacker.co/wp-content/themes/flex-mag/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/reset.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

:path
/wp-content/themes/flex-mag/css/reset.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVIFv8jOgIyso9aJ9pJVAJk0lFHCDpw7%2F4uDTWYzGFdDiB73jJUrGG1KsuydQxRm95FH4cQNJXLpHraH%2BB%2BWE%2Fc6xrRwrTjvqHsL6%2FmhK5t4oALnppZ9x9engUEYLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa1ee79-CDG
expires
Sat, 09 Oct 2021 02:09:22 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718, 718
age
4845950
cdn-cachedat
2021-06-08 21:27:09
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
84efc932bb0090ba965988d551acdd8d
cf-ray
68c6214a28c5049f-CDG
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
style.css
mrhacker.co/wp-content/themes/flex-mag/ 		92 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/style.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a

Request headers

:path
/wp-content/themes/flex-mag/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 10 Aug 2019 13:18:30 GMT
server
cloudflare
etag
W/"5d4ec426-170e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ%2BJdUY80RENSRV0KO93kRZ%2FRARswRTzErfHpwyKySgatT9q8bzbgRDpwwGZPgR3fYt7Ugk7IlDTFHR6t%2F%2FWpmrCE%2FbYyqXG2L1l6z%2Fol28dEvlYSuyXyUBqHRyuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa2ee79-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f10.1e100.net
Software
ESF /
Resource Hash
0b56ce20fe245aec9d7edace03deb7971d8be11bfbe723305347c1cd67622a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 05:07:03 GMT
server
ESF
date
Fri, 10 Sep 2021 05:07:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 05:07:03 GMT
style-sports.css
mrhacker.co/wp-content/themes/flex-mag/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/style-sports.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557

Request headers

:path
/wp-content/themes/flex-mag/css/style-sports.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 18 Aug 2019 15:31:52 GMT
server
cloudflare
etag
W/"5d596f68-ed5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlPxb6WD7xBQygNbOl%2BlpHXrxK%2Fm6e3h67dIN12aOf5UqLRJBwc0b2UGaIOB6vORgSLoQQCJ6AMiBgxquHihNHixqpwF7j19kvGRAuucZow9gu9FmR%2FPm7K7RS9jJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa4ee79-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
media-queries.css
mrhacker.co/wp-content/themes/flex-mag/css/ 		91 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/media-queries.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d

Request headers

:path
/wp-content/themes/flex-mag/css/media-queries.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540316
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-16af9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyFfz%2BCumlc5TvhMY8oAlDxix%2Bbpc1ugtvG4nWtEUcBftJuHMF5iwHzSRxP6wY%2B4Dr%2ByWUrC%2FhaGFCFInESG2dapxFxp2EzJxFSSiPliOD%2BeY27NE8eXNg4w8bL3Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa5ee79-CDG
expires
Sun, 03 Oct 2021 23:01:41 GMT
jquery.fancybox.min.css
mrhacker.co/wp-content/plugins/easy-fancybox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

:path
/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2253014
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-fda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB%2BlBW9TANEGwFqM6CqeebMjeGopVeVI%2Ba5CD%2BxxLfTFIwSdCmnA6IkxpubcbW9RVmvcJHqXKKbKG%2F8zERC%2BgNl2t3rmSJ%2FKmRig76SYEMMCEcLzvlTjE01rOMNvpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa6ee79-CDG
expires
Tue, 14 Sep 2021 03:16:44 GMT
jquery.js
mrhacker.co/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 May 2019 10:08:54 GMT
server
cloudflare
etag
W/"5cde8836-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBXfrLShByFjEI0kqOf85Z3Y8C1pzLmj2j21ym%2FNaSK7B4kS%2Fn%2Bv%2B%2Brm1Dk6VGfvdNgNtg%2BtK%2F7SDoDl6RKmjgHPdV8ik39tgAWa94cOOQl6wFZrgq41U7%2BaRAfiiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa7ee79-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery-migrate.min.js
mrhacker.co/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:06:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 May 2016 23:11:28 GMT
server
cloudflare
etag
W/"573e4820-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePhAW82VTlGLmcaUP3dAkq3BwGkop1Q6efzWDXu%2B245N2OPB3r8GZqaByINS9ASt4Z%2Fs7vZFgx92eys8UrkDDe4rFWEPO%2BUAor5tggTAeyn1Zj1%2Fnp1hzLFDsHtD6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c621495aa8ee79-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146590598-1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.232 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9fc553e158247ab66c00705075038b54b65b0d57cf7f959415d01508831ab54f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41241
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 05:07:03 GMT
logo-7.png
mrhacker.co/wp-content/uploads/2019/08/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2019/08/logo-7.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b

Request headers

:path
/wp-content/uploads/2019/08/logo-7.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1226821
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
60307
last-modified
Wed, 21 Aug 2019 17:52:56 GMT
server
cloudflare
etag
"5d5d84f8-eb93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fm%2BHkkqX8zrAEGYfaMU8Dvr%2BPX03f7ILHFWAutZY4yGO6baZZWUPKHE9zhfKiBergjEJw0xTkRkdoFGl4M1rxzgg4i5FE9DvfLVzCNUmPcZe31eau2EBK%2BWtPR1RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eaf0399f-CDG
expires
Sun, 26 Sep 2021 00:20:01 GMT
3ce722f11a748f0a8912ddbf696f7c6f
secure.gravatar.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 10 Sep 2021 05:07:03 GMT
last-modified
Sun, 26 May 2019 07:53:07 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="3ce722f11a748f0a8912ddbf696f7c6f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g>; rel="canonical"
content-length
2298
expires
Fri, 10 Sep 2021 05:12:03 GMT
lockbitfeat.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/lockbitfeat.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23784bc09df3bf670e055d89cac3953bec965fd2798e7ceea9bc0751f8c3f7c8

Request headers

:path
/wp-content/uploads/2021/09/lockbitfeat.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42691
last-modified
Thu, 09 Sep 2021 14:00:02 GMT
server
cloudflare
etag
"613a1362-a6c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGkW7Zx2e1IrFruOayxAiuWcEk8iu0kT4kWIZnoH1bblVICwNtZmTi3zZ5uwq0bUvO5nQ454EepsHzg3C8tZEXjEbTqvVmJemybdUMk3lKcyTtmo652LQux76rwDVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eaf4399f-CDG
expires
Sun, 10 Oct 2021 05:07:03 GMT
email-decode.min.js
mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhkKf8bY6CHbVY2YQAZmfAy6LP3pa0erZ3zV7SFaiBShauP%2BLaHq6qzBV6lQc8iaFJfRCjNQIHSqf8HVhgQHXhNuF3RJJDyx7xi7rCxTm1Uk6JQTj4dVELK2s6Ve5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68c62169cab6399f-CDG
vary
Accept-Encoding
expires
Sun, 12 Sep 2021 05:07:03 GMT
accenture11082021.jpg
noticiasseguridad.com/nsnews_u/2021/08/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noticiasseguridad.com/nsnews_u/2021/08/accenture11082021.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.55 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10055.sucuri.net
Software
nginx /
Resource Hash
f64f60433b4f5da1b4da833c5107f1706b4dc066e99c0e77be10c8347357c6bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 22:30:56 GMT
server
nginx
etag
"7c92-5c9502bfd10d0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15005
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
31890
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/67E0)
Age
927
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
IMG-20200124-WA0008-e1579911562178.jpg
www.securitynewspaper.com/snews-up/2020/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2020/01/IMG-20200124-WA0008-e1579911562178.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b4b322a1c204d7612c309926c7f9eb95d2c87a7ed5dcfa40ccb9ff633b476d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Sat, 25 Jan 2020 00:19:22 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"306e-59cebd37c586f;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
12398
apple-scan-us-iphones-for-child-sexual-abuse-content.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/apple-scan-us-iphones-for-child-sexual-abuse-content.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735390a173579c143e2936e08e55c4d274a0bd12a4417a76a5a46dc399c47b2c

Request headers

:path
/wp-content/uploads/2021/09/apple-scan-us-iphones-for-child-sexual-abuse-content.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48831
last-modified
Thu, 09 Sep 2021 07:58:52 GMT
server
cloudflare
etag
"6139bebc-bebf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtVJuDKRVWGUmKHUMTaO4oarE1WjV4xq68HizYWtGlCUs6Pb%2BH6fJwOhMgc9prrY9qg0u4uQvhCQ3Wpk%2BTJpIK68YT8wnfVl54wBTO%2BvKD08RednggJqCNzURj5aZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eaf5399f-CDG
expires
Sat, 09 Oct 2021 08:11:59 GMT
sap.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/sap.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34be9c92d57ca29addff71fb9cd4e9b8dc985bb5efa65bb1d44741b78913d004

Request headers

:path
/wp-content/uploads/2021/09/sap.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26113
last-modified
Fri, 10 Sep 2021 01:59:04 GMT
server
cloudflare
etag
"613abbe8-6601"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kooEVgKil6aDrqLUoLoyBAuoBGgTlixekQNb9gJYE6O8f4fSKXKw%2FzuwRKuRRUjWSruvtERDRTJybhTJzLo7WeNzCmMvQHEQM3H1yxNJ4%2FLqqIhZr3lHWnnnDVVP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eaf6399f-CDG
expires
Sun, 10 Oct 2021 02:09:51 GMT
microsoft-office-hack.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/microsoft-office-hack.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61df0fc2c152857b8b8a83ba6cd2090d8aadca63d178fcfc7c3348c517a5861

Request headers

:path
/wp-content/uploads/2021/09/microsoft-office-hack.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48517
last-modified
Fri, 10 Sep 2021 01:59:05 GMT
server
cloudflare
etag
"613abbe9-bd85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51F1ZO0Mf6JeIY%2FT7owovTNhzrUIC2q81GfSbRYJmvcGB1deH9wnC%2FQ%2BboYaSxAZ1KzPRBRQolFJYBdti3Hha%2BgEenCjAGKIiBHxhozawDl90V0b84Cdk0b1HgRQ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eaf8399f-CDG
expires
Sun, 10 Oct 2021 02:09:51 GMT
jenkin.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/jenkin.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
305daef39f0eeb367fac9fed5f4ecdd67cc9fcce8b0b5e90484c4fffa6a5444e

Request headers

:path
/wp-content/uploads/2021/09/jenkin.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
62451
last-modified
Fri, 10 Sep 2021 01:58:58 GMT
server
cloudflare
etag
"613abbe2-f3f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7ugW77%2BWYlbJE11pFOQJ1s7t%2BKkuXEQTALr6IMHsQcdtEGDVzWPej7N4gWKhBIfq04je71rxaYCMN%2BYuvOfCRtF8uZry%2FOsZr%2FeX0s2M2h3eA4qDzAK%2BJEXNqOhXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eafa399f-CDG
expires
Sun, 10 Oct 2021 02:09:51 GMT
malwarecodefeat-1.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/malwarecodefeat-1.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1520a035130dd251491a4d3a225f9df6b4614e5e734f207afba4ab643c2bc46f

Request headers

:path
/wp-content/uploads/2021/09/malwarecodefeat-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35389
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26615
last-modified
Thu, 09 Sep 2021 14:01:15 GMT
server
cloudflare
etag
"613a13ab-67f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF5e%2FkbBlKbmMdXc5HK2A2C8p8UgO6PgNSkDf%2BY0s8XKY5rw3sSKg2UMONm008q2xzS8STLDnbN2PfREs4QEFtQhpYQRgXrB3MkXtbtjvQuXkUTdeh1JwhoM00yUww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eafc399f-CDG
expires
Sat, 09 Oct 2021 19:17:13 GMT
logo.png
mrhacker.co/wp-content/uploads/2019/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2019/08/logo.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88

Request headers

:path
/wp-content/uploads/2019/08/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371237
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11497
last-modified
Wed, 07 Aug 2019 10:33:00 GMT
server
cloudflare
etag
"5d4aa8dc-2ce9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCh70QE66e3FrOj965Dc9BaWSDdMKv52MeWim40Mn4C6Y4oWWYYObYTxY9jAozQFA28YTGc0XU97k1KTmRhaOuufdLVAYdiRdakD7LxbxLgzfv18wZvfE3Lrc4v90Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62169eafe399f-CDG
expires
Tue, 05 Oct 2021 21:59:46 GMT
comment-reply.min.js
mrhacker.co/wp-includes/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/js/comment-reply.min.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 17 Nov 2019 06:06:56 GMT
server
cloudflare
etag
W/"5dd0e380-951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBdIiGNo5GCVYotUuZHuVR5VnPIl4xlDqyT%2BfCySx8mr%2B5Lo%2BOPQG3j%2F2ZMoFj5rSDv9aow5NbzIKOlvOtw0bb8A%2FBcJhm%2BOvXfhNOPjUYqZCggn2qd%2B3YjdNWPjAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169cabd399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
ResizeSensor.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-1743"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhhU9hf%2Fv3OTlblTDrj6kzTRiLP29WDoQ4Sxqklgii4D0wEnNT%2BMiO5rrmTB2Oyn1aY297qzRgWWjvF1PaZCOPZTPCAjUXeK5s%2BOzW6A%2FNkntFikoAHsp1YozOryWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169dad2399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
theia-sticky-sidebar.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-3e36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxHCpY3oMUS%2FGgAfCMT84mm1Xye5ahEfSMlPrL4nkbxOjMNYnj6rzmgFH5a%2FyiprozETBODp9eywiIodp7obC7V%2Bz759mubKk8chPJpdoRgoKcc3WS%2BMeNEktu9Plw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169ead8399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
main.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 		435 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-1b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrfSuiCNSVimIrkukYFJTfrRpSNyp4AHH%2FZTInTcvuLktrUjXIsmJLi8anw1xruSsgszxfHAetuPFcDtAEBKfddSESo%2FFpb4ijZqpu5%2B8AXsCllNsn96LG29ArSNaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eadf399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
idle-timer.min.js
mrhacker.co/wp-content/plugins/monarch/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Request headers

:path
/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-9d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJazXao7BogsLA1npsPudEjnvZMLA5%2FkpGcXd8pRCHoHLgmF%2FVWIHIMUlH13bAFdywiEUDw55Ji45PBWYjZRX5gibkaFqwi2DugGdycZswZ1RupUORsRrpE7bxARiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eae2399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
custom.js
mrhacker.co/wp-content/plugins/monarch/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112

Request headers

:path
/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-6703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fv4nE3JD19GQAv7qkfVpnJB%2FOcHg5YnBEbpqcbjlXtv%2FeBF5cx%2Fv3iIASN277Za3lXdpB2dtn3D9yxTUKWdmHp%2FN95QmBPbhAvlSzQBf%2BJSkQCbgAImUrxsk9oVrTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eae4399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
scripts.js
mrhacker.co/wp-content/themes/flex-mag/js/ 		142 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e

Request headers

:path
/wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-237aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4WotFyqbLdSlDoziNbJb5Px4066F1iyIfaItnZNCxlEbXTYbf%2F%2BmnPys0A31eE8%2FRP4t5hnKePlSEDk7hR4ruF7fyBVMXH6m5JVS0GrWG%2BgooQ7N4Nvjb%2F9rVeIZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eae6399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery.infinitescroll.min.js
mrhacker.co/wp-content/themes/flex-mag/js/ 		21 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

:path
/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-54c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evz9gLXoWBgCguqwJu2sYTnvsO50qoc8%2FEhB1JPeH0DYyJRmdWAK689BcRUfcP7LE7Djlu7hOIKlBIlyOXGfGnCdPjRHGoyvJRfXlkS5JUhfGb7SKhZ18L77T%2FHCcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eae7399f-CDG
expires
Sun, 03 Oct 2021 23:01:42 GMT
retina.js
mrhacker.co/wp-content/themes/flex-mag/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

:path
/wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204772
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-c20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9TFogz1CCVDxluxO1Utkk%2BOYoAUTrRW7Za8fzKi%2BBgoJYGIFSVa9pr1OJ8T2IJZ%2FEcjxQjoG8G7fH0HLBrYd4xj0mWbczuDxXPQ96QqAKbTRkmap%2Bp6JZ%2Fpdm8tVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eae9399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery.fancybox.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-4d4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2Q%2BrnwVKZBIj5S6Y0w%2BHLSl2WMJRaCsTshUx7j3g2fEBhb5r7rsV9AJe2s%2FvWRAgXbvIKxTgVOCLP3HSZq0VhHc1cU9x2xmtrGUkQYNmzTbvMNatumwQtLBKm47CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eaea399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery.easing.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-8fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BKXyXFoE9GN8k5eaWVLtzspfNVWQfElBDfKloKsWxf5AG4FNNEc6vQAbpns9Dj9VPqmrfbfS81wRDzAcvifusZ3jBUW%2FzE3A5M2UdMgHMMpNHSE0885pcS7Uz6CQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eaec399f-CDG
expires
Sun, 03 Oct 2021 23:01:42 GMT
jquery.mousewheel.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-a31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=notZ6Kz164gs5wX%2FB1IS%2F6M5wkRM3dk38g07iE6RfuVDElubsw2pbR2gA5gB1HkoXAkIUvPp0e%2B2JqqD%2FwIJtcgWoAt%2Bw7SaIYBF1040szU3LHjZNAJuYzHWk%2F6SnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eaed399f-CDG
expires
Sun, 03 Oct 2021 23:01:42 GMT
common.js
mrhacker.co/wp-content/plugins/monarch/core/admin/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

:path
/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97061
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-550"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh1FJ3p9bEn7%2B2Zenngtn1Qc700vyMeD%2BfManJEdG7fxbtxCSi2amPSu89rNCn7EVGu%2BRe69rUrr1MoCR8ogIGElr7Qoe8%2Bah%2FMydH3Viqpa7F3nCLbWcOfTAYLDdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eaee399f-CDG
expires
Sat, 09 Oct 2021 02:09:22 GMT
script.min.js
mrhacker.co/wp-content/plugins/boxzilla/assets/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb

Request headers

:path
/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 03 Dec 2019 11:55:32 GMT
server
cloudflare
etag
W/"5de64d34-4677"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhp7N4KeCSGfTnFxsS5%2BDhDfqCKLc98sssmC%2Bb2L4kJHEIf%2F%2FEwQjFLRvsnJKgINF0vg5ZYs4jViCrIAOPItMMpDJuMVdZ7UakZtCgM4bBnC9eXELQYD7tLbQkBy4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62169eaef399f-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
embed.js
mrhackerco.disqus.com/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ffe4bb4cb364bdafa7922232219191f095cf7ff16ad22b9b679c284632248165
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24740
network.js
adsxyz.com/sponsors/network/ 		827 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsxyz.com/sponsors/network/network.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18552
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 24 Jan 2020 05:18:04 GMT
server
cloudflare
etag
W/"5e2a7e0c-33b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgJEOgw7uoZpegqsX3fN%2FfwC6%2FqbgHATBr26%2ByTFWqAXz4HGU1Qhvwh8tsj0ABnhSoJh1%2BnNICTqJANVGIV0nOhFSzYOlkGhYgEdWexXONQjQsLoYKM%2FP51W5I2P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c6216a5f59cdb3-CDG
expires
Sat, 09 Oct 2021 23:57:51 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95420
x-xss-protection
0
server
cafe
etag
5659919450890713277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 05:07:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 48B6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210831/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 09 Sep 2021 23:41:29 GMT
expires
Thu, 23 Sep 2021 23:41:29 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
19529
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1313465
ad.a-ads.com/ Frame 77F7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313465?size=728x90
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
ce5e06b88f576dd0ddf5693390149a7264893d1bb9e5fd3285e8a64c3841794e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
4566177
cdn-cachedat
2021-06-08 21:27:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5b52e3eb3ff31b03a845b60e5ed78c65
accept-ranges
bytes
cf-ray
68c6216a0dde3a4d-CDG
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:47:13 GMT
x-content-type-options
nosniff
age
569990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 14:47:13 GMT
mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 04:46:26 GMT
x-content-type-options
nosniff
age
1237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15188
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:24:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 04:46:26 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 19:30:20 GMT
x-content-type-options
nosniff
age
207403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 19:30:20 GMT
1313461
ad.a-ads.com/ Frame 9546 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313461?size=200x200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
3085fce880c4fead5c7a600c73bb559d58f3ee5a894e4d32a8407c20061045f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
malwarecodefeat.jpg
www.securitynewspaper.com/snews-up/2021/08/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/08/malwarecodefeat.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
1520a035130dd251491a4d3a225f9df6b4614e5e734f207afba4ab643c2bc46f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Thu, 05 Aug 2021 16:54:40 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"67f7-5c8d2c6671cc7;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
26615
hackingtech.jpg
www.securitynewspaper.com/snews-up/2021/08/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/08/hackingtech.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e33ab36f8dd445e60f43e39b3a4d37f0eeb91647d65a665e0e1cf15d5a76b91c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Mon, 30 Aug 2021 23:00:39 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7d83-5cacecd4384e4;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
32131
phishingfeatured.jpg
www.securitynewspaper.com/snews-up/2021/08/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/08/phishingfeatured.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
65374b2938dd614dff5073c58272259c9d1b3f966f25ed74b5c619360d6b3b51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Thu, 05 Aug 2021 15:27:14 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"bd34-5c8d18db108a5;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
48436
telegrambot.jpg
www.securitynewspaper.com/snews-up/2021/04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/04/telegrambot.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
781e8f9c4513bc8da98aa3ff8d846d03a0727bde47ee00002d2de1c1f70cf6e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Thu, 22 Apr 2021 16:53:08 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"199d-5c092838e0871;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
6557
1313467
ad.a-ads.com/ Frame F618 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313467?size=120x600
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
f953f0067679d91921ab7dba0e7da174c7c2b0256d97329535690e1a148b86c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313467
ad.a-ads.com/ Frame 575B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313467?size=120x600
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
ca9c2a4d4a9f426ff1d084e5c2d21d29204aa72045e0406225f02e82e75d6670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
index.html
adsxyz.com/sponsors/linkxyz/ Frame 3D7E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adsxyz.com/sponsors/linkxyz/index.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffad8419f85c15cf2cc8ae98d79e4c1c395ec6491924ae92900d223131a50175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linkxyz/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Thu, 26 Aug 2021 03:43:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=86400
cf-cache-status
HIT
age
68779
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ju2dU4ziJufqjwbhzpDJzyFJgjrHagfKEUA9JfTb1m8505W7FP7z4G%2BnHfzyE1ByhmPSi7wZWcq1T7fzOdspLcbUfpEugKWq9DfEOP%2Bm6P8dt0hb5XMuRX3ampk"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6216a5f5ecdb3-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1313466
ad.a-ads.com/ Frame 38B2 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313466?size=990x90
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
5074a59b6249ed4ff9c12862d43a0b8668a47832ac5cf4762788878628030275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313463
ad.a-ads.com/ Frame 1C44 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313463?size=320x50
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
12f6bc9b28e5238dbfcf8d8b3027024e97e1c92888e387aa57808e282528256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313465
ad.a-ads.com/ Frame 1130 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313465?size=728x90
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Length
0
Connection
keep-alive
1313462
ad.a-ads.com/ Frame 5B68 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313462?size=300x250
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
536f9d0e99ffd16f186508e7d9840e5c97c5d10e62755549772d10a150c13828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
monarch.ttf
mrhacker.co/wp-content/plugins/monarch/css/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

:path
/wp-content/plugins/monarch/css/fonts/monarch.ttf
pragma
no-cache
origin
https://mrhacker.co
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
mrhacker.co
referer
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2160717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15096
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
"5d70eaec-3af8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT%2BmVuXnKK4Y%2BkOVoqYG2oLu5rd31rB7nQvWVJtDjVcbxmQmLMmQlc4kf4vVXTX0WSj2vWqwPzRhJ72LBNlprmZJ5rY%2FaswMtQ65Mq9vnL91PrBzCVik%2FowFh25jCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c6216a6ba6399f-CDG
expires
Wed, 15 Sep 2021 04:55:06 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 15:56:36 GMT
x-content-type-options
nosniff
age
220227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 15:56:36 GMT
728x90
static.a-ads.com/a-ads-banners/118231/ Frame 77F7 		683 KB
684 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313465?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
JNZHGRYX3NM6D2BS
ETag
"241238ff9e1a7f85dbec8aa10f72f723"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
699692
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h
x-amz-id-2
MSiutjvhiUcfPSQ6Hqp7tDEYEoTE/y45ARx9MB0mOA5sT/7lPfBFXpxchImjFsOnk4oEfWXv60E=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 77F7 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
random4f.js
adsxyz.com/sponsors/linkxyz/ Frame 3D7E 		1 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adsxyz.com/sponsors/linkxyz/random4f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.60.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd819f8eba0b56e52c8583bf1db1b5bbeec52504bef12ef0b325013b68977901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/sponsors/linkxyz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68759
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 06 Jan 2012 14:11:54 GMT
server
cloudflare
etag
W/"4f07012a-568"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKK2vOkdEKMb%2BGavItiEaeXM1hyI6y4su2PBCOrg5rK%2Fgl3T6gy0j6drJwe3nuPMUH%2FAwcX%2FqcREh1KPcwotvKNoFT4ZgM4z7udr9bLYuMQm6r8gTeovD8WP6wN%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c6216b8de940e1-CDG
expires
Sat, 09 Oct 2021 10:01:04 GMT
js
www.googletagmanager.com/gtag/ Frame 3D7E 		121 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D87R5XW8W4
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.232 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
da219bb96735df3f7e25c37d5e597a3a1296f3689a8cbccb60e92cb58b3afecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49288
x-xss-protection
0
expires
Fri, 10 Sep 2021 05:07:03 GMT
320x50
static.a-ads.com/a-ads-banners/117618/ Frame 1C44 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117618/320x50?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313463?size=320x50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
KZBDQZNA55SXSGXB
ETag
"964435510a885dc83118d9345a439c3d"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
108594
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
w4CWsbKlEWz_x7_SpmcYfVfQEmXT2wOu
x-amz-id-2
Txb573tmNs3Zssk4ZR7ZX8yCsnRjhApGVaYlSm6SvAgl2cHHoLIcs2j8UnR12IT7ShTPXL/xXKg=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
300x250
static.a-ads.com/a-ads-banners/117617/ Frame 5B68 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313462?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
ZKBWYDPZA8WTP842
ETag
"5896f969c3c0d5de143c2f56c20489d9"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
191448
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
x-amz-id-2
O6CQvROUNTko32TlnZCmq1N0KFLUME7fVwLI7PwLPDn3mMK+1uPW76cItjOnSx/n3L+hULqHN8E=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mrhacker.co&callback=_gfp_s_&client=ca-pub-7952463575870072
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
f15bf7b7bffb21d686d5cfff04ee3d8dd0a6c8caf742b375897d43a709ed78ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
truncated
/ Frame 9546 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F618 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 575B 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 38B2 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AA49 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631250423&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250418445&bpp=4897&bdt=338&idt=5137&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7590584911786&frm=20&pv=2&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=5187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631250423&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250418445&bpp=4897&bdt=338&idt=5137&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7590584911786&frm=20&pv=2&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=5187
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:07:03 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:22:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Sep 2021 05:07:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631100470313954"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27651
x-xss-protection
0
expires
Fri, 10 Sep 2021 05:07:03 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146590598-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6406
date
Fri, 10 Sep 2021 03:20:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 05:20:17 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C618 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423369&bpp=5&bdt=5262&idt=284&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7590584911786&frm=20&pv=2&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BXZJVSGAEG&p=https%3A//mrhacker.co&dtd=292
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423369&bpp=5&bdt=5262&idt=284&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7590584911786&frm=20&pv=2&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BXZJVSGAEG&p=https%3A//mrhacker.co&dtd=292
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:07:03 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:22:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 22:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
716749
x-cache
Hit from cloudfront
content-length
26040
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 01 Sep 2021 21:40:36 GMT
server
nginx
etag
"612ff354-65b8"
content-type
text/css; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Thu, 01 Sep 2022 22:01:14 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
Pde_CxZExMaqQQxyITZ3wkkYVKHZ5_BWBzavjZKis1Lj1YK8kmGmzQ==
x-cache-hits
0
common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525190
x-cache
Hit from cloudfront
content-length
94790
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-17246"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:13 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
bLMNcussRMp4blkl4eWe527xlxu64GPxXt7nVrS-u2s8r4PIPYycPg==
x-cache-hits
0
lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
c.disquscdn.com/next/embed/ 		0
119 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643867
x-cache
Hit from cloudfront
content-length
120689
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-1d771"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
ZaHiglZqHFedO2uOTZkNPD20RiE44RYPogBgtXfsafO-jEdCJErUwg==
x-cache-hits
0
config.js
disqus.com/next/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
26
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12046
X-XSS-Protection
1; mode=block
recommendations.js
mrhackerco.disqus.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhackerco.disqus.com/recommendations.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
e15fa8b31f370b5358ecd7bb58d2035def976deec92337bc9c76293e377c52fc
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
20831
1313467
ad.a-ads.com/ Frame 6CCD 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313467?size=120x600
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
34eef18721ad9fb3e5cd9a4b1cf747ae67779d00ba8dd543683abcab5612e097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 8400 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrhacker.co
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
23436
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 05:07:03 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D5)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
adsterra_300x250.html
egirlgirl.com/banner/ Frame 0CC0 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://egirlgirl.com/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b6121a4267cf53a8d9446dbc4c346131d0941463e2f3b1fef9e2d30515cfab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
egirlgirl.com
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:36:31 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619389
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggpS6%2FLJmnHkBnzsOWkKWYx87HNgyXUwoz6U4cpuL3%2BxQTi2Z1%2B9eyNxlDbVC9PSKifnuwI7%2FPdi7YhVJId1OnQ1ktB25Jgcaxo1DOYZ3EjZYju%2B4I71C%2FHY6WIWziei"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216cdde7331d-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
fapbest.com/banner/ Frame 4C0D 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fapbest.com/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
669e9517e16de747cabb78e5c73ef45830054a806170f37801841ed5b3b6689a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fapbest.com
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:41:56 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619321
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MluBgSSTrnTKUVzfF8a9eZBNg7PsXwJuYegkhP2k6KLaIWHidUm2DDQpW9x0FyCT7VkYmejuF%2Bb0U4FUU2sVLL53fiddZufbmznWwIaxLJ5R70hdbBCYGQ4owOKl%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216ca903331f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
nude-hot.com/banner/ Frame 66C5 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nude-hot.com/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ca28dd8b7551c6f06b09458b7b5561513904c23be68308603ca6b3bcdb5960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
nude-hot.com
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:49:38 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619802
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwW9THE%2Bq0fPATVq7CvA9zVbvE%2FoTeXAw4vL0w%2BnBXOq5CXKsaF%2BM7ASbncsXcaYO80%2FRtrtW1vko4oQY2ZlDmknIKm42JliZjO2HMB4xy%2FIP%2FZZDxJgOkrds99aS34%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216dddc6595c-IAD
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
porns.photos/banner/ Frame 3131 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://porns.photos/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421f720278f84ac7e6429333b96f14f94756b1f0343f0236fac7307bac68b718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
porns.photos
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:57:03 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZirDkYLTnD16bz2RTO3VNrZoLGxK7lmeyBbAndpEqaVQvSH%2BwiblUBx%2BO3lnAicQDsZZdvwTc1J41Re%2FQ%2BhiomewONScNrHKKYo9AmhzzLrx%2F4TjbqbJtKU3PEu%2Fzs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216cdbbcee44-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
clipsex.online/banner/ Frame DD21 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clipsex.online/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd110802bfc94a315236b952fc20ee920c1cf886b9526ffad1ee4ff9057d2394
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
clipsex.online
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:45:12 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1364484
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ce5%2B0NkwN59JQoWrmYkDpzhaRB8bKZj8NCwD2xcJzEuKXj9TPCshF5RKLcyehSCHM6d5ssKixy0m%2BQurjSvdx2Dd3X%2B4KIIcWxzb3X9dMj64jiSptkZXuPWEgi84DN7QDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216cd9263a99-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
fappinghd.com/banner/ Frame 1D9F 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fappinghd.com/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e71fa614171fdf7f3eee87e6198d233232fe2d73e7cc75cb30722c00000738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fappinghd.com
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:49:40 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1364570
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ui8QrdDVk61JhMj07%2BdRYJ8WZ7Yj27XTF5BcI8m2EmExyDoq3Lmiu45MooYj2M3g5dl0dmgZsMhjcuo%2BcDkPBi56volLAHBnjPM3SAKAl6zSCD1GYUwBflfFPObC%2BNAc"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216cae9540cf-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
javbest.co/banner/ Frame 25E2 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://javbest.co/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676311b41a8a21162d8187ce2b2ecb7c652888635cc52967a9aabff9ef583d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
javbest.co
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:51:54 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1181006
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7BwvU2ypQ6PY3Tv%2F6MhHxyzNCHiX9EXsT2creKUxwGcxQ00tEzxQ6SY2XcV5EExfwOW8c2GV24WvqxnW%2BOIZ1pe4rVhUqS2MLeMczLGECXMN6YxrSHMo45NpEdS"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216cb84a3a1d-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
thesexscene.com/banner/ Frame E56B 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thesexscene.com/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
227365258106f73bc8761237c88b38ffbca65361aa95b865709657406eae1459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thesexscene.com
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:54:02 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
118896
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1L64T91eo8VDBaKsM2rwLnaG0s7rNPbOu7L%2FHgV%2B29BSRBaBVqewnQ7TSzjxEI%2F%2B7LafaF2bU%2Fg7GWbm8YTreKq0fu7PLJbnrCXuhoX6DV8ehgVpa89x8GDItYprHMJYYQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216cec463bd4-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicyads_300x250.html
jav1080.com/banner/ Frame 4897 		744 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jav1080.com/banner/juicyads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb776e4e7499c2a01783aaeafd98641ea731c2d2da8ed9bb20cef55cd50b863b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
jav1080.com
:scheme
https
:path
/banner/juicyads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 18:29:27 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619249
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EmNgOpX3srRpkRko8Ppmm550HCRGNrq0cvMntcFcY%2B58EgYRMDRFjgEZV01k6pvg7j%2BBQyNXOnKcDymW%2BhXqH%2FbE%2BG7i%2F4cvzydqTF81RUlgopyQo%2Bu916CHYhCfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216cae24b7ab-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicyads_300x250.html
pornbebes.com/banner/ Frame 09FF 		744 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pornbebes.com/banner/juicyads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e18f2f4e1a2af8839f0ee4900990890090742ac52482ea811f1fe41ef5556c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pornbebes.com
:scheme
https
:path
/banner/juicyads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 18:43:21 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xC%2FcFaI9jwpmTqOgFAzJs0ryGZ6O%2Fk9AmURm%2BkTkVn936Jz%2FqOkkFcNU6DC4Q7pwylHEqj92lHXSW%2Fwj26buAxc3ajmWeCaWY0J%2Bbe%2BhUlyLE21uWFJKOCL1HoKfwh0N"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6216ca9f340d5-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicyads_300x250.html
sex4viet.com/banner/ Frame 4E84 		661 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sex4viet.com/banner/juicyads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.213.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07aa1437b73b702e4fd27db55e676455653762882c782440309ba4534050928a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sex4viet.com
:scheme
https
:path
/banner/juicyads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:04 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 18:14:21 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
2379083
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3R4EbMwptFjWUNxTiWbGbjDKOYJhOlNtaMHWIPLnKO0POdHsS7F8zo1BmBgf%2Fm5qQ7n%2FPoPWkxo5fmwJpsLwPUyJ8CGR5KavfZrzZ1k6Rz3Fywnt6L4x6q%2F3BQ6QC4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216ff816d805-EZE
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicy_300x250.html
xdultchannel.com/banner/ Frame B8B8 		742 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xdultchannel.com/banner/juicy_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60dfaf4d68247d23d28f56642945518dc7481ce4fba6b1f908857f497a4c614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
xdultchannel.com
:scheme
https
:path
/banner/juicy_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 17:05:02 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
276890
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2mxRmoIRzlMKdFgv3F6rFHiTAPIHX%2BOD22wJ%2FOmw7s8NuSE7f7V3jvWSDIFlXX3G%2BCqAsxGr0Ba5U0PpURGvxw0Qx70QAtmkN7C74EksPUirel7yfqS6XjX5xIyR6JZSI%2BP"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216ca9323b43-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
mrhacker.co/banner/ Frame C9EF 		558 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45458c5cfa0ae1e6992b40d920661a7107510f24e5c96f4b2f160d9939d946d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:10:22 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619116
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRAsKeQ5wbmLgDAU9WYlgGBTSGzAAeNKVNSzWYPIsdafAnJENix7s8dxyIlp2V3v3jmePkZBuXZW2a793j7QmW2ZpdotgzZ%2Br%2FPYKnLD%2FJsShXjTi0bg66QzIXGEvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216c4dd9399f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
null88.com/banner/ Frame 17CE 		558 B
937 B 		Document
General
Check archive.org
Download Go to
Full URL
https://null88.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:04 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:34:19 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619100
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cuh7%2FVkqJtk3QCQq7ii3p%2Bpvp3SV%2FQ9MZpHDHe7etRDKMCIRo2eJNYr%2BTIjdDMG7BWtEUpLcn4U5G%2BFvTs5JZV3Ik31a%2B6kncGwuU2VSW%2F2DoKlMp%2B5VsSu159Mv"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6216e99003bda-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
phancongkhanh.com/banner/ Frame 39FC 		558 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phancongkhanh.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c953490be90a1e661e731eed1b5b5b07d20a3d23806cc81d641c383e99422c2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
phancongkhanh.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Wed, 30 Jun 2021 09:30:59 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9N0PI9mxrpwjuVO4XBtpQYUU%2Bif1W%2FhJEWA%2FfjPx7N5WSOZAx1Sq7V8R16Lm%2BARSgAjGt4IXf%2BJ00QPfZLbyFk0PKgbyLGBmwbqQllU5LX3CyKldKaPRWGMljOBE3i%2B4TnKXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6216cee9c32b1-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
tongdongkhue.com/banner/ Frame 3379 		558 B
911 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tongdongkhue.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e1b64507c8e03581b958717b74ea4f9df546187e1477ff33f2ad65dbdfcb16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tongdongkhue.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-type
text/html
last-modified
Wed, 30 Jun 2021 09:14:18 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VT%2FQmqsCaVoUI0MMXwXGOJz8Y1%2FKh6Ih90g7Jw8oQgFF929ZBo%2ByYx0ZMXlIlzp9ToCTDTaGLceKjJtjJ6BL9yvVmsTJg55G%2BQlCh2ZyAkwFmLeMMMSOvmmJgTmxqQDLw5N"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6216cad103b9d-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame 4158 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423374&bpp=1&bdt=5266&idt=341&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=gNEuJPMBF1&p=https%3A//mrhacker.co&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423374&bpp=1&bdt=5266&idt=341&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=gNEuJPMBF1&p=https%3A//mrhacker.co&dtd=346
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:07:03 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:22:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 429A 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423375&bpp=2&bdt=5268&idt=359&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Sm9bps8Od1&p=https%3A//mrhacker.co&dtd=362
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423375&bpp=2&bdt=5268&idt=359&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Sm9bps8Od1&p=https%3A//mrhacker.co&dtd=362
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:07:03 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:22:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6CCD 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
/
disqus.com/embed/comments/ Frame 44EC 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
460ae51398ed855ccda6738a02de06edc882e5d85f643d3d793fee9bda6e9781
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Connection
keep-alive
Content-Length
2916
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Thu, 09 Sep 2021 14:10:26 GMT
ETag
W/"lounge:view:8765559764.82d5a9611fdfdbd6e31e3af5722a2241.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy
no-referrer-when-downgrade
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 10 Sep 2021 05:07:03 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
1313462
ad.a-ads.com/ Frame A1A7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313462?size=300x250
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
4e8535a88d619b2912d96dbcc3d7cfc29b2fcee30cf338af808c41dfce0c0aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:03 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
settings
syndication.twitter.com/ Frame 8400 		232 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=a011138c72da79bc7d16bd7382d6093283158754
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:03 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 05:07:03 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
fd518c09e21856bd168e9b484e5ef35943b8d77402fc96f162ce466879280f05
content-length
166
invoke.js
www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/ Frame 4C0D 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/invoke.js
Requested by
Host: fapbest.com
URL: https://fapbest.com/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fapbest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/ Frame 1D9F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/invoke.js
Requested by
Host: fappinghd.com
URL: https://fappinghd.com/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fappinghd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
jads2.js
poweredby.jads.co/js/ Frame B8B8
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: xdultchannel.com
URL: https://xdultchannel.com/banner/juicy_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xdultchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:07:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1437038971&t=pageview&_s=1&dl=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ul=en-us&de=UTF-8&dt=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom%20%7C%20MrHacker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUAB~&cid=1351541086.1631250424&tid=UA-146590598-1&_gid=168649279.1631250424&gtm=2ou910&z=2075178986
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 01:06:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14430
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
jads2.js
poweredby.jads.co/js/ Frame 4897
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: jav1080.com
URL: https://jav1080.com/banner/juicyads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jav1080.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:07:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
invoke.js
www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/ Frame 25E2 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/invoke.js
Requested by
Host: javbest.co
URL: https://javbest.co/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://javbest.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/ Frame 3131 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/invoke.js
Requested by
Host: porns.photos
URL: https://porns.photos/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://porns.photos/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/ Frame DD21 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/invoke.js
Requested by
Host: clipsex.online
URL: https://clipsex.online/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clipsex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/ Frame 0CC0 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/invoke.js
Requested by
Host: egirlgirl.com
URL: https://egirlgirl.com/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://egirlgirl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/ Frame E56B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/invoke.js
Requested by
Host: thesexscene.com
URL: https://thesexscene.com/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesexscene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
300x250
static.a-ads.com/a-ads-banners/103763/ Frame A1A7 		686 KB
687 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313462?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:03 GMT
Last-Modified
Fri, 27 Dec 2019 12:20:30 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
DNQ9HJ0JWNENK9BQ
ETag
"28dd56aa4c3448923f2e06f6f90e1017"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
702864
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2
IqApmEy8NzIm5tcMavxQqZlmnazLibLARFM/D0i2Rkv+Ujggk3EpKU7hoJCuSzi3uutvenm530A=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 06 May 2021 07:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10962875
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 07:52:28 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
5s_3jkKvrqkp9Gmai7rG0fVYPk3XnteIiq9ijMm4tw9yiDDl1FRiYQ==
x-cache-hits
0
common.bundle.72e35017d98ea7f210961b0d5c38444a.js
c.disquscdn.com/next/recommendations/ 		0
87 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525200
x-cache
Hit from cloudfront
content-length
88853
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-15b15"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:03 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
yqAvzzdIAUx1T9vgDnmeTaxo57EYnStNBnWSx2R2MKNS0y4aKTvU6A==
x-cache-hits
0
recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
c.disquscdn.com/next/recommendations/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643868
x-cache
Hit from cloudfront
content-length
20099
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-4e83"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:55 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
hkMl6fmu2V35-ue6hx1efs6I-Q42KGnSzBCN2Q7JIhF73Y4KA_2XyQ==
x-cache-hits
0
truncated
/ Frame A1A7 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
jads2.js
poweredby.jads.co/js/ Frame 09FF
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: pornbebes.com
URL: https://pornbebes.com/banner/juicyads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pornbebes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:07:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
1687802
ad.a-ads.com/ Frame 1EC8 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1687802?size=300x250
Requested by
Host: tongdongkhue.com
URL: https://tongdongkhue.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
4fd742be38ac199103233a2941007f4a6f1c4b39090ea67b23ce0da8fcc3f1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tongdongkhue.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tongdongkhue.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tongdongkhue.com/
Content-Encoding
gzip
lounge.load.9bdb65de27b881f62b84ef54f46d1575.js
c.disquscdn.com/next/embed/ Frame 44EC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643868
x-cache
Hit from cloudfront
content-length
533
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-215"
content-type
application/javascript; charset=utf-8
via
1.1 07bdbf68839b59462a12375dff97561e.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
j4gdwRb6beA_U6zXk2gQiU07a9wm0yyaV0uymmO5RWnz0xlcFDjKHQ==
x-cache-hits
0
1687823
ad.a-ads.com/ Frame 7AF8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1687823?size=300x250
Requested by
Host: phancongkhanh.com
URL: https://phancongkhanh.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
c8433d71525148c4a1b61549a8bff4a3091c6b29e40a77f150abd0a550586c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://phancongkhanh.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://phancongkhanh.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://phancongkhanh.com/
Content-Encoding
gzip
horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/67D3)
Age
23437
Etag
"4985a73adee036c4a8fe64d49af6033a+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2443
adshow.php
poweredby.jads.co/ Frame 4E98 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 6BA5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929956
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
4cffc9fd54d6c8feaa9ae31753f2aea39f5c3c5ed7e30da1da398946ac0096b5

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xdultchannel.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xdultchannel.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:07:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=a066059364c44b371cc54323ab7b6db0; expires=Sat, 10-Sep-2022 05:07:04 GMT; Max-Age=31536000; path=/; domain=.jads.co juicy_data_1=YTowOnt9; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co
Content-Encoding
gzip
adshow.php
poweredby.jads.co/ Frame A381 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame BD98 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929973
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
b1c6de876f936b993353635b9644e18e428e1fd7cb629804410064a7a76fc38c

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jav1080.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jav1080.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:07:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=a066059364c44b371cc54323ab7b6db0; expires=Sat, 10-Sep-2022 05:07:04 GMT; Max-Age=31536000; path=/; domain=.jads.co imps44428=1; expires=Sat, 11-Sep-2021 05:07:05 GMT; Max-Age=86400; path=/; domain=.jads.co juicy_data_1=YToxOntpOjEyMjAyNDA7aToxNjMxNTA5NjI0O30%3D; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co
Content-Encoding
gzip
Tweet.html
platform.twitter.com/embed/ Frame 199C 		487 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
0683a1add44ec1b469bed17240e847c6b1bf0746e7ee287f9b9b33cb5adbf8fc

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
948
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 05:07:04 GMT
Etag
"672ea4f09b5a253b05329ee849064fc0"
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
300x250
static.a-ads.com/a-ads-banners/218791/ Frame 7AF8 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/218791/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1687823?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d1620b335106648e07549c61c2ad16e8522e7a62c65d29869fb33071cee62060

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Last-Modified
Mon, 12 Jul 2021 21:22:33 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
WCFBHTSKF40E8VNX
ETag
"3a379817afdebf353d6f2174c42abe6a"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
137151
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
_NDW3nCjcvab8krQxTQpSMrQ5eXW73Ed
x-amz-id-2
4fQxg1WGnrPHPMpCiFWv/HZaO1vFkVBWIyw00W7lJPtSrW05D2Jtmr2+aQ8bLRu2skc3HOR/0F0=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
disqus.com/recommendations/ Frame 9526 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41faa68378a6c68e19722b376992653598878b6633da16992e9d66a4fb15ef3b
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Connection
keep-alive
Content-Length
2402
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Mon, 13 Jul 2020 23:47:40 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 10 Sep 2021 05:07:04 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
truncated
/ Frame 7AF8 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1EC8 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ Frame 44EC 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525191
x-cache
Hit from cloudfront
content-length
94790
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-17246"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:13 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
6bMCpTZeD_5Pt0bZcqO7DBsNvrmD3pgpFglo7zUEB3l-YbKIvwYfsQ==
x-cache-hits
0
invoke.js
www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/ Frame 66C5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/invoke.js
Requested by
Host: nude-hot.com
URL: https://nude-hot.com/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nude-hot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:07:04 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
embed.runtime.ba5a9b2f1af2a07eb6ac.js
platform.twitter.com/embed/ Frame 199C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
7f7e5b7357faea48e8742fb8535313bd5f478e1b9947bc15644ce183d56dc9d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/67AA)
Age
23438
Etag
"444541c03ea1498c23a3f88dfe81edb3+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3540
embed.modules.6d412ab277f295e6d2f6.js
platform.twitter.com/embed/ Frame 199C 		510 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.6d412ab277f295e6d2f6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
11358d2115817389c001cc4e11e470ded0caa3999b0cc923c4c7c1459d36c345

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/67E0)
Age
23437
Etag
"ff61fb364693cdc4ee1e60ce67e16202+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
164115
embed.i18n.fca6d1207a0eb09086fa.js
platform.twitter.com/embed/ Frame 199C 		146 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.fca6d1207a0eb09086fa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
ae33dd22d81c7494fa59404d4dcb6e28dd2bc0346494efde5bbc630301d1592a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6712)
Age
23437
Etag
"c82976f830f64e89c4fc50e5b78cef64"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.2d315c2027f2593bc8ea.js
platform.twitter.com/embed/ Frame 199C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.2d315c2027f2593bc8ea.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
e7fecca72827ce8c5a96210fa24127e276ddbd52856b9e07a1c51752e111691c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6793)
Age
23438
Etag
"d16f29f9a59af043ee0b10fd14f32674+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5636
adshow.php
poweredby.jads.co/ Frame B287 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 1F32 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929979
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
8208bfc115f6706dd34d4912eb29e2ad3f98a9d1d0cff0e962ae28b446f73e7e

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pornbebes.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pornbebes.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:07:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=a066059364c44b371cc54323ab7b6db0; expires=Sat, 10-Sep-2022 05:07:04 GMT; Max-Age=31536000; path=/; domain=.jads.co imps30060=1; expires=Sat, 11-Sep-2021 05:07:05 GMT; Max-Age=86400; path=/; domain=.jads.co juicy_data_1=YToxOntpOjc0ODE3NDtpOjE2MzE1MDk2MjQ7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co
Content-Encoding
gzip
1331410
ad.a-ads.com/ Frame 4D66 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1331410?size=300x250
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
78c79e23d01338e445396a10bd38a3fe925037dd6986d5cb1d3894e920292ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://null88.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
embed.vendors~ondemand.horizon-web.en-js.adcb3a520eb6eab2f5eb.js
platform.twitter.com/embed/ Frame 199C 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.adcb3a520eb6eab2f5eb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
26d788a2a593ee53a9126a76e00b1085b83c238ac207d89666ab75f855231f14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/668B)
Age
23436
Etag
"eded0105ab27a2d62811c8af369c2bc1+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7955
embed.ondemand.i18n.en-js.e118516d2a7cf1b9f689.js
platform.twitter.com/embed/ Frame 199C 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.e118516d2a7cf1b9f689.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
a0e15885d6d7e1694c5d7cdaff3ed800baabe7359ddf0e70f632b903ec624fb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6731)
Age
23438
Etag
"ad3c3dffcde6bdbeb1bf440bf8999746+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2056
lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ Frame 44EC 		163 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 22:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
716750
x-cache
Hit from cloudfront
content-length
26040
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 01 Sep 2021 21:40:36 GMT
server
nginx
etag
"612ff354-65b8"
content-type
text/css; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Thu, 01 Sep 2022 22:01:14 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
rAz2Yqr3laS_jda8thApabDmiyxZAICbSwdtSJdW6s3D99LBxZttzw==
x-cache-hits
0
300x250
static.a-ads.com/a-ads-banners/117617/ Frame 4D66 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331410?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
ZKBWYDPZA8WTP842
ETag
"5896f969c3c0d5de143c2f56c20489d9"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
191448
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
x-amz-id-2
O6CQvROUNTko32TlnZCmq1N0KFLUME7fVwLI7PwLPDn3mMK+1uPW76cItjOnSx/n3L+hULqHN8E=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
recommendations.load.064141e2948b0e7f6218d4075662ea80.js
c.disquscdn.com/next/recommendations/ Frame 9526 		923 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.064141e2948b0e7f6218d4075662ea80.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
cd132cc11b4c3feea41adf4d06a10f935dc9bf596dfa23d6f48ccb8fe2d44bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643869
x-cache
Hit from cloudfront
content-length
448
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-1c0"
content-type
application/javascript; charset=utf-8
via
1.1 07bdbf68839b59462a12375dff97561e.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:55 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
7kw8aGm46dd1YXkY5y1lYF0WvwSRuBWfX2cseDUDRnSAujp_9FEIYA==
x-cache-hits
0
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.9787d53ebbb5f72cb593.js
platform.twitter.com/embed/ Frame 199C 		144 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.9787d53ebbb5f72cb593.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
e32c2b4173888243555c41b68a80f48a4aa18847d10a465c029db6042d52ea5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/67BD)
Age
23437
Etag
"d401d40028fec960fd94ba14f0868eb0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
40413
embed.vendors~ondemand.Tweet.fe975bb428059b89523c.js
platform.twitter.com/embed/ Frame 199C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.fe975bb428059b89523c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
14ee10387bd3e877794228db2892115d6be65ed86de5da64dd94a66710418ac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6752)
Age
23437
Etag
"8776fda3be73ccdc69260c57dbd38db1+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5873
embed.ondemand.Tweet.41972e180617ea45e07b.js
platform.twitter.com/embed/ Frame 199C 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.41972e180617ea45e07b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
553d3982d9f510a165f384512122570431df82d015502771e79b9823a805d94f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=a011138c72da79bc7d16bd7382d6093283158754&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6762)
Age
23437
Etag
"7e637c60dcd7bc92b3bab2f83b13eddc+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14991
truncated
/ Frame 4D66 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
c.disquscdn.com/next/embed/ Frame 44EC 		468 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643868
x-cache
Hit from cloudfront
content-length
120689
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-1d771"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
4ffzdEDWNq9WDMPc-U7ILMqx9-HLSszNOcNiS7guK9tUbROPcWVOYQ==
x-cache-hits
0
config.js
disqus.com/next/ Frame 44EC 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
26
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12046
X-XSS-Protection
1; mode=block
common.bundle.72e35017d98ea7f210961b0d5c38444a.js
c.disquscdn.com/next/recommendations/ Frame 9526 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.064141e2948b0e7f6218d4075662ea80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
1a9b2621dcaa88ed6a5d03a96cf38e466a9c2928e5fae60b5b977a33f8b63460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525201
x-cache
Hit from cloudfront
content-length
88853
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-15b15"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:03 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
hPKM5z_2YKUj3ZKX-zjXdns5Gah_PmDUhXNu4NFe7btHfy2-kbSrmw==
x-cache-hits
0
tweet
cdn.syndication.twimg.com/ Frame 199C 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1425447533598453760&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.6d412ab277f295e6d2f6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
383576f16a9b11bf23ca3df7a5357f7765a9842fb9f9a31bcaca3e2faf28b01c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"16-LGRtdrPlUULfESdbhaic1Iw99do"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
1723
x-xss-protection
0
server
tsa_f
x-frame-options
SAMEORIGIN
date
Fri, 10 Sep 2021 05:07:04 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
text/html;charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=1
access-control-allow-credentials
true
x-connection-hash
fe0824db58d731dc479500b60f88f399399ef4d934f923e4027d7620e2d0e660
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
details
disqus.com/api/3.0/forums/ Frame 44EC 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3349
X-XSS-Protection
1; mode=block
noavatar92.png
a.disquscdn.com/1631056800/images/ Frame 44EC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1631056800/images/noavatar92.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
120539
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
content-type
image/png
content-length
1644
x-amz-cf-id
ubKt7S8KHZN03wtHnkGCYvstiRZR3eESttQGFhbt-8eu18LRqmHs4w==
expires
Fri, 08 Oct 2021 19:38:05 GMT
truncated
/ Frame 44EC 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 03 May 2021 20:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11175935
x-cache
Hit from cloudfront
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-67d2"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Tue, 03 May 2022 20:41:29 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
3wUtiqbwq8LWOj8nrNGno_4mRnn4-SAxxG3MTynuG9HZc_JnuoLDww==
x-cache-hits
0
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 9526 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 06 May 2021 07:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10962876
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 07:52:28 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
Ak1fwu6uPvsY1P76BZjnk5RNunVgZcf5vMDdpyyobQNyTOUgVmVZLA==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 8111 		337 B
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 01:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
619343
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-f4"
content-type
text/css; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Sat, 03 Sep 2022 01:04:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
g5mEqYItvnGx8ur_7ONwbZt9QDXlH2_KYZAL5Kepk14VF9w1EEGbRQ==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 05C5 		337 B
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 01:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
619343
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-f4"
content-type
text/css; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Sat, 03 Sep 2022 01:04:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
4iLIZJiwV0aEgfHIDqEviC2Kj6mMpYtGidEIx0Lgrh8pcQQruij7Pg==
x-cache-hits
0
recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
c.disquscdn.com/next/recommendations/ Frame 9526 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643869
x-cache
Hit from cloudfront
content-length
20099
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-4e83"
content-type
application/javascript; charset=utf-8
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:55 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
FkoOFFRzpZCeysET2HtACerSnSA9S-rfP_RJ6ubliVq5mcnihUT2Rg==
x-cache-hits
0
config.js
disqus.com/next/ Frame 9526 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
27
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12046
X-XSS-Protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ Frame 44EC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
f2bd3b8efd0335c133b5427ed54e08d10a89f13714e22916fe79219a1a1f3150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tvWunhLZLVT0EUlCvaQpLQ==
cross-origin-resource-policy
cross-origin
expires
Fri, 10 Sep 2021 05:09:14 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
+usAd+Mf1Balr5/X0pYZ0odE93oZyJvcjp8+0oaQDfmzXzhFn8Zt7KJpxS4hyYzO9ShaJVWJPZbfub7+GXPGGQ==
x-fb-trip-id
917726464
x-fb-content-md5
985ef27ae1fab76ba0331bf27a39167d
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 10 Sep 2021 05:07:04 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"57ae6dadeaa01690aad00f2ac39c4e81"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
api.js
apis.google.com/js/ Frame 44EC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f14.1e100.net
Software
ESF /
Resource Hash
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/vjHnY8uuFu/E3J5U+kBrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"6cf1a8085d365822968a50501ed9fdee"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-/vjHnY8uuFu/E3J5U+kBrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 10 Sep 2021 05:07:04 GMT
jot
syndication.twitter.com/i/ Frame 199C 		0
0
details
disqus.com/api/3.0/forums/ Frame 9526 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3349
X-XSS-Protection
1; mode=block
pixel.gif
cdn.viglink.com/images/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=10.72965238046304
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.163.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:04 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
12
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
68c621716ade0883-CDG
x-amz-request-id
ABPMNVEYHHJWWRYR
x-amz-id-2
gVy92BlHpcljM9ysrcE33avtGk49cVh5MN8Hn3rDfdPxq8tnQU/mmBPb2pok/lOzzfgDqj2tA/c=
pixel.gif
cdn.viglink.com/images/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=10.72965238046304
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.163.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:04 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
12
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
68c621716ae00883-CDG
x-amz-request-id
ABPMNVEYHHJWWRYR
x-amz-id-2
gVy92BlHpcljM9ysrcE33avtGk49cVh5MN8Hn3rDfdPxq8tnQU/mmBPb2pok/lOzzfgDqj2tA/c=
sdk.js
connect.facebook.net/en_US/ Frame 44EC 		222 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b97e0a0805aa515fce81e6a709e88e5d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
66adfd9392bf49bf0157e17151474cb7c64ea79f69c4ddb49222a31e85ec316c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3JVhW+7DDaBCn9MUz4wTwA==
cross-origin-resource-policy
cross-origin
expires
Sat, 10 Sep 2022 03:30:36 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66826
x-fb-rlafr
0
x-fb-debug
ZiD2NHz+90QyHUXKxb0ZolWkp+Pqi+Nb7i9lfRPGRcRuhoFoFJv2gXP4h8jGwzHQMI0dYsmb2NCarY18/G1iBw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a6914307fa901c4409508ec7bf1c7e72
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Sep 2021 05:07:04 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"01942d9c551ea2dd55454c034987b441"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 9526 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=mrhackerco&thread=ident%3Amrhackerco-50640&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2f7c7d3f411947762dedb0f0557a9eba5d8fbfdce49a3ed2b8794a9fcec544b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Connection
keep-alive
Content-Type
application/json
Vary
Origin
Content-Length
6128
X-XSS-Protection
1; mode=block
jads2.js
poweredby.jads.co/js/ Frame 4E84
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: sex4viet.com
URL: https://sex4viet.com/banner/juicyads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sex4viet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:07:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
status
www.facebook.com/x/oauth/ Frame 44EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fmrhacker.co&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dmrhackerco%26t_i%3Dmrhackerco-50640%26t_u%3Dhttps%253A%252F%252Fmrhacker.co%252Fmalware%252Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%26t_e%3DLockbit%2520ransomware%2520hacks%2520Accenture%252C%2520encrypts%25202%252C500%2520computers%252C%2520steals%25206%2520TB%2520of%2520data%2520and%2520demands%2520%252450%2520million%2520USD%2520ransom%26t_d%3DLockbit%2520ransomware%2520hacks%2520Accenture%252C%2520encrypts%25202%252C500%2520computers%252C%2520steals%25206%2520TB%2520of%2520data%2520and%2520demands%2520%252450%2520million%2520USD%2520ransom%26t_t%3DLockbit%2520ransomware%2520hacks%2520Accenture%252C%2520encrypts%25202%252C500%2520computers%252C%2520steals%25206%2520TB%2520of%2520data%2520and%2520demands%2520%252450%2520million%2520USD%2520ransom%26s_o%3Ddefault%23version%3D9bdb65de27b881f62b84ef54f46d1575&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
IC4cDBMx5TEAK00tGeYiyJbEOsQaR0DneFDbQaMEy4rPGtZNb4zyIb6Ot+2P4c/7zG9SknDFkTyuJOWYkz4bYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Sep 2021 05:07:04 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
adshow.php
poweredby.jads.co/ Frame 9E76 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 3DE3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929967
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
a2248e33b59316bddc605ad6900d7ff85899738c99170c6a8355712b97582661

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sex4viet.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sex4viet.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:07:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=a066059364c44b371cc54323ab7b6db0; expires=Sat, 10-Sep-2022 05:07:04 GMT; Max-Age=31536000; path=/; domain=.jads.co imps21464=1; expires=Sat, 11-Sep-2021 05:07:05 GMT; Max-Age=86400; path=/; domain=.jads.co juicy_data_1=YToxOntpOjY1OTU2MztpOjE2MzE1MDk2MjQ7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:07:04 GMT; Max-Age=259199; domain=jads.co
Content-Encoding
gzip
get
c.disquscdn.com/ Frame 9526 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnordvpn-server-was-hacked.jpg&key=d49R8v6RMTrdU6oMr2_OJg&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:51:50 GMT
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1977314
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
3532
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBrkVK%2FI81Bh6kqrAYHiYiCK6cv64vnZiTWx1sWpC67MB5MNVxaXKg9%2F7gd58Qc7qj7SGmYQUllbOpNgC6QLvJoORniHBBGCUTacwrl%2FP0slGZ1vCIyaiy5B%2BUhZKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
Q-qPJZjZXI-822EXuLWghRRDdbhHd7UbU8fQ7b0CjI_CySFAejz0Kw==
expires
Fri, 17 Sep 2021 07:51:50 GMT
get
c.disquscdn.com/ Frame 9526 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fremote-access-trojan.png&key=IidVFmgt_ZPrbq5XbCNarw&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
6ea5ae441130287eb5d58aebb3425bd80c9836d3c51e5e04e293cae2188b1bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:59:13 GMT
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1525437
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
32515
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssYr0g%2BFD8CNWmlSExpCjllqWPqSx0IjodISwdjpck6xTzdE1krmn2Sem6hHuiWyf5sA5n%2FEsa9k%2FXFe6G1uKTBh1%2FAwlxE15o0V3H87ziqYFKY8tMNtw7UYFLcLXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
fjZ2NqDOYGG2AhRnEUCFpxNRjHEdVJdD3F1F1TO4_XI1XOT5miqR5Q==
expires
Wed, 22 Sep 2021 13:59:13 GMT
get
c.disquscdn.com/ Frame 9526 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2020%2F04%2Fhow-to-get-windows-10-2004-release-preview.jpg&key=VkcfeckCrYChI1IL-3gBzQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
get
c.disquscdn.com/ Frame 9526 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fzameen-com-hacked.jpg&key=eE1u6TVhx6ZRYzTOq33RaQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:51:50 GMT
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2001851
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
20678
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuQwQSprIzHYrO7agIkDh784ZgcVBVqnrE1JzTJ2reD%2FZioPUGBX0LF5nPRsOYy6zdqyY0eQ1SUxC20ixDz72IidzkiJl1I3em%2FuCuB76j0zW%2BIwNlTqOJVyjQj58Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
R1PbCYb2L-erR9xhx_xpO67avmFAu4_g955cfRVTNf7pbbMAxYGdvw==
expires
Fri, 17 Sep 2021 07:51:50 GMT
get
c.disquscdn.com/ Frame 9526 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnginx-php-fpm-hacking-exploit.jpg&key=FmmPpxDtKf3-7Od2A_FxeQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:51:50 GMT
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2004045
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
11150
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klWj6gx%2FnpeSvplluyPT5SZWZCAm364J07ixMRdKYczig49TK37%2BP%2FmUqcLUULY04fFmpbBJgOmnL2SDeegNuVpLmwK4SaFEx6nqlcnZMYrNgT2u1amWMhmuZm74hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
8R3usYIWJt6cI581ISI5eOwm961-8UjeDIhQ6SUakiXYk_mMk978eQ==
expires
Fri, 17 Sep 2021 07:51:50 GMT
get
c.disquscdn.com/ Frame 9526 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fatm2bmalware.jpg&key=RW9S4XLIDRfebY7mlx4nnQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
189f9e055dd25823d14b06678036d41865d143d8ca4813fe97c08db4eb21e851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 16:05:19 GMT
via
1.1 9dfe528172e388251f8e164c4585ba91.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
392505
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
10800
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BaQyLA7NrkUMScj8b9mGRgjN0PqC3LS981EmTdcODZXDaUETYl81LzX42FjT%2F5E7nBgbzZsVIf1dkiu52TWgERa0Tm3jNZPMo1Amn%2F8j%2F7e%2BA0vO9SF0hZjbKQb0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
shFjJjqQY-ldtQcdi5b-Us1_1MmFxy0mTlwx37vH3nHBDH--bBooTw==
expires
Tue, 05 Oct 2021 16:05:19 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame 44EC 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f14.1e100.net
Software
sffe /
Resource Hash
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 08:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35070
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 08:39:03 GMT
iframe
accounts.google.com/o/oauth2/ Frame F230 		513 B
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f13.1e100.net
Software
ESF /
Resource Hash
cf2a787d02d55f53c9bc7afc9c1bbd09607676ef6d4fd53d3e3f2f33c879b1c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DPyZXM/Uhj5rmAnGKsvELA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
accept-encoding
gzip, deflate, br
cookie
NID=223=t6H0Nj9lscFz-OmAJP5-EEfZ7OzCdcWBu8a-E84FHc0l_YNK2nkJp13pISw_mtSb92IRoIXgXsHeUfR_VNIyVSCarZW094EScFdHu59jpnE5Cn0hNZ4m3axYZQS2pkhZuXCX3c7Md5wWLV-ZdrmfXy7iJK8m9jrkEvC28I-wDGE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Sep 2021 05:07:05 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-DPyZXM/Uhj5rmAnGKsvELA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ping
links.services.disqus.com/api/ 		317 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
db14602ee127745c10e770de87385f7fe89fe8f3399f8339057d97a1f4af590a

Request headers

Referer
https://mrhacker.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 05:07:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://mrhacker.co
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
317
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
links.services.disqus.com/api/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 05:07:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		76 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
abbdecd37a8fb8bbd8b6bcf2a32288fa6aab4a0d0d71d46f8c475fc5307f3979

Request headers

Referer
https://mrhacker.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 05:07:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://mrhacker.co
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
76
Expires
Thu, 01 Jan 1970 00:00:00 GMT
1x1.gif
i.jads.co/ Frame 6BA5 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/1x1.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
last-modified
Thu, 03 Mar 2016 18:47:18 GMT
etag
"1457030838"
x-hw
1631250425.dop033.am5.t,1631250425.cds207.am5.hn,1631250425.cds151.am5.c
content-type
image/gif
cache-control
max-age=24438840
accept-ranges
bytes
content-length
43
/
de.chaturbate.com/tours/3/ Frame 412B
Redirect Chain
  • https://chaturbate.com/in/?track=xdultchannel&tour=x1Rd&campaign=NcAyU&c=1&p=0&gender=f
  • https://de.chaturbate.com/in/?c=1&campaign=NcAyU&track=xdultchannel&gender=f&p=0&tour=x1Rd
  • https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
34 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.101.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550ceb05a502af0ce3dba761deaa8d73c974e8b3a2fafe7cc33da9938111054c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://txn.apac.paywithpoli.com https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Request headers

:method
GET
:authority
de.chaturbate.com
:scheme
https
:path
/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweredby.jads.co/
accept-encoding
gzip, deflate, br
cookie
__cf_bm=edTksf8gvl_n0Hi081CkQ4_HFL0DDekvjdZwjXc2H0U-1631250425-0-AUVKkYkfc9lHRaEhM2V8Z/nyI/tkOvITxV+n129yTl+cdwqFY9UMBXm090MtovPcW6DkS+Z3uoQaQ9UjE5rGG9g=; affkey="eJwdjEsOQDAQhq8isxZVK7FzAQuJA4xOxas0NaIi7i5j9/3PBzgsUCUQ6VzZjLhtdoU0ARwGsR3GGJ2lCYtclxJ4sQstGARHZn9USvn9ssFSf2cz0pGZXUmF/2/dkgjj/nFj6ruD9wP6OiP9"; sbr="sec:sbreca1f6f9-d0fc-48fc-8c13-fea2e637dfd3:1mOYkj:wA_kxMj0dbgp3VoNB90-8qdiaHw"; us_x1Rd=1; u_x1Rd=1; fromaffiliate=1; noads=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
content-type
text/html; charset=utf-8
cf-ray
68c621793d6532b2-CDG
cache-control
no-cache
content-language
de
set-cookie
stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=1\054aDBbcK=0"; expires=Sun, 10-Oct-2021 05:07:05 GMT; Max-Age=2592000; Path=/; SameSite=none; secure dwf_s_a=False; expires=Sun, 10-Oct-2021 05:07:05 GMT; Max-Age=2592000; Path=/; SameSite=none; secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie, Accept-Language
via
1.1 google
cf-cache-status
DYNAMIC
cf-ctrl
Z
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://txn.apac.paywithpoli.com https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
server
cloudflare
content-encoding
br

Redirect headers

date
Fri, 10 Sep 2021 05:07:05 GMT
content-type
text/html; charset=utf-8
location
/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
cf-ray
68c621783c9132b2-CDG
cache-control
no-cache
content-language
de
set-cookie
affkey="eJwdjEsOQDAQhq8isxZVK7FzAQuJA4xOxas0NaIi7i5j9/3PBzgsUCUQ6VzZjLhtdoU0ARwGsR3GGJ2lCYtclxJ4sQstGARHZn9USvn9ssFSf2cz0pGZXUmF/2/dkgjj/nFj6ruD9wP6OiP9"; Domain=.chaturbate.com; expires=Sun, 10-Oct-2021 05:07:05 GMT; Max-Age=2592000; Path=/; SameSite=none; secure sbr="sec:sbreca1f6f9-d0fc-48fc-8c13-fea2e637dfd3:1mOYkj:wA_kxMj0dbgp3VoNB90-8qdiaHw"; Domain=.chaturbate.com; expires=Wed, 05-Jun-2024 05:07:05 GMT; httponly; Max-Age=86313600; Path=/; SameSite=none; secure us_x1Rd=1; Path=/; SameSite=none; secure u_x1Rd=1; expires=Wed, 15-Sep-2021 05:07:05 GMT; Max-Age=432000; Path=/; SameSite=none; secure fromaffiliate=1; Domain=.chaturbate.com; Path=/; SameSite=none; secure noads=1; expires=Fri, 10-Sep-2021 11:07:05 GMT; Max-Age=21600; Path=/; SameSite=none; secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Language, Accept-Encoding
via
1.1 google
cf-cache-status
DYNAMIC
cf-ctrl
Z
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://txn.apac.paywithpoli.com https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
server
cloudflare
44426-1631220049-0933130001631220049.gif
i.jads.co/network/user3107/ Frame BD98 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user3107/44426-1631220049-0933130001631220049.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929973
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
417131dcf90116cd2d7f9cca0b1cd13a8c17e762148061a72f439058a49007b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
last-modified
Thu, 09 Sep 2021 20:40:49 GMT
etag
"1631220049"
x-hw
1631250425.dop033.am5.t,1631250425.cds207.am5.hn,1631250425.cds057.am5.c
content-type
image/gif
cache-control
max-age=31533377
accept-ranges
bytes
content-length
56791
1x1.gif
i.jads.co/ Frame BD98 		43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/1x1.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929973
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
last-modified
Thu, 03 Mar 2016 18:47:18 GMT
etag
"1457030838"
x-hw
1631250425.dop033.am5.t,1631250425.cds207.am5.hn,1631250425.cds151.am5.c
content-type
image/gif
cache-control
max-age=24438840
accept-ranges
bytes
content-length
43
30060-1552595227-0678462001552595227.gif
i.jads.co/network/user93261/ Frame 1F32 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user93261/30060-1552595227-0678462001552595227.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
bb5517c37e577c537ecf458b4562e6e83bf5cfc6e2124572dd4bbc7d1a8a4636

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
last-modified
Thu, 14 Mar 2019 20:27:07 GMT
etag
"1552595227"
x-hw
1631250425.dop033.am5.t,1631250425.cds207.am5.hn,1631250425.cds277.am5.c
content-type
image/gif
cache-control
max-age=31474375
accept-ranges
bytes
content-length
71018
1012384269-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame F230 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s03-in-f3.1e100.net
Software
sffe /
Resource Hash
f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 18:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40580
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 16:34:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 18:02:38 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame F230 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f13.1e100.net
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 10 Sep 2021 06:07:05 GMT
21464-1532017580.gif
i.jads.co/network/user8968/ Frame 3DE3 		789 KB
790 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user8968/21464-1532017580.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d63cbf59894e3df660b7f0f04459c66e1e729795b979e0719dc97d86b9416faa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
last-modified
Thu, 19 Jul 2018 16:26:20 GMT
etag
"1532017580"
x-hw
1631250425.dop033.am5.t,1631250425.cds207.am5.hn,1631250425.cds234.am5.c
content-type
image/gif
cache-control
max-age=31244631
accept-ranges
bytes
content-length
808081
output.c49167668418.css
static-assets.highwebmedia.com/CACHE/css/ Frame 412B 		55 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024588a148fb5b2e0db55d1c71fd4e46d9271f21760e4d38633360922074f29a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1329971
cf-polished
origSize=67263
last-modified
Mon, 26 Jul 2021 19:40:01 GMT
x-amz-request-id
MVSNAS1C02WB3M9C
x-amz-id-2
/59FO7xKLtdlJ7pa4Y+68Qas/GwYGgwFq5QH/4uPmXb9Qu+1x023EpQo1ODfXkL4touJtoowksM=
cf-bgj
minify
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:c4f0cac6d5f4fc5aeb934c375924d954
etag
W/"c4f0cac6d5f4fc5aeb934c375924d954"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akA6JqA%2FDiEkx8cqbPoj5TjsQ7duUod2nyK8XFSAgb0IzEXvxGEoeAQSb6LnwpXkKFW0ixEFwd57EUCIPkQ%2B%2FUSZTXHGQ7is69858GmFyc8SZhwu3T6c2%2B85EjtWeyXTT50shLif9u4GFQfHvj5k3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
68c6217b0fc932c2-CDG
expires
Sun, 10 Oct 2021 05:07:06 GMT
api.js
de.chaturbate.com/cdn-cgi/bm/cv/669835187/ Frame 412B 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.chaturbate.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.101.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kZSBYG%2Fl01Oc3kTppOFGVKeksxU4y6IH8l4865ql1bCI785cx0H7oqNhRR6pULRLu48JUgkLI%2B4hy8mpuskE%2BM8nIoMLKf6UYh7%2FrVuG4rnjIzFuzXZwQPkjO0Tu7jZkorX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
68c6217a6e7132b2-CDG
misscharlotte1.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 412B 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/riw/misscharlotte1.jpg?1631250420
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26102729b924252e6dea7d1b08f156ead3c95b454f57c8c51893c4763033ca1e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22
cf-polished
status=not_needed
vary
Accept-Encoding
content-length
10054
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJQFJ6HMh3Rss1XxIwEEoWyKaDmdE%2BKyuZP3U49h8gvTxAsJDpV9av4o3MNDgEAtc4ViKSFecLNasATQ3bmCCvVlJpH%2BNhywSvfbPy1emSRphkZhhzcbROh%2Bw80RRQZua1T8NdvS%2BfMNZX2c2CXX5C8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
68c6217acd7acdc3-CDG
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 10 Sep 2021 05:07:36 GMT
output.6f6724a00cb8.js
static-assets.highwebmedia.com/CACHE/js/ Frame 412B 		316 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6724a00cb858aa73759829289a3593ec992eb2ce720825bd2239e53dca4d3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1979368
last-modified
Thu, 24 Jun 2021 21:24:05 GMT
x-amz-request-id
P0TSTCCHEKH3AQFE
x-amz-id-2
NWVhJwBKYoL24PHQnOFzxpQLalZE/DLGP59wGYXT+nln4aQdmIgPNqH72WEKShQqObEc5RyrvkI=
cf-bgj
minify
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:a708027bfbbde438a72a93082d4bc4b5
etag
W/"a708027bfbbde438a72a93082d4bc4b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPEa27BfvbyqZPCgUYRFc5K%2BlrDVLkwE2QpbmF2fcx0%2F7UIDcKSU%2FqY7A6pB4tmwJBDz91XasAE2N8KM1AtSD9ICfNXmfDnuPERxre%2B%2FzYdFhFVxoYjEd8suSqZMlZ%2BwEGI1xlFWFRW76cWJ3A9F0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
68c6217b0fcd32c2-CDG
expires
Sun, 10 Oct 2021 05:07:06 GMT
/
glitter.services.disqus.com/urls/ Frame 44EC 		754 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=mrhackerco&thread_id=8765559764&referer=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
73e9e01edd781b24342aabe865aa7c3e3e63d3143afdc0c3135af3b7c92eae45
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
no-cache
transfer-encoding
chunked
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Strict-Transport-Security
max-age=300; includeSubdomains
Vary
Accept-Encoding, Cookie
noavatar92.png
a.disquscdn.com/1631056800/images/ Frame 44EC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1631056800/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
120541
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
content-type
image/png
content-length
1644
x-amz-cf-id
ubKt7S8KHZN03wtHnkGCYvstiRZR3eESttQGFhbt-8eu18LRqmHs4w==
expires
Fri, 08 Oct 2021 19:38:05 GMT
event.gif
referrer.disqus.com/juggler/ Frame 44EC 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=1851&event=init_embed&thread=8765559764&forum=mrhackerco&forum_id=5865020&imp=13sia1df2j191&prev_imp&thread_slug=lockbit_ransomware_hacks_accenture_encrypts_2500_computers_steals_6_tb_of_data_and_demands_50_millio&user_type=anon&referrer=https%3A%2F%2Fmrhacker.co%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ Frame 412B 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6409
date
Fri, 10 Sep 2021 03:20:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 05:20:17 GMT
ico-female.svg
static-assets.highwebmedia.com/images/ Frame 412B 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
818c9c4c368ff40bbc414f8bb3a80990c7208bcf0b45f9d9aa947f1ea2e1eb93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1728723
x-amz-request-id
5FKN5D674TNZXF62
x-amz-id-2
mSTdrj7ZDawPjRjU2oKpfNeWwM7PR237s2kHlWGWiJmf1D3ls7QI/lXJTYLHzZL7257XBOAG5D8=
last-modified
Tue, 09 Mar 2021 22:37:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:304b64c8f4b6c7e0c36c86b419151c45
etag
W/"304b64c8f4b6c7e0c36c86b419151c45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2cPejRFec4yHZcyCAez%2FhsjzBzeDDVuTJr8r4zqWyasz0tW8IQ2OWhbQOVI2vC1556boAovBDCwqybI9KYZz4KWU9XRvc08J7wPxpzDct6S4VhrR1Ud0iM3R70PuEKN3PgXUViKgSBp5PTFpIfFPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
68c6217b482832c2-CDG
expires
Sun, 10 Oct 2021 05:07:06 GMT
ico-cams.png
static-assets.highwebmedia.com/images/ Frame 412B 		549 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1728724
cf-polished
origSize=1457
cf-ray
68c6217b482a32c2-CDG
last-modified
Tue, 19 Jan 2021 22:03:22 GMT
content-length
549
x-amz-id-2
tIa2cISsLBiR+rL0sDD81vvMMWPZn86CFbbi3HNymRa7zRmn/mzhscZrwQfYsVq6gT4aFDKgIlA=
cf-bgj
imgq:100,h2pri,csam-hash
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:58ecd9d7af4908cce84eccd4cbd6f0d0
etag
"58ecd9d7af4908cce84eccd4cbd6f0d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ6KywRuVAT29wbkS%2FNmtTPy7Kw5n%2FjGUbtX%2Fi9uM3BYB7%2FsEHj%2Bkqj%2Bj7dgors%2BIucl92nUXupG5fWJ%2BViLazSl991oTJvTHiX2GQc8zjppRUWOZwtnO3HkgnIe6GrzVEa9xZMLEfsQw9FPzrh0Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
492K2SR8PQK5E026
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/png
expires
Sun, 10 Oct 2021 05:07:06 GMT
ubuntur-webfont.woff
static-assets.highwebmedia.com/fonts/ Frame 412B 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d

Request headers

Referer
https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
Origin
https://de.chaturbate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1979706
access-control-allow-methods
GET
x-amz-request-id
CMHWY4PQ5574RRAS
x-amz-id-2
MP09++orFvEalvNFFQirPGuYsJa+zypc8Bb1YlnT8uYZqOrUleAwGap62ihFQLOlVCTe5eH8q88=
last-modified
Tue, 19 Jan 2021 22:07:55 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:30556905d926944a6ada140546bcf5ce
etag
W/"30556905d926944a6ada140546bcf5ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzSj3l3QOZMfLg5vC8YbEiJGitNTPj4vS%2BPzKPk6ZSDRXwSPpDSZqasRdvvPQ0eDsP5gyCOjzuWuXmvbJSsFI0SN16D5p%2FFN470eGsmm4yF9iui3v7zRUha9Hcr6HcrSyY6TDbr8Ww9MZwThQ%2F29xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
68c6217b7d383b8b-CDG
expires
Sun, 10 Oct 2021 05:07:06 GMT
ubuntum-webfont.woff
static-assets.highwebmedia.com/fonts/ Frame 412B 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e

Request headers

Referer
https://static-assets.highwebmedia.com/CACHE/css/output.c49167668418.css
Origin
https://de.chaturbate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958459
access-control-allow-methods
GET
x-amz-request-id
WXBRTMHQAHPMJYPY
x-amz-id-2
xoNbu8XkoreW9u1JtwUn1qxKHmUyoA7ePZpPiFYiQHPwZv2frwSIjxHFf64U3gmUbsd3hGIerbE=
last-modified
Tue, 19 Jan 2021 22:07:54 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:9968f3d2a16c9ae20a54d0e44ee83d3a
etag
W/"9968f3d2a16c9ae20a54d0e44ee83d3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySaAgAGT7nXsI%2BMZE8E8%2BbRLD%2FKRu3fPE%2BiKjkGq%2BriqU56hl%2FO%2BIS7vgsnOBOQ53h4UFZNH2Hh6S%2Beu0lmnh1Y%2BDot4tYvyw3M%2B18XyAZTocA%2Ff9fAduPPGsI817Eu6OhIq3ONsnmZXdrGB8hNoDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
68c6217b7d393b8b-CDG
expires
Sun, 10 Oct 2021 05:07:06 GMT
pixel
fcmatch.youtube.com/ Frame D731
Redirect Chain
  • https://ejp.rlcdn.com/501709.html
  • https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCPrP64kGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWcyM2FEaWs1dVM1MkNEd2VEZk1xNWFWSGxRemdtY05Pb2RRMWlHaHVRMA==&google_cm&gdpr=1&gdpr_consent=CPLPDEMPLPDN_ADABCENBoCsAP_AAH_AA...
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrvj...
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrv...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrvjRO_pQOWQ
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
fcmatch.youtube.com
:scheme
https
:path
/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrvjRO_pQOWQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default

Response headers

content-type
image/png
date
Fri, 10 Sep 2021 05:07:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqOzVaLCmo0dbTX2Tep72G1j-d7cHJZKnv6vmUBw011PFX1NZ2eeaCW-_GEmQEt66Qrq8YIUkr-3A69XsmHu2nKJKRuYn6Mvv7WVTa5uZswqXav0NuzKYC7xB_3qXg-4xXPyVdqcqPgv6NTORhrvjRO_pQOWQ
date
Fri, 10 Sep 2021 05:07:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
403
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.html
live.rezync.com/ Frame 3FC0 		507 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qn4bu2ib5tep&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-95.lhr61.r.cloudfront.net
Software
lighttpd/1.4.33 /
Resource Hash
ebb4523e6fd25957b910c11b5ba68dfa98ff1a2f6c84af1454d31a4bb56c59f3

Request headers

:method
GET
:authority
live.rezync.com
:scheme
https
:path
/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qn4bu2ib5tep&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default

Response headers

content-type
text/html; charset=utf-8
content-length
507
date
Fri, 10 Sep 2021 05:07:06 GMT
server
lighttpd/1.4.33
set-cookie
zync-uuid=9ae06846-78d2-4ad7-a6a8-3dda45ea3ba3:1631250426.28; Domain=rezync.com; Expires=Tue, 08-Mar-2022 22:07:06 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVyrEKgzAUQNFfKW920GgXoUPBdGoUixBeF6kabKKmapKhEf-9drsXzgb1LNbppYW2kNrViQDaUR5nIN2gk2ZxR0EbxYtOGkdkc7Zihj0AI4yRH13L7i9PzaEKfhtZhkmeoc39e2AyDJGX8Z1TglVvGXkMWJXRk1OPE_WFooR5-s2ra8gUOqb6C-z7D9ozMfU.FBx5eg.iXhYdjsd7sdZZ8inkMppcjjqNPs; Expires=Wed, 09-Mar-2022 05:07:06 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache
Miss from cloudfront
via
1.1 c50e6c45c49371a5ebc690255500593d.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
4zMF_UqK6Nax0akSWp5zrI64QqPXKfo7VpQG29c4JBUgcT1W_RCiQA==
/
io.narrative.io/ Frame 44EC
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac13qn4bu2ib5tep
  • https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qn4bu2ib5tep
  • https://io.narrative.io/?io.narrative.guid.v2=f189b8f0-11f4-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qn4bu2ib5tep
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=f189b8f0-11f4-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qn4bu2ib5tep
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.127.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-127-107.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:06 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=f189b8f0-11f4-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qn4bu2ib5tep
Date
Fri, 10 Sep 2021 05:07:06 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
/
io.narrative.io/ Frame 44EC
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac13qn4bu2ib5tep&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data...
  • https://io.narrative.io/?io.narrative.guid.v2=f1860f70-11f4-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac13qn4bu2ib5tep&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-h...
35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=f1860f70-11f4-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac13qn4bu2ib5tep&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.127.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-127-107.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:06 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=f1860f70-11f4-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac13qn4bu2ib5tep&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
Date
Fri, 10 Sep 2021 05:07:06 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
result
de.chaturbate.com/cdn-cgi/bm/cv/ Frame 412B 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://de.chaturbate.com/cdn-cgi/bm/cv/result?req_id=68c621793d6532b2
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.101.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-NewRelic-ID
VQIGWV9aDxACUFNVDgMEUw==
tracestate
1418997@nr=0-1-1418997-24506750-db6292d0b0330ca0----1631250426185
traceparent
00-76361641845e8f603f3de2395a450720-db6292d0b0330ca0-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE0MTg5OTciLCJhcCI6IjI0NTA2NzUwIiwiaWQiOiJkYjYyOTJkMGIwMzMwY2EwIiwidHIiOiI3NjM2MTY0MTg0NWU4ZjYwM2YzZGUyMzk1YTQ1MDcyMCIsInRpIjoxNjMxMjUwNDI2MTg1fX0=
Content-Type
application/json
Referer
https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd

Response headers

date
Fri, 10 Sep 2021 05:07:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSsmI5VzPhgjWTzwoXiE1gB7pW6Focm7V5LHeMSoMYKjcLpC6F5o72SkN%2BuVts2REzffC%2FUQoZVOZEeYf%2BTO1CTB2jBDa92JoSTybBaDiX%2Ff9ihGJD7EMwKhBQ159r1B8c2S"}],"group":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
68c6217bcff532b2-CDG
nr-spa-1210.min.js
js-agent.newrelic.com/ Frame 412B 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding
gzip
etag
"d5eff122d09ab2c851fb1780f0287cbf"
x-amz-request-id
B8QMTPR75V5Z4GRG
x-cache
HIT
content-length
15563
x-amz-id-2
tKCNGqOtFrX1wcERsjXgFggUdx1CsHy3qifsNvKr4XioQUExnWtpuimFq6jyo1VQiJpt8e5OkJA=
x-served-by
cache-hhn4080-HHN
last-modified
Tue, 22 Jun 2021 22:47:08 GMT
server
AmazonS3
x-timer
S1631250426.232734,VS0,VE0
date
Fri, 10 Sep 2021 05:07:06 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5088
6f524845d1
bam-cell.nr-data.net/1/ Frame 412B 		49 B
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/6f524845d1?a=24279235&v=1210.e2a3f80&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1123&ck=1&ref=https://de.chaturbate.com/tours/3/&ap=24&be=862&fe=1089&dc=997&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1631250425120,%22n%22:0,%22f%22:666,%22dn%22:666,%22dne%22:666,%22c%22:666,%22ce%22:666,%22rq%22:667,%22rp%22:845,%22rpe%22:848,%22dl%22:850,%22di%22:997,%22ds%22:997,%22de%22:997,%22dc%22:1088,%22l%22:1088,%22le%22:1089%7D,%22navigation%22:%7B%7D%7D&at=H0ETGw9CEwBfVg89BQgCAUoXAxMgf3YvTisrMDIbGRtEAG5dBBQKBwY5TUxJVEMLGwUHEA8XCUkXFRMSWE0EPQoAQVwIGRtYEW5XBBYUCxENGw8bQwRdUAAADwELCUpBUF8GH1oOD0FIQQ9JalhCDxMDV1BVUVJKG1BVWAZYWw0HPBcTClBBZkUEQk0SQFlGQyJKVk9DIwAZJREAEhEkCxV9QgJHSyNRQyAQBU9HewVBExVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPRExUZl4Sbk8EEBANDAgbDxsAURMVQwAGFxc5XkBcQhJuXgQNQV5BInwXFRMIQWYCDRYKFxRAFwMTJXQbTUAGCAoBUFdVVD5CSQ0LFzsXA0pBSm4PQhtbQEMAChVaWk9UE0hmEQMEAUNEFRdaXg1eSz4PDAAGRAMXVVgGWU0MDQcBQUobQEpUE25QBUBZVE9EUEVmWBJBG1tALQEXFktaTVQCRRtNQBEBEhNcRk1uCV5KFUBZRgcDF1ZRUBVESwMDFwFNBVZYGx1DQ1wQFwYXFzlUUE1ZDlUbW0AkITdEFRdJUBNQVBJAWUYYOhtWZRNbEWVDUz9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtSXF8FVEs9QFlEP0RfaRsdQW0bBQsQBQEKXGpKXhRfXT1AWUQ/RAlpGx1BbRsRPkFeQzobBWUTTRFlQxYMERE6Gw8ZbUNJCDMGP0YeRBUXUEE%2BUEoPPQwWBEQDF3d0NWFrLjYmJzdLDwcPBFATFUMXAjsMFWZTWFwIXUBDWEEzCghdWk5CQx0bFBEGFg0HVFAbC0NuZgAMDAo8ORsZG3InbnsOFiYcFxRYFwMTB1BVEgdPAgIKSlAbHUNyfz4gDBBBXAAGFRMUUGYDEAwTEANLak9UE0JQDgxBXkFfCxsJH1UECFRAT0YKFmZWVkQPRUsYPQALDQBQUVxfAlQbW0BaVEFKG0dcUA1uUBFAWUZRVw8bCAJQHwhQU01VVFIbGRtTE15OEgcROwoCGw8bVAJQCAdUBV1OAglTWhxVCV8CT1sHUlUUU1xQU1QPUlUHAgdVGxkbWBFuWg4MDQEAElBaV24VSEkEQFlGIAlLRVZDAEVcQ05BEQI5XVBPWAJUZgcDDg0PHxsPG34VWVwTQE9GAgVNXE9UPkJJDQsXOxcDSkFKE1sTGSURABIRJAoVGx1DQ1wHBxEBEUQDF1FFFUFKW01MFAwRXEdcVQNIFwsDBxdNBVYaGx1DRlU%2BCgwXF0QDF11UT1JRABYWFgEHTVAXUg5cG01AEQESE1xGTW4RUE0JQFlGTBJWQEtCTgIWQ05BFwoBV0BJbgVQTQRAWVRPRFtQSkU%2BVkwEERA7ChYbDxsDUAcXUFFSSlJXCBsIBlUTFUMLEzsWFVxHZkUYQVxDWEEMDBVNXFdWQx0bCBI8CxEBWFtQSwBFUA4MQV5BKFxBSUMORVwCFkFIQQFQQWZSDlxUCBZBXkEADg0PBlcBAAMABgBBShtAWG4SRUsIDARGWUR0WkNYDV1YTldNVENOblxXVQ5GSkEsN0RSVhcFAhE2WFdXVlhEG1ANHBlwEUFVBDUGBigPTRoMAlYfCldCSy8rMnR5FRENWFIEQiQBAA1WHBlyCUNWDAdMXVFICRsNBFAEF1BXWkQwB19US1hOBApWTFBSQUobdn9uM1BAQ1hBUlsFDwcIBlgFDwQBUFYBVBR2fXZDHRsUAzwGEQlORlxDPldYDAsPHUFcG3ZRQw5cXEMfHg%3D%3D&jsonp=NREUM.setToken
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:07:06 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVXCgYEXVFVFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoFC10NVnRMB05WAhtDUwZbClYFUlNRVFJTUQQGCkBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
68c6217c5a1b3b7f-CDG
501709.gif
idsync.rlcdn.com/ Frame 3FC0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=6030769929203125969
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9ae06846-78d2-4ad7-a6a8-3dda45ea3ba3%3A1631250426.28&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc13qn4bu2ib5tep
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qn4bu2ib5tep
0
0
501709.gif
idsync.rlcdn.com/ Frame 3FC0
Redirect Chain
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9ae06846-78d2-4ad7-a6a8-3dda45ea3ba3%3A1631250426.28&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316022945603513
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qn4bu2ib5tep
0
0
6f524845d1
bam-cell.nr-data.net/events/1/ Frame 412B 		24 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/6f524845d1?a=24279235&v=1210.e2a3f80&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1306&ck=1&ref=https://de.chaturbate.com/tours/3/
Requested by
Host: de.chaturbate.com
URL: https://de.chaturbate.com/tours/3/?c=1&campaign=NcAyU&gender=f&disable_sound=0&p=0&tour=x1Rd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://de.chaturbate.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 10 Sep 2021 05:07:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://de.chaturbate.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
68c6217d3b3a3b7f-CDG
Content-Length
24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929956
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929973
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929979
Domain
syndication.twitter.com
URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1631250424436%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22no-results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22MrHackerCo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MrHackerCo%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227f387e8%3A1629148491542%22%2C%22item_ids%22%3A%5B%221425447533598453760%22%5D%2C%22item_details%22%3A%7B%221425447533598453760%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929967
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/501709.gif?partner_uid=c13qn4bu2ib5tep
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/501709.gif?partner_uid=c13qn4bu2ib5tep

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect boolean| originAgentCluster string| et_site_url string| et_post_id function| et_core_page_resource_fallback object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint undefined| $ function| jQuery function| gtag object| dataLayer function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| disqus_shortname string| disqus_title string| disqus_url string| disqus_identifier object| addComment function| ResizeSensor object| __twttrll object| twttr object| __twttr object| monarchSettings object| NiceScroll object| jQuery11240668038072833236 function| retinajs function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| boxzilla_options object| Boxzilla object| google_tag_manager function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data string| GoogleAnalyticsObject function| ga function| disqus_config object| DISQUS function| disqus_recommendations_config function| addEvent function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| gaplugins object| gaData object| DISQUS_RECOMMENDATIONS boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16312504244686 object| vglnk undefined| vglnk_16312504249697 undefined| vglnk_16312504250559

26 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mrhacker.co/ Name: __gads
Value: ID=c212b0a685cd7706-22e84ff70bc90007:T=1631250423:RT=1631250423:S=ALNI_MaPpeMt_KQYEpG14KM6ORt34LiWDg
.mrhacker.co/ Name: _ga
Value: GA1.2.1351541086.1631250424
.mrhacker.co/ Name: _gid
Value: GA1.2.168649279.1631250424
.disqus.com/ Name: disqus_unique
Value: 13qn4bu2ib5tep
disqus.com/ Name: __jid
Value: 13qn3sj29iamr9
.google.com/ Name: NID
Value: 223=t6H0Nj9lscFz-OmAJP5-EEfZ7OzCdcWBu8a-E84FHc0l_YNK2nkJp13pISw_mtSb92IRoIXgXsHeUfR_VNIyVSCarZW094EScFdHu59jpnE5Cn0hNZ4m3axYZQS2pkhZuXCX3c7Md5wWLV-ZdrmfXy7iJK8m9jrkEvC28I-wDGE
.chaturbate.com/ Name: affkey
Value: "eJwdjEsOQDAQhq8isxZVK7FzAQuJA4xOxas0NaIi7i5j9/3PBzgsUCUQ6VzZjLhtdoU0ARwGsR3GGJ2lCYtclxJ4sQstGARHZn9USvn9ssFSf2cz0pGZXUmF/2/dkgjj/nFj6ruD9wP6OiP9"
.chaturbate.com/ Name: sbr
Value: "sec:sbreca1f6f9-d0fc-48fc-8c13-fea2e637dfd3:1mOYkj:wA_kxMj0dbgp3VoNB90-8qdiaHw"
de.chaturbate.com/ Name: us_x1Rd
Value: 1
de.chaturbate.com/ Name: u_x1Rd
Value: 1
.chaturbate.com/ Name: fromaffiliate
Value: 1
de.chaturbate.com/ Name: noads
Value: 1
de.chaturbate.com/ Name: stcki
Value: "pOtSwZ=0\054FqPd9a=0\0546pduSG=1\054aDBbcK=0"
de.chaturbate.com/ Name: dwf_s_a
Value: False
.chaturbate.com/ Name: __cf_bm
Value: QVac.GBay4NFWXvRYXf._OonVXTEw8cTGLOf36CDGco-1631250426-0-AcdELIrR42XbDWlhzhnkK1fyNX8G2s5UsUutn0WZVEAQDfCZMBqQwnEvzJJmIBAfkY4dAdNmL+VKRsNquGwXdhDejTqyY59YfAMJNbNvXQ9GfmRoiib5wYXs/HWYvkklTIh0NWX4pV5dIg+ZH2ON74MU8VBlejzcR+Z1gQ2g7had
.rlcdn.com/ Name: rlas3
Value: wd57TLlH9IOEnYJC+RzB8FQ6KoTTiMeFuiQ6CAUOWKs=
.rlcdn.com/ Name: pxrc
Value: CPrP64kGEgUI6AcQABIGCL+2KxAA
.rezync.com/ Name: zync-uuid
Value: 9ae06846-78d2-4ad7-a6a8-3dda45ea3ba3:1631250426.28
live.rezync.com/ Name: sd-session-id
Value: .eJwVyrEKgzAUQNFfKW920GgXoUPBdGoUixBeF6kabKKmapKhEf-9drsXzgb1LNbppYW2kNrViQDaUR5nIN2gk2ZxR0EbxYtOGkdkc7Zihj0AI4yRH13L7i9PzaEKfhtZhkmeoc39e2AyDJGX8Z1TglVvGXkMWJXRk1OPE_WFooR5-s2ra8gUOqb6C-z7D9ozMfU.FBx5eg.iXhYdjsd7sdZZ8inkMppcjjqNPs
io.narrative.io/ Name: io.narrative.guid.v2
Value: f189b8f0-11f4-11ec-a833-0aa6849ebafd
.adnxs.com/ Name: uuid2
Value: 6030769929203125969
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMrI0MTUzMDY1NBbiM9TNMkr0i4wy9QrNjQqS4jU0MzY0MjUwMTIzMTYFACXWrUo0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMrI0MTUzMDY1NBbiM9TNMkr0i4wy9QrNjQoCAPy_cmolAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAAXBwRHAIAwDsE_XSQ-cYALbmAuLdPJK34Ol25hBm1mwUE0TleZVinHlR747vWO0AF_kD5uZTQA1AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAEXHuRGAMAwEwAqIXIcY6_FZ0M155IYIqZaQzfZpdnF3ZEBmlkmwphBM8SrG2PRFvxWuNnoYTsu3Hf-h_gH0j5ioRQAAAA

15 Console Messages

Source Level URL
Text
network error URL: https://ad.a-ads.com/1313465?size=728x90
Message:
Failed to load resource: the server responded with a status of 577 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423369&bpp=5&bdt=5262&idt=284&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7590584911786&frm=20&pv=2&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BXZJVSGAEG&p=https%3A//mrhacker.co&dtd=292
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423374&bpp=1&bdt=5266&idt=341&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=gNEuJPMBF1&p=https%3A//mrhacker.co&dtd=346
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250423&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250423375&bpp=2&bdt=5268&idt=359&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=7590584911786&frm=20&pv=1&ga_vid=1351541086.1631250424&ga_sid=1631250424&ga_hid=1437038971&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C31062297&oid=3&pvsid=3716145172322612&pem=339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Sm9bps8Od1&p=https%3A//mrhacker.co&dtd=362
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1425447533598453760&lang=en
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2020%2F04%2Fhow-to-get-windows-10-2004-release-preview.jpg&key=VkcfeckCrYChI1IL-3gBzQ&h=200
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://fcmatch.youtube.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
accounts.google.com
ad.a-ads.com
adservice.google.com
adservice.google.de
adsxyz.com
apis.google.com
bam-cell.nr-data.net
c.disquscdn.com
cdn.syndication.twimg.com
cdn.viglink.com
chaturbate.com
clipsex.online
cm.g.doubleclick.net
connect.facebook.net
de.chaturbate.com
disqus.com
egirlgirl.com
ejp.rlcdn.com
fapbest.com
fappinghd.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
googleads.g.doubleclick.net
i.jads.co
idsync.rlcdn.com
io.narrative.io
jav1080.com
javbest.co
js-agent.newrelic.com
links.services.disqus.com
live.rezync.com
mrhacker.co
mrhackerco.disqus.com
netdna.bootstrapcdn.com
noticiasseguridad.com
nude-hot.com
null88.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
pagead2.googlesyndication.com
partner.googleadservices.com
phancongkhanh.com
platform.twitter.com
pornbebes.com
porns.photos
poweredby.jads.co
referrer.disqus.com
roomimg.stream.highwebmedia.com
secure.gravatar.com
sex4viet.com
ssl.gstatic.com
static-assets.highwebmedia.com
static.a-ads.com
syndication.twitter.com
thesexscene.com
tongdongkhue.com
www.effectivedisplayformat.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.securitynewspaper.com
xdultchannel.com
idsync.rlcdn.com
poweredby.jads.co
syndication.twitter.com
104.16.163.13
104.16.94.42
104.18.10.207
104.18.101.40
104.19.241.83
104.21.21.162
104.21.235.52
104.21.25.241
104.21.3.136
104.21.4.127
104.21.59.46
104.21.60.175
104.21.62.171
104.21.64.18
104.21.88.2
104.244.42.200
142.250.74.109
142.250.74.110
142.250.74.130
142.250.74.131
142.250.74.138
142.250.74.142
142.250.74.46
142.250.74.66
142.250.74.98
148.251.1.246
151.101.112.134
151.101.112.64
151.101.114.137
151.101.114.49
151.101.128.134
162.247.243.146
172.217.21.163
172.67.147.50
172.67.164.18
172.67.164.36
172.67.175.114
172.67.204.82
172.67.208.52
172.67.213.190
173.255.249.236
185.60.216.19
185.60.216.35
185.94.236.246
192.0.73.2
192.124.249.55
192.229.233.25
192.243.59.12
216.58.207.232
216.58.211.2
34.250.127.107
35.244.174.68
54.76.227.154
69.16.175.10
93.184.220.70
99.86.116.33
99.86.116.95
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
024588a148fb5b2e0db55d1c71fd4e46d9271f21760e4d38633360922074f29a
0683a1add44ec1b469bed17240e847c6b1bf0746e7ee287f9b9b33cb5adbf8fc
07aa1437b73b702e4fd27db55e676455653762882c782440309ba4534050928a
090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88
0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31
0b56ce20fe245aec9d7edace03deb7971d8be11bfbe723305347c1cd67622a3f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
11358d2115817389c001cc4e11e470ded0caa3999b0cc923c4c7c1459d36c345
11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e
12f6bc9b28e5238dbfcf8d8b3027024e97e1c92888e387aa57808e282528256c
14ee10387bd3e877794228db2892115d6be65ed86de5da64dd94a66710418ac2
1520a035130dd251491a4d3a225f9df6b4614e5e734f207afba4ab643c2bc46f
189f9e055dd25823d14b06678036d41865d143d8ca4813fe97c08db4eb21e851
1a9b2621dcaa88ed6a5d03a96cf38e466a9c2928e5fae60b5b977a33f8b63460
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326
227365258106f73bc8761237c88b38ffbca65361aa95b865709657406eae1459
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
23784bc09df3bf670e055d89cac3953bec965fd2798e7ceea9bc0751f8c3f7c8
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26102729b924252e6dea7d1b08f156ead3c95b454f57c8c51893c4763033ca1e
26d788a2a593ee53a9126a76e00b1085b83c238ac207d89666ab75f855231f14
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
28cad4d2706759da473a781f88e9a39db97003858b646a2d30e87a3ca49b1291
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
305daef39f0eeb367fac9fed5f4ecdd67cc9fcce8b0b5e90484c4fffa6a5444e
3085fce880c4fead5c7a600c73bb559d58f3ee5a894e4d32a8407c20061045f7
34be9c92d57ca29addff71fb9cd4e9b8dc985bb5efa65bb1d44741b78913d004
34eef18721ad9fb3e5cd9a4b1cf747ae67779d00ba8dd543683abcab5612e097
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
383576f16a9b11bf23ca3df7a5357f7765a9842fb9f9a31bcaca3e2faf28b01c
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
417131dcf90116cd2d7f9cca0b1cd13a8c17e762148061a72f439058a49007b0
41faa68378a6c68e19722b376992653598878b6633da16992e9d66a4fb15ef3b
421f720278f84ac7e6429333b96f14f94756b1f0343f0236fac7307bac68b718
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
45458c5cfa0ae1e6992b40d920661a7107510f24e5c96f4b2f160d9939d946d0
460ae51398ed855ccda6738a02de06edc882e5d85f643d3d793fee9bda6e9781
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
4cffc9fd54d6c8feaa9ae31753f2aea39f5c3c5ed7e30da1da398946ac0096b5
4e8535a88d619b2912d96dbcc3d7cfc29b2fcee30cf338af808c41dfce0c0aa3
4fd742be38ac199103233a2941007f4a6f1c4b39090ea67b23ce0da8fcc3f1b1
5074a59b6249ed4ff9c12862d43a0b8668a47832ac5cf4762788878628030275
51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a
52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb
52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
536f9d0e99ffd16f186508e7d9840e5c97c5d10e62755549772d10a150c13828
550ceb05a502af0ce3dba761deaa8d73c974e8b3a2fafe7cc33da9938111054c
553d3982d9f510a165f384512122570431df82d015502771e79b9823a805d94f
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
65374b2938dd614dff5073c58272259c9d1b3f966f25ed74b5c619360d6b3b51
65b6121a4267cf53a8d9446dbc4c346131d0941463e2f3b1fef9e2d30515cfab
669e9517e16de747cabb78e5c73ef45830054a806170f37801841ed5b3b6689a
66adfd9392bf49bf0157e17151474cb7c64ea79f69c4ddb49222a31e85ec316c
676311b41a8a21162d8187ce2b2ecb7c652888635cc52967a9aabff9ef583d2b
6ea5ae441130287eb5d58aebb3425bd80c9836d3c51e5e04e293cae2188b1bae
6f6724a00cb858aa73759829289a3593ec992eb2ce720825bd2239e53dca4d3f
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
735390a173579c143e2936e08e55c4d274a0bd12a4417a76a5a46dc399c47b2c
73e9e01edd781b24342aabe865aa7c3e3e63d3143afdc0c3135af3b7c92eae45
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
781e8f9c4513bc8da98aa3ff8d846d03a0727bde47ee00002d2de1c1f70cf6e4
78c79e23d01338e445396a10bd38a3fe925037dd6986d5cb1d3894e920292ca6
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7f7e5b7357faea48e8742fb8535313bd5f478e1b9947bc15644ce183d56dc9d7
818c9c4c368ff40bbc414f8bb3a80990c7208bcf0b45f9d9aa947f1ea2e1eb93
8208bfc115f6706dd34d4912eb29e2ad3f98a9d1d0cff0e962ae28b446f73e7e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
93e18f2f4e1a2af8839f0ee4900990890090742ac52482ea811f1fe41ef5556c
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
95ca28dd8b7551c6f06b09458b7b5561513904c23be68308603ca6b3bcdb5960
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9fc553e158247ab66c00705075038b54b65b0d57cf7f959415d01508831ab54f
a0e15885d6d7e1694c5d7cdaff3ed800baabe7359ddf0e70f632b903ec624fb9
a2248e33b59316bddc605ad6900d7ff85899738c99170c6a8355712b97582661
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9
a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e
abbdecd37a8fb8bbd8b6bcf2a32288fa6aab4a0d0d71d46f8c475fc5307f3979
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
ae33dd22d81c7494fa59404d4dcb6e28dd2bc0346494efde5bbc630301d1592a
b1c6de876f936b993353635b9644e18e428e1fd7cb629804410064a7a76fc38c
b4b322a1c204d7612c309926c7f9eb95d2c87a7ed5dcfa40ccb9ff633b476d70
b61df0fc2c152857b8b8a83ba6cd2090d8aadca63d178fcfc7c3348c517a5861
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5517c37e577c537ecf458b4562e6e83bf5cfc6e2124572dd4bbc7d1a8a4636
bb776e4e7499c2a01783aaeafd98641ea731c2d2da8ed9bb20cef55cd50b863b
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139
c60dfaf4d68247d23d28f56642945518dc7481ce4fba6b1f908857f497a4c614
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8433d71525148c4a1b61549a8bff4a3091c6b29e40a77f150abd0a550586c98
c953490be90a1e661e731eed1b5b5b07d20a3d23806cc81d641c383e99422c2d
ca9c2a4d4a9f426ff1d084e5c2d21d29204aa72045e0406225f02e82e75d6670
cd132cc11b4c3feea41adf4d06a10f935dc9bf596dfa23d6f48ccb8fe2d44bb8
ce5e06b88f576dd0ddf5693390149a7264893d1bb9e5fd3285e8a64c3841794e
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
cf2a787d02d55f53c9bc7afc9c1bbd09607676ef6d4fd53d3e3f2f33c879b1c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56
d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11
d1620b335106648e07549c61c2ad16e8522e7a62c65d29869fb33071cee62060
d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95
d63cbf59894e3df660b7f0f04459c66e1e729795b979e0719dc97d86b9416faa
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
da219bb96735df3f7e25c37d5e597a3a1296f3689a8cbccb60e92cb58b3afecb
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db14602ee127745c10e770de87385f7fe89fe8f3399f8339057d97a1f4af590a
db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
dd819f8eba0b56e52c8583bf1db1b5bbeec52504bef12ef0b325013b68977901
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e15fa8b31f370b5358ecd7bb58d2035def976deec92337bc9c76293e377c52fc
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
e2e1b64507c8e03581b958717b74ea4f9df546187e1477ff33f2ad65dbdfcb16
e32c2b4173888243555c41b68a80f48a4aa18847d10a465c029db6042d52ea5c
e33ab36f8dd445e60f43e39b3a4d37f0eeb91647d65a665e0e1cf15d5a76b91c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e71fa614171fdf7f3eee87e6198d233232fe2d73e7cc75cb30722c00000738
e7fecca72827ce8c5a96210fa24127e276ddbd52856b9e07a1c51752e111691c
ebb4523e6fd25957b910c11b5ba68dfa98ff1a2f6c84af1454d31a4bb56c59f3
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8
f15bf7b7bffb21d686d5cfff04ee3d8dd0a6c8caf742b375897d43a709ed78ee
f2bd3b8efd0335c133b5427ed54e08d10a89f13714e22916fe79219a1a1f3150
f2f7c7d3f411947762dedb0f0557a9eba5d8fbfdce49a3ed2b8794a9fcec544b
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b
f64f60433b4f5da1b4da833c5107f1706b4dc066e99c0e77be10c8347357c6bd
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
f953f0067679d91921ab7dba0e7da174c7c2b0256d97329535690e1a148b86c8
f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c
fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc
fd110802bfc94a315236b952fc20ee920c1cf886b9526ffad1ee4ff9057d2394
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffad8419f85c15cf2cc8ae98d79e4c1c395ec6491924ae92900d223131a50175
ffe4bb4cb364bdafa7922232219191f095cf7ff16ad22b9b679c284632248165