urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Submission: On June 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 7 countries across 47 domains to perform 296 HTTP transactions. The main IP is 104.20.59.209, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.59.209 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
39 104.24.0.61 13335 (CLOUDFLAR...)
10 2a04:4e42::645 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 2.18.232.15 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:200... 16509 (AMAZON-02)
7 35.226.36.58 15169 (GOOGLE)
1 13.35.253.108 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.35.253.27 16509 (AMAZON-02)
1 104.24.1.61 13335 (CLOUDFLAR...)
11 216.58.206.2 15169 (GOOGLE)
2 13.35.253.107 16509 (AMAZON-02)
1 2600:9000:204... 16509 (AMAZON-02)
1 54.175.89.167 14618 (AMAZON-AES)
1 23.227.137.154 55081 (24SHELLS)
3 35.188.71.214 15169 (GOOGLE)
1 13.35.253.51 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a05:f500:10:... 14413 (LINKEDIN)
2 151.101.1.140 54113 (FASTLY)
2 34.230.118.21 14618 (AMAZON-AES)
19 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.162 27281 (QUANTCAST)
2 2.18.235.93 16625 (AKAMAI-AS)
1 3 96.17.200.131 16625 (AKAMAI-AS)
1 2.18.234.163 16625 (AKAMAI-AS)
2 54.173.215.67 14618 (AMAZON-AES)
2 7 173.241.240.220 36089 (OPENX-AS1)
1 34.195.70.133 14618 (AMAZON-AES)
3 2a03:2880:f02... 32934 (FACEBOOK)
26 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:204... 16509 (AMAZON-02)
1 2 216.58.208.38 15169 (GOOGLE)
1 52.19.153.98 16509 (AMAZON-02)
3 2a03:2880:f12... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
14 3.81.251.174 14618 (AMAZON-AES)
15 54.76.31.118 16509 (AMAZON-02)
1 18.184.23.97 16509 (AMAZON-02)
2 2a02:fa8:8806... 25751 (VALUECLICK)
2 35.202.179.74 15169 (GOOGLE)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 185.33.223.83 29990 (ASN-APPNEXUS)
8 213.19.162.21 26667 (RUBICONPR...)
6 52.59.128.192 16509 (AMAZON-02)
2 35.203.66.107 15169 (GOOGLE)
1 34.198.121.89 14618 (AMAZON-AES)
2 34.203.142.219 14618 (AMAZON-AES)
2 104.75.172.253 16625 (AKAMAI-AS)
5 208.100.17.182 32748 (STEADFAST)
1 1 13.35.253.55 16509 (AMAZON-02)
1 2 52.59.149.28 16509 (AMAZON-02)
2 4 173.241.240.143 36089 (OPENX-AS1)
1 2 104.17.119.107 13335 (CLOUDFLAR...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 104.111.230.142 16625 (AKAMAI-AS)
1 54.231.32.98 16509 (AMAZON-02)
1 52.86.200.205 14618 (AMAZON-AES)
296 70
1    104.20.59.209 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepingcomputer.com
4    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
39    104.24.0.61 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepstatic.com
10    2a04:4e42::645 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
i.connatix.com
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
5    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
7    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
4    2.18.232.15 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-15.deploy.static.akamaitechnologies.com
s9.addthis.com
m.addthisedge.com
s7.addthis.com
2    2606:4700:20::6819:c072 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.pub.network
9    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:200c:600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
1    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2600:9000:200c:aa00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.quantcast.mgr.consensu.org
7    35.226.36.58 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.36.226.35.bc.googleusercontent.com
c.pub.network
1    13.35.253.108 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-108.fra6.r.cloudfront.net
freestar-io.videoplayerhub.com
3    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
2    13.35.253.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-27.fra6.r.cloudfront.net
audit.quantcast.mgr.consensu.org
1    104.24.1.61 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepstatic.com
11    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
securepubads.g.doubleclick.net
2    13.35.253.107 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-107.fra6.r.cloudfront.net
ad-delivery.net
1    2600:9000:2043:6e00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
1    54.175.89.167 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-175-89-167.compute-1.amazonaws.com
core.connatix.com
1    23.227.137.154 (Piscataway, United States)

ASN55081 (24SHELLS - 24 SHELLS, US)
s.adtelligent.com
3    35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
1    13.35.253.51 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-51.fra6.r.cloudfront.net
api.quantcast.mgr.consensu.org
2    2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
2    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
2    151.101.1.140 (United States)

ASN54113 (FASTLY - Fastly, US)
www.reddit.com
2    34.230.118.21 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-230-118-21.compute-1.amazonaws.com
rtb.connatix.com
19    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    91.228.74.162 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
2    2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
hbx.media.net
3    96.17.200.131 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a96-17-200-131.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
2    54.173.215.67 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-215-67.compute-1.amazonaws.com
trk.connatix.com
7    173.241.240.220 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org
connatix-d.openx.net
freestar-d.openx.net
1    34.195.70.133 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-70-133.compute-1.amazonaws.com
cluster-ca.cdnjquery.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
26    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
1    2600:9000:2043:7000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
2    216.58.208.38 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f6.1e100.net
ad.doubleclick.net
1    52.19.153.98 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
5    2a00:1450:4001:809::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
14    3.81.251.174 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-81-251-174.compute-1.amazonaws.com
ssc.33across.com
15    54.76.31.118 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    18.184.23.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-23-97.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    2a02:fa8:8806:13::1460 (Sweden)

ASN25751 (VALUECLICK - Conversant, Inc., US)
web.hb.ad.cpe.dotomi.com
2    35.202.179.74 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 74.179.202.35.bc.googleusercontent.com
ssp.pub.network
4    2606:4700:10::6814:8528 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
i.connectad.io
cdn.connectad.io
2    185.33.223.83 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    213.19.162.21 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
6    52.59.128.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-128-192.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    35.203.66.107 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 107.66.203.35.bc.googleusercontent.com
dmx.districtm.io
1    34.198.121.89 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-121-89.compute-1.amazonaws.com
display.bfmio.com
2    34.203.142.219 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-203-142-219.compute-1.amazonaws.com
sync.bfmio.com
2    104.75.172.253 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-75-172-253.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    208.100.17.182 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip182.208-100-17.static.steadfastdns.net
de.tynt.com
1    13.35.253.55 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-55.fra6.r.cloudfront.net
ib.3lift.com
2    52.59.149.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-149-28.eu-central-1.compute.amazonaws.com
eb2.3lift.com
4    173.241.240.143 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
eu-u.openx.net
2    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
biddr.brealtime.com
edba.brealtime.com
2    2606:4700:30::681c:13e8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.districtm.io
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    54.231.32.98 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    52.86.200.205 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-200-205.compute-1.amazonaws.com
rtb.connatix.com
Apex Domain
Subdomains		 Transfer
40 bleepstatic.com
www.bleepstatic.com
363 KB
26 ampproject.org
cdn.ampproject.org
670 KB
26 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
326 KB
18 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
130 KB
16 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
rtb.connatix.com
i.connatix.com
trk.connatix.com
585 KB
15 gumgum.com
g2.gumgum.com
7 KB
14 33across.com
ssc.33across.com
7 KB
14 pub.network
a.pub.network
c.pub.network
d.pub.network
ssp.pub.network
219 KB
11 openx.net
connatix-d.openx.net
us-u.openx.net Failed
freestar-d.openx.net
eu-u.openx.net
4 KB
9 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
17 KB
9 gstatic.com
fonts.gstatic.com
98 KB
7 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
vendorlist.consensu.org
api.quantcast.mgr.consensu.org
107 KB
7 google.com
www.google.com
cse.google.com
adservice.google.com
2 KB
6 sharethrough.com
btlr.sharethrough.com
1008 B
5 tynt.com
de.tynt.com
5 appspot.com
amp-error-reporting.appspot.com
320 B
5 facebook.com
graph.facebook.com
www.facebook.com
1 KB
4 adnxs.com
ib.adnxs.com
acdn.adnxs.com
2 KB
4 connectad.io
i.connectad.io
cdn.connectad.io
1 KB
4 districtm.io
dmx.districtm.io Failed
cdn.districtm.io
536 B
4 googleapis.com
fonts.googleapis.com
3 KB
3 3lift.com
tlx.3lift.com Failed
ib.3lift.com
eb2.3lift.com
765 B
3 bfmio.com
display.bfmio.com Failed
sync.bfmio.com
566 B
3 facebook.net
connect.facebook.net
71 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 googletagservices.com
www.googletagservices.com
66 KB
3 addthis.com
s9.addthis.com
s7.addthis.com
185 KB
2 brealtime.com
biddr.brealtime.com
edba.brealtime.com
504 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com
1 KB
2 media.net
hbx.media.net
7 KB
2 reddit.com
www.reddit.com
953 B
2 linkedin.com
www.linkedin.com
2 KB
2 ad-delivery.net
ad-delivery.net
1 KB
2 google-analytics.com
www.google-analytics.com
17 KB
1 amazonaws.com
s3.amazonaws.com
397 B
1 emxdgt.com
hb.emxdgt.com
8 KB
1 postrelease.com
jadserve.postrelease.com
505 B
1 quantcount.com
rules.quantcount.com
1 KB
1 cdnjquery.com
cluster-ca.cdnjquery.com
379 B
1 ntv.io
s.ntv.io
78 KB
1 quantserve.com
secure.quantserve.com
6 KB
1 adtelligent.com
s.adtelligent.com
1 addthisedge.com
m.addthisedge.com
924 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com
15 KB
1 google.de
adservice.google.de
171 B
1 googletagmanager.com
www.googletagmanager.com
25 KB
1 bleepingcomputer.com
www.bleepingcomputer.com
18 KB
296 47
Domain Requested by
40 www.bleepstatic.com www.bleepingcomputer.com
cdn.connatix.com
pagead2.googlesyndication.com
26 cdn.ampproject.org securepubads.g.doubleclick.net
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bleepingcomputer.com
15 g2.gumgum.com a.pub.network
14 ssc.33across.com a.pub.network
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
9 fonts.gstatic.com www.bleepingcomputer.com
www.googletagservices.com
8 fastlane.rubiconproject.com a.pub.network
7 i.connatix.com www.bleepingcomputer.com
7 c.pub.network a.pub.network
7 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
6 btlr.sharethrough.com a.pub.network
5 de.tynt.com a.pub.network
5 amp-error-reporting.appspot.com cdn.ampproject.org
5 connatix-d.openx.net 2 redirects www.bleepingcomputer.com
cdns.connatix.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bleepingcomputer.com
5 www.google.com 4 redirects www.bleepingcomputer.com
4 eu-u.openx.net 2 redirects a.pub.network
4 fonts.googleapis.com www.bleepingcomputer.com
securepubads.g.doubleclick.net
3 www.facebook.com www.bleepingcomputer.com
connect.facebook.net
3 connect.facebook.net a.pub.network
connect.facebook.net
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
3 rtb.connatix.com cdns.connatix.com
3 d.pub.network a.pub.network
3 www.googletagservices.com a.pub.network
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 cdn.districtm.io a.pub.network
2 cdn.connectad.io a.pub.network
2 eb2.3lift.com 1 redirects a.pub.network
2 acdn.adnxs.com a.pub.network
2 sync.bfmio.com a.pub.network
2 ib.adnxs.com a.pub.network
2 i.connectad.io a.pub.network
2 dmx.districtm.io a.pub.network
2 freestar-d.openx.net a.pub.network
2 ssp.pub.network a.pub.network
2 web.hb.ad.cpe.dotomi.com a.pub.network
2 ad.doubleclick.net 1 redirects www.bleepingcomputer.com
2 trk.connatix.com www.bleepingcomputer.com
2 hbx.media.net a.pub.network
hbx.media.net
2 www.reddit.com s9.addthis.com
2 www.linkedin.com s9.addthis.com
2 graph.facebook.com s9.addthis.com
2 ad-delivery.net freestar-io.videoplayerhub.com
www.bleepingcomputer.com
2 s7.addthis.com s9.addthis.com
2 audit.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.bleepingcomputer.com
2 a.pub.network www.bleepingcomputer.com
a.pub.network
1 s3.amazonaws.com
1 edba.brealtime.com 1 redirects
1 eus.rubiconproject.com a.pub.network
1 biddr.brealtime.com a.pub.network
1 ib.3lift.com 1 redirects
1 display.bfmio.com a.pub.network
1 hb.emxdgt.com a.pub.network
1 jadserve.postrelease.com s.ntv.io
1 rules.quantcount.com secure.quantserve.com
1 cluster-ca.cdnjquery.com freestar-io.videoplayerhub.com
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 s.adtelligent.com a.pub.network
1 core.connatix.com cdns.connatix.com
1 ck.connatix.com cdns.connatix.com
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 m.addthisedge.com s9.addthis.com
1 freestar-io.videoplayerhub.com a.pub.network
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 quantcast.mgr.consensu.org www.bleepstatic.com
1 cdns.connatix.com cdn.connatix.com
1 s9.addthis.com www.bleepingcomputer.com
1 cse.google.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 cdn.connatix.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 tlx.3lift.com Failed a.pub.network
0 us-u.openx.net Failed www.bleepingcomputer.com
296 78
Subject Issuer Validity Valid
bleepingcomputer.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-12 -
2020-05-17		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
ssl391376.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-16 -
2019-10-23		 6 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2018-08-20 -
2019-10-19		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2019-08-05		 4 months crt.sh
ssl376957.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-20 -
2019-11-26		 6 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2019-02-09 -
2020-05-16		 a year crt.sh
*.videoplayerhub.com
Amazon		 2018-08-01 -
2019-09-01		 a year crt.sh
ad-delivery.net
Amazon		 2019-03-07 -
2020-04-07		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
s.adtelligent.com
Let's Encrypt Authority X3		 2019-05-19 -
2019-08-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2018-05-30 -
2020-09-01		 2 years crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA		 2018-08-17 -
2020-09-02		 2 years crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2018-12-30 -
2020-03-30		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2018-06-12 -
2019-12-11		 a year crt.sh
*.openx.net
DigiCert ECC Secure Server CA		 2019-02-08 -
2020-05-12		 a year crt.sh
*.assetbucket.net
Amazon		 2018-09-26 -
2019-10-26		 a year crt.sh
misc-sni.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.postrelease.com
Amazon		 2019-05-15 -
2020-06-15		 a year crt.sh
*.appspot.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
ssc.33across.com
Amazon		 2019-04-17 -
2020-05-17		 a year crt.sh
*.gumgum.com
Amazon		 2018-08-28 -
2019-09-28		 a year crt.sh
*.emxdgt.com
DigiCert SHA2 Secure Server CA		 2018-07-11 -
2019-07-26		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-25 -
2020-05-25		 2 years crt.sh
connectad.io
CloudFlare Inc ECC CA-2		 2018-08-18 -
2019-08-18		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.sharethrough.com
Go Daddy Secure Certificate Authority - G2		 2018-09-18 -
2019-11-17		 a year crt.sh
dmx.districtm.io
Let's Encrypt Authority X3		 2019-04-06 -
2019-07-05		 3 months crt.sh
*.bfmio.com
Amazon		 2018-07-17 -
2019-08-17		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2019-04-23 -
2020-02-19		 10 months crt.sh
*.tynt.com
COMODO RSA Domain Validation Secure Server CA		 2014-10-14 -
2019-10-13		 5 years crt.sh
*.3lift.com
Amazon		 2018-07-31 -
2019-08-31		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2017-03-22 -
2020-03-22		 3 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-12-03 -
2019-10-25		 a year crt.sh

This page contains 34 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Frame ID: D158DE8A00F40D249BB55DB0CDE67E13
Requests: 196 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Frame ID: 91E49B1137A85BEE9323891602C267EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190528/r20190131/show_ads_impl.js
Frame ID: 3AA75FF41EB87E3B55A1C8E4B28087CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190528/r20190131/zrt_lookup.html
Frame ID: 1DBC7910DBC55678B45622D54FBAFB31
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v18/cmp-3pc-check.html
Frame ID: 38BE85D5E0D4C4BDFD1F22A7CE88D34B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=1199975128&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1559048143&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1559576490852&bpp=120&bdt=1854&fdt=909&idt=910&shv=r20190528&cbv=r20190131&saldr=aa&abxe=1&correlator=5496692523214&frm=20&pv=2&ga_vid=1804342404.1559576491&ga_sid=1559576492&ga_hid=664172114&ga_fc=0&iag=0&icsg=8933534605312&dssz=42&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=14539&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.do3sk2f1afcq&fsb=1&xpc=KelIhkTLUC&p=https%3A//www.bleepingcomputer.com&dtd=1140
Frame ID: 929DE2782289839ACE0E2D45540131BC
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=410295
Frame ID: 7B61CFC221CED22BF3AA8D3563ADCACA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Frame ID: 026896F0EEF7EC91D0F793DC6B093D8E
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Frame ID: A48263F663546E235C3045552EC0A042
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Frame ID: B9A43A562F9FCCBE401365E00ADFA53A
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Frame ID: F77608B0E731A9BBEA16D25DAB8ADAAF
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5UND16PqR18S4L9HOYAMFHVcnEcRZ9Jt2uAoqJOQR9gs28Pg8PxoW1N7qupWP_yPPYdmCVJXKvzvk6OM6odHuNs0Hhc6rpbiDVb5y_VPiWGUaZlcWmD4pszY1vwrvvjye3svdtgYzyPTUy3jtOVddFk77vYbIgvZLwUig4NTD1UwYnGvMj5Amm6_4s-BG7bVTIcpXvJxlaLZuBcIA65fwbrZr2B7O8jgvFcIC3xEDWDb4Ypr3dx3x5s1v_aPJDzPOMSNfM519LmJ_TCFXEyZ2CFIE&sai=AMfl-YRp-Gs56QITAELIu5CjOERx139MLjL3rAT07fyzwdkh6sPPO-gmGZnyoxtb9DQNc7FH00MVM7J-kNA9YvuN5X0BPjxekIzMXzKImNm_GQ&sig=Cg0ArKJSzE7ZyAORBeN0EAE&urlfix=1&adurl=
Frame ID: F1EE42BEDE0F78668EB9329D5146B2B8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Frame ID: 6FCB6F9F6CA9755148509CF061518F09
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Frame ID: 74F8935A90051FA060344E59708DB223
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Frame ID: 2F759994E422B5957073DE8CB340412E
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D0F2E54BB30DD5B9AFE18C6A1C2997F0
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1559576504348
Frame ID: 1CD890441D1B20EDB7651C151BCDAB96
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Frame ID: B13FC22C5D5792C10E458F2FFE67EC8F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 88D676AC5E3A708758CEE0BE989C7D47
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Frame ID: AE58DD7AABBF33958E7243FABCDF2DE5
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cMP4reZxWr6jPmaKlId8sQ
Frame ID: 74DC6099CC2388D84B65C4E4D1844039
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dxLHU2ZxSr6lrlaKkv7mNO
Frame ID: 9564E7AA91E962D7218F73AA40CE0E9A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C90D032B8348F2E613CAC7C5F28BD11A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 9CF43606D6DFC3ECB44E36BA584B2404
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Frame ID: C337A7DFF2752E2BEF1872DFFE691FFF
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: BF15B58D024871FB1C1CBBC9DF725F8A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D90921A5BCE3C9D3313F1B823C1069FD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: C183E09EEADD9070AC3E25C65B1FE29E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 4E146D579058EB85BE5804A016771E44
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: EB9654EEDCC61AF2EBB9A32C1492045C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: AA45122C624BF14DCEC1CEC8AE28BEA4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 4B7F0B4EA35E69651DE9EF49F394D3DE
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bzPstcZxSr6lrlaKkv7mNO
Frame ID: E8DA5636D810D0E6898CEBA1884B24CC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BE626100B923D8369CE5A94378F4DDAE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /pbjs/i
Overall confidence: 100%
Detected patterns
  • env /^addthis/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i
Overall confidence: 100%
Detected patterns
  • env /^_?COMSCORE$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

296
Requests

95 %
HTTPS

39 %
IPv6

47
Domains

78
Subdomains

70
IPs

7
Countries

3048 kB
Transfer

8258 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Request Chain 112
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576495262&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576495262&vwd=834&vht=469&gdpr=1&gdpr_consent=0
Request Chain 116
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576495262&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH7TKxVxATsHVas71KpdCsY&google_cver=1
Request Chain 177
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1559576499606&ns_c=UTF-8&cv=3.1&c8=A%20Closer%20Look%20at%20the%20RobbinHood%20Ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1559576499606&ns_c=UTF-8&cv=3.1&c8=A%20Closer%20Look%20at%20the%20RobbinHood%20Ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c9=
Request Chain 190
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21456287.229688350;dc_trk_aid=427692958;dc_trk_cid=103966985;ord=801713851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21456287.229688350;dc_pre=CLGksJrTzeICFY-HdwodNXcCUw;dc_trk_aid=427692958;dc_trk_cid=103966985;ord=801713851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 195
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 197
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 198
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 293
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 294
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Request Chain 298
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Request Chain 305
  • https://edba.brealtime.com/ HTTP 302
  • https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif

296 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/ 		83 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2865d564c3dcac90857801b97229d38ac2e4d529b1463089abddcbdc6430f379
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/news/security/a-closer-look-at-the-robbinhood-ransomware/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 03 Jun 2019 15:41:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d77befc293714efd9fa437fa279ff80701559576488; expires=Tue, 02-Jun-20 15:41:28 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly session_id=ae96c73806b8839556378cfbf3ddad42; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=5812; expires=Wed, 03-Jul-2019 15:41:28 GMT; Max-Age=2592000; path=/;Secure
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Tue, 28 May 2019 12:55:43 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e12c57b5fc39c7b-AMS
content-encoding
br
css
fonts.googleapis.com/ 		14 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e1ed25f4abd181e54349b19a94bd563692385ef339df2540abbee5638ccb3765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 03 Jun 2019 15:41:29 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 03 Jun 2019 15:41:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:29 GMT
bootstrap.css
www.bleepstatic.com/css/redesign/ 		111 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=137522
status
200
cf-bgj
minify
last-modified
Fri, 23 Sep 2016 14:33:06 GMT
server
cloudflare
etag
W/"2184297232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c581ad3cc85f-AMS
expires
Tue, 26 Mar 2019 04:25:05 GMT
main.css
www.bleepstatic.com/css/redesign/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=60842
status
200
cf-bgj
minify
last-modified
Thu, 16 Aug 2018 15:28:40 GMT
server
cloudflare
etag
W/"4249134023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c581ad40c85f-AMS
expires
Thu, 14 Mar 2019 04:21:16 GMT
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=14998
status
200
cf-bgj
minify
last-modified
Sat, 24 Mar 2018 16:18:00 GMT
server
cloudflare
etag
W/"2402535603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c581ad41c85f-AMS
expires
Wed, 27 Mar 2019 21:45:08 GMT
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d4ea4e2f95dcd77bc3acb8408f8ed9c2d9453aeafef8af9387b04e6c9a8ff9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=32748
status
200
cf-bgj
minify
last-modified
Mon, 28 Jan 2019 20:41:57 GMT
server
cloudflare
etag
W/"3696970514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c581ad43c85f-AMS
expires
Thu, 20 Jun 2019 11:39:31 GMT
jquery-1.11.1.min.js
www.bleepstatic.com/js/redesign/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 12:36:44 GMT
server
cloudflare
access-control-allow-origin
*
etag
W/"3647451394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
4e12c581ad45c85f-AMS
expires
Thu, 28 Mar 2019 16:53:04 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=247
status
200
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c581ad46c85f-AMS
expires
Thu, 21 Mar 2019 05:10:14 GMT
connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 		956 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
db0999cc027657767c26670e2504c86b54b05f0c2e1cceea3f1433f06be181ae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1559576489.123838,VS0,VE0
content-length
956
retry-after
0
x-served-by
cache-fra19141-FRA
qc-consent.js
www.bleepstatic.com/js/qc-consent/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=3848
status
200
cf-bgj
minify
last-modified
Thu, 07 Feb 2019 13:49:44 GMT
server
cloudflare
etag
W/"3981350888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c5824e7bc85f-AMS
expires
Wed, 27 Mar 2019 02:09:12 GMT
js
www.googletagmanager.com/gtag/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
5875e9c01f7f297e1241085e73ec158551b3092caecebb40c6e8f330704be5bf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
last-modified
Thu, 30 May 2019 16:41:01 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25338
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:29 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1882
status
200
content-disposition
inline; filename="logo.webp"
cf-bgj
imgq:85
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c582f814c85f-AMS
expires
Sun, 30 Jun 2019 18:12:56 GMT
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
pfe /
Resource Hash
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
1424
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1181
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:47:45 GMT

Redirect headers

date
Mon, 03 Jun 2019 15:41:29 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
266
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e8f1d3fd6813a65588f0c7215a8f1f844fb40787bfc7a0e247257a6ba96f2683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33180
x-xss-protection
0
server
cafe
etag
18344760330922210743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Jun 2019 15:41:29 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		475 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c582f818c85f-AMS
content-length
475
expires
Fri, 24 May 2019 23:15:26 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=65813
status
200
cf-bgj
minify
last-modified
Thu, 23 Apr 2015 12:36:43 GMT
server
cloudflare
etag
W/"3930092018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c582f819c85f-AMS
expires
Thu, 28 Mar 2019 05:13:57 GMT
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
access-control-allow-origin
*
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
4e12c581dd8fc85f-AMS
expires
Thu, 28 Mar 2019 08:32:18 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
759 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=3600
status
200
cf-bgj
minify
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c582f81cc85f-AMS
expires
Fri, 22 Mar 2019 04:49:09 GMT
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=48706
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c582f81ec85f-AMS
expires
Mon, 25 Mar 2019 04:42:04 GMT
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
access-control-allow-origin
*
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
4e12c5823e6cc85f-AMS
expires
Thu, 21 Mar 2019 05:36:11 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		344 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d577d94f1675029cbc48a4a7e98f03942874723d30c7a8c6263e19a7b5d3329

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Tue, 21 May 2019 18:21:08 GMT
etag
"5ce44194-561fe"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s9.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		416 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:c072 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aaf688e01a991bd9d796ca1adc8b66d432d477efdad550b7e991b692c6dbc5b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
br
cf-cache-status
HIT
status
200
x-guploader-uploadid
AEnB2UorTp0ddMneI-Gl-AUbebplsePWXxvNYJM0g1TzEua2vTLWwxFDcwZl6cYOnC3ST14hYtO9G6XYElVJncC-XQqS5pNvYg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cf-ray
4e12c584380bd6cd-FRA
last-modified
Thu, 09 May 2019 18:48:44 GMT
server
cloudflare
etag
W/"5364c515a84b76535ab32ae72c458e81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=veWEiQ==, md5=U2TFFahLdlNasyrnLEWOgQ==
x-goog-generation
1557427724494133
cache-control
public, max-age=1800
x-goog-stored-content-length
425947
content-type
application/javascript
expires
Mon, 03 Jun 2019 16:11:29 GMT
login_bg.png
www.bleepstatic.com/images/site/ 		187 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c583a9b3c85f-AMS
content-length
187
expires
Sat, 25 May 2019 01:06:01 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 04:36:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
126319
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Mon, 01 Jun 2020 04:36:10 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 16:28:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:03 GMT
server
sffe
age
83558
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Mon, 01 Jun 2020 16:28:51 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
nav_bg.png
www.bleepstatic.com/images/site/ 		83 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5844b87c85f-AMS
content-length
83
expires
Fri, 24 May 2019 23:57:34 GMT
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1494/min/ Frame 91E4 		706 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d9983221f969de6a2d49d65f72fe579b21e0c6ee83e0f2fc97213b14839f9673

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
content-encoding
gzip
age
34578
x-cache
HIT, HIT
status
200
content-length
187099
via
1.1 varnish, 1.1 varnish
x-served-by
cache-dca17744-DCA, cache-fra19141-FRA
last-modified
Mon, 03 Jun 2019 05:51:52 GMT
x-timer
S1559576490.737011,VS0,VE0
etag
"d1a2bfef07b2f246a003469e86e79f73"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 2363
cmp.js
quantcast.mgr.consensu.org/ 		138 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca63a5bf8f9e3e8f87bc6966bd6865309df0ec43339334769f31b42b7dd5bed2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:31:53 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 19:17:48 GMT
server
AmazonS3
age
1084
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-id
KhMtDqHlLOCXfGv2S4HZwNGaCih1Ls5Kn4T-T4cDtKilU5RvJ5LbVA==
via
1.1 ed522e38bfbcd76f653d4691110d92a1.cloudfront.net (CloudFront)
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=824
status
200
content-disposition
inline; filename="20x20-printer.webp"
cf-bgj
imgq:85
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c584dcd5c85f-AMS
expires
Sat, 29 Jun 2019 23:57:11 GMT
calendar.png
www.bleepstatic.com/images/site/ 		129 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c584dcd8c85f-AMS
content-length
129
expires
Fri, 31 May 2019 22:31:50 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1316
status
200
content-disposition
inline; filename="clock.webp"
cf-bgj
imgq:85
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c584dcdbc85f-AMS
expires
Sat, 29 Jun 2019 23:54:02 GMT
comment-light.png
www.bleepstatic.com/images/site/ 		96 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:29 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1034
status
200
content-disposition
inline; filename="comment-light.webp"
cf-bgj
imgq:85
content-length
96
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c584dcddc85f-AMS
expires
Fri, 28 Jun 2019 05:14:17 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 03 Jun 2019 02:07:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:42 GMT
server
sffe
age
48838
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Tue, 02 Jun 2020 02:07:31 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 07:50:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:38 GMT
server
sffe
age
114671
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Mon, 01 Jun 2020 07:50:18 GMT
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=618
status
200
content-disposition
inline; filename="32x32-printer.webp"
cf-bgj
imgq:85
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5878b0dc85f-AMS
expires
Sun, 30 Jun 2019 00:03:21 GMT
21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
cf-polished
origSize=7617, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
7581
last-modified
Mon, 26 Oct 2015 17:15:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5878b10c85f-AMS
expires
Wed, 20 Mar 2019 04:25:35 GMT
before-bg.png
www.bleepstatic.com/images/site/ 		116 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/before-bg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9b2fe75e3a5637b840957e2f9aefedb394224a1846a731ad7ead76abf91d58

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1026
status
200
content-disposition
inline; filename="before-bg.webp"
cf-bgj
imgq:85
content-length
116
last-modified
Fri, 29 May 2015 07:08:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5878b11c85f-AMS
expires
Sat, 15 Jun 2019 21:16:18 GMT
news-icon-01.png
www.bleepstatic.com/images/site/ 		240 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news-icon-01.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1af15b17fd7099b2d3a81a8b3aeffd94b26d2c1a58489c3903e11ec5a4896d3

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1204
status
200
content-disposition
inline; filename="news-icon-01.webp"
cf-bgj
imgq:85
content-length
240
last-modified
Fri, 29 May 2015 07:09:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5878b12c85f-AMS
expires
Sun, 30 Jun 2019 00:04:06 GMT
link-icon.png
www.bleepstatic.com/images/site/comments/ 		494 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comments/link-icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef3d32ea9a9fa05f8170d164890b55e15ce39157bb9ae7e96b047c1996d22a8b

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=787
status
200
content-disposition
inline; filename="link-icon.webp"
cf-bgj
imgq:85
content-length
494
last-modified
Fri, 25 Sep 2015 17:29:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5878b14c85f-AMS
expires
Sat, 29 Jun 2019 22:34:46 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		72 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5878b15c85f-AMS
content-length
72
expires
Sat, 25 May 2019 00:08:06 GMT
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1105
status
200
content-disposition
inline; filename="news_email_icon.webp"
cf-bgj
imgq:85
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5878b16c85f-AMS
expires
Fri, 28 Jun 2019 05:12:38 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190528/r20190131/ 		208 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190528/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
272277c4464a35dddd60aa4d0757e8c83fcb43c1f0b5da4ec151de3f03db2fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
79092
x-xss-protection
0
server
cafe
etag
10682397905845615084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Jun 2019 15:41:30 GMT
news_footer_icon.png
www.bleepstatic.com/images/site/ 		186 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58bfcdfc85f-AMS
content-length
186
expires
Thu, 23 May 2019 21:41:26 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190528/r20190131/ Frame 3AA7 		208 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190528/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
272277c4464a35dddd60aa4d0757e8c83fcb43c1f0b5da4ec151de3f03db2fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
79092
x-xss-protection
0
server
cafe
etag
10682397905845615084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Jun 2019 15:41:30 GMT
ca-pub-0920899300397823.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		108 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-0920899300397823.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 01 Jun 2019 20:41:39 GMT
server
sffe
age
27382
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
118
x-xss-protection
0
expires
Mon, 03 Jun 2019 20:05:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190528/r20190131/ Frame 1DBC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190528/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190528/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sun, 02 Jun 2019 21:45:45 GMT
expires
Sun, 16 Jun 2019 21:45:45 GMT
content-type
text/html; charset=UTF-8
etag
13732316697317830675
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7014
x-xss-protection
0
cache-control
public, max-age=1209600
age
64545
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
536
date
Mon, 03 Jun 2019 15:32:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Mon, 03 Jun 2019 17:32:35 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v18/ Frame 38BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v18/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:aa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v18/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Thu, 23 May 2019 19:17:44 GMT
accept-ranges
bytes
server
AmazonS3
date
Mon, 03 Jun 2019 15:30:01 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
age
1588
x-cache
Hit from cloudfront
via
1.1 ed522e38bfbcd76f653d4691110d92a1.cloudfront.net (CloudFront)
x-amz-cf-id
YJt5yC8IgtMewVaUusXkSXF7VSRV_4TkPRwpbVP8FB13mu2YzPmpgQ==
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=664172114&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ul=en-us&de=UTF-8&dt=A%20Closer%20Look%20at%20the%20RobbinHood%20Ransomware&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=700488394&gjid=978993512&cid=1804342404.1559576491&tid=UA-91740-1&_gid=1699898598.1559576491&_r=1&gtm=2ou5m0&z=900618362
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
robbinhood-header.jpg
www.bleepstatic.com/content/hl-images/2019/04/26/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/04/26/robbinhood-header.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d190e76419b4ebe77f76a63323ad876df621293b5e613dcf026b0b391ea2dc0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:85
content-length
159926
last-modified
Fri, 26 Apr 2019 16:20:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1b96c85f-AMS
expires
Sun, 26 May 2019 17:45:51 GMT
292x176_windows-10-with-background.jpg
www.bleepstatic.com/content/hl-images/2019/01/25/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/01/25/thumb/292x176_windows-10-with-background.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9fd72dc74e661b9e69326cc494fa101a33df9aa88321f3807a3cae7c2a49a4

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=3390
status
200
content-disposition
inline; filename="292x176_windows-10-with-background.webp"
cf-bgj
imgq:85
content-length
2204
last-modified
Fri, 25 Jan 2019 14:44:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1b97c85f-AMS
expires
Wed, 03 Jul 2019 04:14:30 GMT
292x176_gandcrab-header.jpg
www.bleepstatic.com/content/hl-images/2018/10/17/thumb/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2018/10/17/thumb/292x176_gandcrab-header.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11843a1492df18c04aa4d13faa0a3274fcf6ac61f0130f4f473c808ee174246f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
cf-polished
origSize=8508, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
7411
last-modified
Wed, 17 Oct 2018 21:44:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1b99c85f-AMS
expires
Tue, 02 Jul 2019 21:44:29 GMT
icon1348083463.jpg
www.bleepstatic.com/download/product-logos/2012/09/19/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/download/product-logos/2012/09/19/icon1348083463.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebee3fab4fdb2f178afd3d4a64d03c44b658f81ead11e46b46a5ad5b7b16663

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=1629
status
200
content-disposition
inline; filename="icon1348083463.webp"
cf-bgj
imgq:85
content-length
1074
last-modified
Wed, 19 Sep 2012 19:37:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1b9ac85f-AMS
expires
Thu, 27 Jun 2019 19:57:20 GMT
icon1337883021.png
www.bleepstatic.com/download/product-logos/2012/05/24/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/download/product-logos/2012/05/24/icon1337883021.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad6475774c992df47815925a96f40ea0f43a5dce7bdc9366b93061aaed0ddcc

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
last-modified
Thu, 24 May 2012 18:10:28 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1b9cc85f-AMS
content-length
4160
expires
Sun, 09 Jun 2019 20:54:18 GMT
icon1471128781.png
www.bleepstatic.com/download/product-logos/2016/08/13/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/download/product-logos/2016/08/13/icon1471128781.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0ba976f51ee59161622fc7d364c35985343adca90a2f5045e1dbb227f6bd3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=4801
status
200
content-disposition
inline; filename="icon1471128781.webp"
cf-bgj
imgq:85
content-length
2958
last-modified
Sat, 13 Aug 2016 22:53:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1b9fc85f-AMS
expires
Sat, 29 Jun 2019 23:34:05 GMT
icon1448822924.png
www.bleepstatic.com/download/product-logos/2015/11/29/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/download/product-logos/2015/11/29/icon1448822924.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd93f72da2955395970fea214455dfe9b45b15eb27c1e4b2b9574745f4d05a50

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=5648
status
200
content-disposition
inline; filename="icon1448822924.webp"
cf-bgj
imgq:85
content-length
4450
last-modified
Sun, 29 Nov 2015 18:48:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1ba0c85f-AMS
expires
Thu, 27 Jun 2019 19:42:42 GMT
icon1350175813.png
www.bleepstatic.com/download/product-logos/2012/10/13/ 		232 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/download/product-logos/2012/10/13/icon1350175813.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f541d43ea7ee73301eaee3f049399e75ae6f109da1008899d3615d73a9a29d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=386
status
200
content-disposition
inline; filename="icon1350175813.webp"
cf-bgj
imgq:85
content-length
232
last-modified
Sun, 14 Oct 2012 00:50:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c58f1ba1c85f-AMS
expires
Thu, 27 Jun 2019 19:57:30 GMT
cookie
c.pub.network/ 		36 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
44bcae493ddea950d6e2ec1f9ef7cf5b41c0cbd193512c0d27a55b6344df5d92

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:32 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin
Content-Type
text/plain;charset=utf-8
gallery.js
freestar-io.videoplayerhub.com/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freestar-io.videoplayerhub.com/gallery.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.108 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-108.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79769503cd5d7f0577285b77cf8dca74cd080f95b091c75f8dfc29f4483a339c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
uXzx0zUT4u5.xDpTaQR6vuWpIvQsOyqi
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2019 19:45:24 GMT
Server
AmazonS3
Age
70
Date
Mon, 03 Jun 2019 15:40:41 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
UrwP12HNPE4QKhBECnc4fgG40jJ-aEW9wYZ0yi5ZtuXI14gbbk1MRw==
gpt.js
www.googletagservices.com/tag/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
84d3a74865aaf560e9399f2aed3e6b1aba46e61cb702eb13c6602ae7f5b912f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"185 / 964 of 1000 / last-modified: 1559570724"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10495
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:31 GMT
prebid-analytics-1.33.5.js
a.pub.network/core/ 		323 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-1.33.5.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:c072 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
content-encoding
br
cf-cache-status
MISS
status
200
x-guploader-uploadid
AEnB2UrShjqACZoK3ejTn_nI_cL2N7kXtXNTRwE9Yk3uwQCS0lvv_bsm2Qs_GGyT8_yyKIwEAhRhTzWDQG9nJtokRSNkkl1LvA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cf-ray
4e12c5900e0dd6cd-FRA
last-modified
Wed, 13 Mar 2019 15:07:05 GMT
server
cloudflare
etag
W/"2d4c23f52ecf1a601021349ff773977b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=xB2m2g==, md5=LUwj9S7PGmAQITSf93OXew==
x-goog-generation
1552489625640716
cache-control
public, max-age=31536000
x-goog-stored-content-length
330336
content-type
text/html
expires
Tue, 02 Jun 2020 15:41:31 GMT
location
c.pub.network/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/location
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
924c341ee5457922a197ad6fc1fcf9395334be8e5fcad61be8247dd8ccd4b1ee

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:32 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
1581
Vary
Origin
Content-Type
application/json;charset=utf-8
_ate.track.config_resp
m.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:31 GMT
content-encoding
gzip
surrogate-key
ra-561517d2c7f964d6
server
Jetty(9.4.8.v20180619)
etag
-1808207170--gzip
vary
Accept-Encoding
cache-tag
ra-561517d2c7f964d6
status
200
cache-control
public, max-age=44, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
678
ads
googleads.g.doubleclick.net/pagead/ Frame 929D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=1199975128&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1559048143&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1559576490852&bpp=120&bdt=1854&fdt=909&idt=910&shv=r20190528&cbv=r20190131&saldr=aa&abxe=1&correlator=5496692523214&frm=20&pv=2&ga_vid=1804342404.1559576491&ga_sid=1559576492&ga_hid=664172114&ga_fc=0&iag=0&icsg=8933534605312&dssz=42&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=14539&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.do3sk2f1afcq&fsb=1&xpc=KelIhkTLUC&p=https%3A//www.bleepingcomputer.com&dtd=1140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190528/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=1199975128&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1559048143&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1559576490852&bpp=120&bdt=1854&fdt=909&idt=910&shv=r20190528&cbv=r20190131&saldr=aa&abxe=1&correlator=5496692523214&frm=20&pv=2&ga_vid=1804342404.1559576491&ga_sid=1559576492&ga_hid=664172114&ga_fc=0&iag=0&icsg=8933534605312&dssz=42&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=14539&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.do3sk2f1afcq&fsb=1&xpc=KelIhkTLUC&p=https%3A//www.bleepingcomputer.com&dtd=1140
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 03 Jun 2019 15:41:32 GMT
server
cafe
content-length
12189
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 03-Jun-2019 15:56:32 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 03 Jun 2019 15:41:32 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190528/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
478c6b278b7bdaeb656033355ed843d2bcfcad523d27da9d2d2ad57561ea304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1559301155462102"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28172
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:32 GMT
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=4895
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c593bec6c85f-AMS
expires
Thu, 28 Mar 2019 18:04:30 GMT
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=26776
status
200
cf-bgj
minify
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4e12c593df07c85f-AMS
expires
Wed, 03 Jul 2019 05:12:31 GMT
/
audit.quantcast.mgr.consensu.org/ 		80 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1559576492137;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F;CMP_Display;initializationdisplay;;;;1
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-27.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 21:07:36 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
vary
Origin
age
66837
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
hnmRVTqnZ_99SLBEqs-cHBziK0xw71qMBeqZRPLT8CWWdlXbG_Dz5g==
cmpui-popup.js
static.quantcast.mgr.consensu.org/v18/ 		165 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v18/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:aa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
357017568ad102cf853bced7d960ecd7fcc8854ab807a9958dff7c2106b35d27

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:40:05 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 19:17:44 GMT
server
AmazonS3
age
872
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-id
jCra7Q2lUvF9LWzLlWT6oK8n5DXeTXDZ6Zulp8FBcYnEBpK4wyy6xA==
via
1.1 ed522e38bfbcd76f653d4691110d92a1.cloudfront.net (CloudFront)
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 03 Jun 2019 15:41:32 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
accept-ranges
bytes
cf-ray
4e12c596cfebbc60-LHR
content-length
65452
pubads_impl_2019052302.js
securepubads.g.doubleclick.net/gpt/ 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052302.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
d6553a6c991fe91210741e39d64cea8f76b37d71a4905ad673e887f123a7db5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 May 2019 16:46:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55282
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:32 GMT
layers.53666936c94ded42f169.js
s7.addthis.com/static/ 		262 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.53666936c94ded42f169.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32006b665c48d165c3c109a07122bf5e950f1ed57e179eb22b0b1e54c5bd827f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:32 GMT
content-encoding
gzip
last-modified
Fri, 26 Apr 2019 20:25:37 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
beacon.js
ad-delivery.net/ 		1 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/beacon.js
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.107 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-107.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:10:40 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2017 15:06:54 GMT
server
AmazonS3
age
1853
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
KBzxm-OSRPyX94mqGdoCi0rw7-qPzwR9HGKgGXFgtvJGXpJc4ZYtMA==
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
vendorlist.json
vendorlist.consensu.org/ 		80 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:6e00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25825be1054d3f740a75117b5da68d7a5af5b15deb005561c9c31f35bf82a5e1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

date
Fri, 31 May 2019 05:37:31 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
36126
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 30 May 2019 16:00:21 GMT
server
AmazonS3
access-control-max-age
86400
access-control-allow-methods
GET
x-amz-version-id
TTBX7swOO8l9ziLxpWdUQ97MCn13otO6
via
1.1 b454a0b154ae18408006bc2a9abd88ec.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA54
content-type
application/json; charset=utf-8
x-amz-cf-id
Oa77a0VGIptGYiweutIKlIzFz_uaWcJ38t2lY16JOzrJQ8AVRpvdqw==
g
ck.connatix.com/ 		46 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_f166ae7b5fa466efe9671559576492911
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
cadeee5406393f5e169b38430d61e7bce7d70b669ec2461e059ed8dfcaf98aa0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:32 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1559576493.957483,VS0,VE0
content-length
46
retry-after
0
x-served-by
cache-fra19141-FRA
pls
core.connatix.com/ Frame 91E4 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.connatix.com/pls?callback=jQuery32104569827403288462_1559576492896&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_v=1494_0_0_0_0&page_guid=1240c7615e22fa7284391559576493458&spp=1&_=1559576492897
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.89.167 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-175-89-167.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
9b1f162ffa8166f66ca57329b7f3929a4d5b823b9865a23a48be1bedf2398137

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 03 Jun 2019 15:41:33 GMT
content-encoding
gzip
server
nginx/1.12.2
access-control-allow-origin
*
sync.html
s.adtelligent.com/ Frame 7B61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=410295
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.154 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
Adtelligent 1.0 /
Resource Hash

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

Server
Adtelligent 1.0
Date
Mon, 03 Jun 2019 15:41:33 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
745
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
v2
d.pub.network/floors/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=535desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
d7ca2224450a2ed8cad8586ca83b073e414293cf484dd8f182383a1885ce6254

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:34 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-51.fra6.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 03 Jun 2019 15:41:33 GMT
content-encoding
gzip
access-control-allow-origin
https://www.bleepingcomputer.com
x-amzn-requestid
10ae4670-8616-11e9-9a76-7943898002f5
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
atbjKHQ3oAMFjGQ=
content-length
50
x-amzn-trace-id
Root=1-5cf53fad-7edc9c30ecdb1e48fe648c03;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
KBPcnVdGG_tID9QeeByabtktztaA3wefzGAmAlQHiwDgIKqGWxCm2g==
49.45d0d44e9b5e129632e0.js
s7.addthis.com/static/ 		281 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/49.45d0d44e9b5e129632e0.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66e0f9a747bdd042fb9d01000d611034c4bdd2351cadb25fda445defec19c603

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:33 GMT
last-modified
Thu, 28 Feb 2019 14:32:49 GMT
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
281
/
graph.facebook.com/ 		292 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_bada0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5d90874802ac121168dfd7a121058e335bade356eeaf0f9bfb74a5bdfb310f0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Mon, 03 Jun 2019 15:41:34 GMT
x-fb-rev
1000779013
content-length
189
pragma
no-cache
x-fb-debug
lDFy60Fpr1gGG0abCbhEgnDoOz7TfyQHkGo0d6rPyHh2wETcoN8NsNGNkQakUe0vintSFccdPmE9b6pzdBEEQQ==
x-fb-trace-id
FOf1wG5SkK8
etag
"7a6128b755f2d10c17242181e5cbec517cb6c063"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AJxqMqbUDIrrmIk6DVIZ1Ez
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.9
expires
Sat, 01 Jan 2000 00:00:00 GMT
share
www.linkedin.com/countserv/count/ 		164 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&callback=atajsshctcbwnpzR
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e1cfef8563ed1c6e611844e2a5480e8423e1d1c70c85599201675cbdd5181b2e
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-li-pop
prod-efr5
x-li-uuid
H/kC7466pBWAd0nSJysAAA==
pragma
no-cache
server
Apache-Coyote/1.1
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-lva1
expires
Thu, 01 Jan 1970 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&jsonp=_ate.cbs.rcb_5cne0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
bf3f696ad18067627b9f0c27079294c16e750856a6533dcb3d4aacbbf895865c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
x-cache-hits
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-hhn1551-HHN
x-moose
majestic
server
snooserv
x-timer
S1559576494.077759,VS0,VE1394
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
expires
-1
/
graph.facebook.com/ 		130 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_5w9o0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
26e3a3490c370bdcf8e69347eee8f5d54ae2b7d2376d706c2c6eb6b2f323c743
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Mon, 03 Jun 2019 15:41:34 GMT
x-fb-rev
1000779013
content-length
130
pragma
no-cache
x-fb-debug
TOnuW6Ef2o8Jsp3Rw1vAYaw7b4ZD/K4r2xS15YyP4j3y+cT3c2W3472rDm0RU+m8jCdWPtVNX16EfpcesfdW2w==
x-fb-trace-id
CWIVvRoxUGe
etag
"474052b213893b8f5a3f96863e8acd71101c4c92"
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A_g38JcfZas4u3HNAfq9wZS
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.9
expires
Sat, 01 Jan 2000 00:00:00 GMT
share
www.linkedin.com/countserv/count/ 		163 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/countserv/count/share?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&callback=atajsshctcbsWGCW
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8a8d0ab73ab540e184d64ad188d77df4fd798e55a2a2807d567aa3cea37fb409
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-li-pop
prod-efr5
x-li-uuid
UZsa7466pBXgsFHHJysAAA==
pragma
no-cache
server
Apache-Coyote/1.1
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-lva1
expires
Thu, 01 Jan 1970 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&jsonp=_ate.cbs.rcb_4q3a0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
b84ffa0bfad9fe528f603a8c84b965e6d09752342a645a67cfcf020c9ad21f82
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
x-cache-hits
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-hhn1551-HHN
x-moose
majestic
server
snooserv
x-timer
S1559576494.077720,VS0,VE1398
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
expires
-1
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
g
rtb.connatix.com/ 		107 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_ivt=0&connatix_sess=U5K4f-u469LI2nE7r8AgEUGUn_q5tRJu8FqMOg4odVoVkllK8_gZLG4hkVOq1jrRvZ9wKg7rRmplph4wcQdKIiHDj9DG_pTNzAPpL59HtsRF0g929Ti6u1ZRFHOrkHxE3ySF_Qma8MonELJZksXqiG0zMWpOCZRuCEvZrQ5JG2h0GAzo142Vv0W4YTuDlu3q&notServed=false&xplr=false&c_s=false&c_pl=amo7k7z713fCHRc_kPhLtkdvJQ5VKj5-AiBrq3HPtBnyFDkZ6N8bPzEgNqkJgw539RDl7MdbeLtkKLCzOTpATY9cLccpF3THO643IBN5T4hUtiXxCcdSuoBD9AmasDY6nF9jUFynjM5bGDcWVYMRkKGJpcKQalQqX1qKF82bfuQZH6fG4zz8L7zgVOAvyaiQyHDckQ4rY6GYxx79hCsKCxMtlchjYQ3eaeqSAmW2hkF_it3Fpok93OvOokFclpT5GTdsqLmsyhWskdu2MxKNtg&gdpr=1&med_id=639404&request_guid=8a9e6c01d3937f38b9ca1559576495232&req_no=0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_v=1494_0_0_0_0&callback=cnxJSONP_cbd5df663fba86d880bb1559576495232
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.118.21 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-230-118-21.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
cb46ec12d8220d903a93787a8022b4f2968ad1a09d2c99b2346827f56768cf9f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Jun 2019 15:41:35 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
122
164.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/164.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
efffbce121db9a7883702953d0a3ac807d605ab61622433d7679ca0f2576addc

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish, 1.1 varnish
age
73064
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 2
accept-ranges
bytes
x-timer
S1559576495.340634,VS0,VE0
access-control-allow-origin
*
content-length
74455
x-served-by
cache-sjc3127-SJC, cache-fra19141-FRA
1.jpg
i.connatix.com/s3/connatix-uploads/8e61130a-9d13-4273-9446-f02d21155f63/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/8e61130a-9d13-4273-9446-f02d21155f63/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6b7b21b3a1d175d69d7624ddd2024bfc5c56443552719180e4e7f79108217478

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish, 1.1 varnish
age
159678
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3
accept-ranges
bytes
x-timer
S1559576495.340639,VS0,VE0
access-control-allow-origin
*
content-length
97708
x-served-by
cache-sjc3121-SJC, cache-fra19141-FRA
1.jpg
i.connatix.com/s3/connatix-uploads/54aaeaf2-f636-4703-b9be-0b2e8003c0a5/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/54aaeaf2-f636-4703-b9be-0b2e8003c0a5/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
320a7eec7c7ad3d2f0e1653cd99d908c738d6666ce74126936c3e446459b6a87

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish, 1.1 varnish
age
159678
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3
accept-ranges
bytes
x-timer
S1559576495.340649,VS0,VE0
access-control-allow-origin
*
content-length
17827
x-served-by
cache-sjc3140-SJC, cache-fra19141-FRA
1.jpg
i.connatix.com/s3/connatix-uploads/be0afe4a-752c-4bb7-8d04-1601006d3408/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/be0afe4a-752c-4bb7-8d04-1601006d3408/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
79ae6835680932d4e2689acbde31f27067486cf205223688d60267bc5db9b7bb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish, 1.1 varnish
age
159678
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 7
accept-ranges
bytes
x-timer
S1559576495.340679,VS0,VE0
access-control-allow-origin
*
content-length
88419
x-served-by
cache-sjc3149-SJC, cache-fra19141-FRA
1.jpg
i.connatix.com/s3/connatix-uploads/61c78f2e-e707-4638-bf4b-58bd8340257b/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/61c78f2e-e707-4638-bf4b-58bd8340257b/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a0beecd8e6ef2f385b003b006511ef7c0b66e45616370947be5c8092c1d72fe6

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish, 1.1 varnish
age
159678
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3
accept-ranges
bytes
x-timer
S1559576495.340699,VS0,VE0
access-control-allow-origin
*
content-length
76913
x-served-by
cache-sjc3151-SJC, cache-fra19141-FRA
1.jpg
i.connatix.com/s3/connatix-uploads/6a6e7856-c9b6-4eee-b412-587070a2b1d4/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/6a6e7856-c9b6-4eee-b412-587070a2b1d4/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
7e7e02ad63a892c9155f440d15a7a0cf181f185b6b2dd17e279dcc6e048b6905

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
via
1.1 varnish, 1.1 varnish
age
159678
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3
accept-ranges
bytes
x-timer
S1559576495.340728,VS0,VE0
access-control-allow-origin
*
content-length
28402
x-served-by
cache-sjc3143-SJC, cache-fra19141-FRA
bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=15281
status
200
content-disposition
inline; filename="bleeping-computerlogo-lg.webp"
cf-bgj
imgq:85
content-length
7156
last-modified
Wed, 07 Jan 2015 22:52:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4e12c5a78f0fc85f-AMS
expires
Sat, 29 Jun 2019 23:37:21 GMT
0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame 91E4 		23 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:35 GMT
content-encoding
gzip
age
7059725
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
4, 33
accept-ranges
bytes
x-timer
S1559576495.391942,VS0,VE0
access-control-allow-origin
*
content-length
21768
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc3151-SJC, cache-fra19141-FRA
/
audit.quantcast.mgr.consensu.org/ 		80 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=%3Be%3AShown%2C%3Bua%3AMozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36%3Bc%3Ap%2Coff%2Cfalse
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v18/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-27.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 16:32:13 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
vary
Origin
age
110527
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ZSi7KBlF8escGL8C4c3Grt52sUyEkQdtJ_DMF0nB_xLnA0BG6_8ZAQ==
ads
securepubads.g.doubleclick.net/gampad/ 		268 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3086992626336173&correlator=1643962812331957&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062456%2C21062819&vrg=2019052302&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190603&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1559048143&dt=1559576495670&dlt=1559576488997&idt=4507&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C15330%2C327%2C1136%2C13159%2C15836%2C2108&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&dssz=54&icsg=149533757546496&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1804342404.1559576491&ga_sid=1559576492&ga_hid=664172114&fws=4%2C4%2C4%2C4%2C4%2C4%2C4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
cc3fe6d56d2a5fc0e60a391a9106ecbc9fb47142aece14854467ed2900daa255
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13680665372578851190/app.famous.co/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13680665372578851190/app.famous.co/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJz5vZjTzeICFcxkFQgdM88EIg&gqi=&layout=/sadbundle/%24csp%253Der3%24/13680665372578851190/app.famous.co/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13680665372578851190/app.famous.co/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13680665372578851190/app.famous.co/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJz5vZjTzeICFcxkFQgdM88EIg&gqi=&layout=/sadbundle/%24csp%253Der3%24/13680665372578851190/app.famous.co/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
google-creative-id
-1,-1,-1,-2,-1,138254592126,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
39860
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-1,4893662829,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Mon, 03 Jun 2019 15:41:36 GMT
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019052302.js
securepubads.g.doubleclick.net/gpt/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
392052f027818de38eb23d2e99bf20e017e9ad6a18f2a3de17002cdbc7495087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 May 2019 16:46:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25328
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:36 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.162 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 15:41:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03-Jun-2019 15:41:38 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Mon, 10 Jun 2019 15:41:38 GMT
bxl.js
hbx.media.net/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6a55d70f54aa8d42c16e5591d7c8b290f7cd25ecfa3d8c012bd3cbc2cee4d4fa

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 15:41:38 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
6638
X-MNET-HL2
E
Expires
Tue, 04 Jun 2019 15:41:38 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.200.131 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a96-17-200-131.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 15:41:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Tue, 04 Jun 2019 15:41:37 GMT
load.js
s.ntv.io/serve/ 		268 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6a4b3f35a47738cd19c08af6876b9db4ec9259694e4f4541723092f7c870e297

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 15:41:39 GMT
Content-Encoding
gzip
x-amz-request-id
8BBD392C5ADFF027
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
1GqNcS/oHrqeP9fAZpQhCbrQ8G12C4/DPyU5U/jKX3XXesveJJqgHL1SatGAFcfHvbUWrB74YDQ=
Last-Modified
Thu, 30 May 2019 00:37:25 GMT
Server
AmazonS3
ETag
"e105b1e6079cee0b47517462967a7d06"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
093aed4b-11a1-4683-8912-838169728a09
d.pub.network/rfm/cookie/ 		3 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/rfm/cookie/093aed4b-11a1-4683-8912-838169728a09
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:36 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
classification
d.pub.network/ 		3 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/classification?siteId=535&pageUrl=https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:36 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
r
trk.connatix.com/ Frame 91E4 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/r?connatix_sess=U5K4f-u469LI2nE7r8AgEUGUn_q5tRJu8FqMOg4odVoVkllK8_gZLG4hkVOq1jrRvZ9wKg7rRmplph4wcQdKIiHDj9DG_pTNzAPpL59HtsRF0g929Ti6u1ZRFHOrkHxE3ySF_Qma8MonELJZksXqiG0zMWpOCZRuCEvZrQ5JG2h0GAzo142Vv0W4YTuDlu3q&videoID=639404&c_pl=amo7k7z713fCHRc_kPhLtkdvJQ5VKj5-AiBrq3HPtBnyFDkZ6N8bPzEgNqkJgw539RDl7MdbeLtkKLCzOTpATY9cLccpF3THO643IBN5T4hUtiXxCcdSuoBD9AmasDY6nF9jUFynjM5bGDcWVYMRkKGJpcKQalQqX1qKF82bfuQZH6fG4zz8L7zgVOAvyaiQyHDckQ4rY6GYxx79hCsKCxMtlchjYQ3eaeqSAmW2hkF_it3Fpok93OvOokFclpT5GTdsqLmsyhWskdu2MxKNtg&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_v=1494_0_0_0_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.215.67 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-173-215-67.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Jun 2019 15:41:37 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
0
av
connatix-d.openx.net/v/1.0/ Frame 91E4
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a2588155957649526...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576495262&vwd=834&vht=469&gdpr=1&gdpr_consent=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:36 GMT
server
OXGW/16.146.0
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576495262&vwd=834&vht=469&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
content-length
0

Redirect headers

date
Mon, 03 Jun 2019 15:41:36 GMT
server
OXGW/16.146.0
status
302
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576495262&vwd=834&vht=469&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
0
clr
trk.connatix.com/ Frame 91E4 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/clr?c_vid=639404&id_cl=4a30376e39d6e8c9b0f21559576494268&c_pl=amo7k7z713fCHRc_kPhLtkdvJQ5VKj5-AiBrq3HPtBnyFDkZ6N8bPzEgNqkJgw539RDl7MdbeLtkKLCzOTpATY9cLccpF3THO643IBN5T4hUtiXxCcdSuoBD9AmasDY6nF9jUFynjM5bGDcWVYMRkKGJpcKQalQqX1qKF82bfuQZH6fG4zz8L7zgVOAvyaiQyHDckQ4rY6GYxx79hCsKCxMtlchjYQ3eaeqSAmW2hkF_it3Fpok93OvOokFclpT5GTdsqLmsyhWskdu2MxKNtg&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_v=1494_0_0_0_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.215.67 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-173-215-67.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Jun 2019 15:41:37 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
0
jquery.color-2.1.2.min.js
cluster-ca.cdnjquery.com/color/ 		136 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cluster-ca.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=sha256_H28SdxWrZ387Ldn0qogCzFiUDDxfPiNIyJX7BECQkDE&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%227bff2670-5882-00f1-400b-0262ddb9b576%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.70.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-195-70-133.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
78b31549a44b93371d878d96104fc2565fb1c068e0956cc7164855953a486870
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 15:41:38 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
ETag
W/"88-EkHzj8OG7dsXLlRprX2iTluNUAg"
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
Charset
utf8
Connection
keep-alive
Content-Length
106
px.gif
ad-delivery.net/ 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3074444929616742
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.107 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-107.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 19:01:07 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2017 18:59:05 GMT
server
AmazonS3
age
144374
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
x-amz-cf-id
tdfUOBRD8kCrf2LUDr3-TatzK5GwAzzn5AVpkxquDFmybYgOG_hJ2A==
pixel
cm.g.doubleclick.net/ Frame 91E4
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=525970dce874fd4a25881559576...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:36 GMT
server
OXGW/16.146.0
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:36 GMT
server
OXGW/16.146.0
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
92UTGLpokGNFuM0nO/cEdFNC+D9f3Wtxvm08IxLCnOTO/tz/lJxyKKul7/p8aWNJB0TXa+VWlp6u69Xx6YjYKQ==
date
Mon, 03 Jun 2019 15:41:36 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
origin-trial
Akf3j/ZcwJRw84YHXShObKiKo/GcsvbaSbsK4ICnvBe5yOIhYA8SLqs9yDj7BRcMmvlU07030G23ZM6Yhv8QHQEAAABzeyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiRXhwZXJpbWVudGFsSXNJbnB1dFBlbmRpbmciLCJleHBpcnkiOjE1NjA0Mzg3MzYsImlzU3ViZG9tYWluIjp0cnVlfQ==
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011905291911450/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f2ba83c922a59c0700ee00a309cc1dae4596f471164e15f209b3ce6a7d4d6f50
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
197797
status
200
date
Sat, 01 Jun 2019 08:44:59 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
7403
x-xss-protection
0
server
sffe
etag
"e8c6615e2d387f0d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 08:44:59 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011905291911450/ Frame 0268 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81a880c00c7558a4f9aa19ee99f1a7333020b72b06581507661a391312546e82
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
184061
status
200
date
Sat, 01 Jun 2019 12:33:55 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76583
x-xss-protection
0
server
sffe
etag
"857f78993ce3bbc0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 12:33:55 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 0268 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
91bc8cb001a38fb244ef1173f4a1173af97efd89b8ea19f4fe637baf296b7c7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
152522
status
200
date
Sat, 01 Jun 2019 21:19:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4935
x-xss-protection
0
server
sffe
etag
"03f1e956731b4c69"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 21:19:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 0268 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0af992ccbf46caf34e8db2299cc3605c68a281d3904cc8335a7fd097aa4a23cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
64484
status
200
date
Sun, 02 Jun 2019 21:46:52 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38988
x-xss-protection
0
server
sffe
etag
"4064996315d71de9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Mon, 01 Jun 2020 21:46:52 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 0268 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
36d3dbf3eebeddc67a072de42a5308383e183ef2534a7da73b0e9c58da7a3110
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
407343
status
200
date
Wed, 29 May 2019 22:32:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1401
x-xss-protection
0
server
sffe
etag
"1a1e735beccb9943"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 28 May 2020 22:32:34 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 0268 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
79f46d56255aad2486ce0183730868edf754a05c9716fe6fde651e26067f1bca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
171977
status
200
date
Sat, 01 Jun 2019 15:55:20 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
13459
x-xss-protection
0
server
sffe
etag
"9b7689891d979320"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 15:55:20 GMT
truncated
/ Frame 0268 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a5ed4ad6f0094e68f08f7755f8960e7fd3f120001721ffac3bfd198d4e6cc43

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/011905291911450/ Frame A482 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81a880c00c7558a4f9aa19ee99f1a7333020b72b06581507661a391312546e82
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
184062
status
200
date
Sat, 01 Jun 2019 12:33:55 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76583
x-xss-protection
0
server
sffe
etag
"857f78993ce3bbc0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 12:33:55 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame A482 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
91bc8cb001a38fb244ef1173f4a1173af97efd89b8ea19f4fe637baf296b7c7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
152523
status
200
date
Sat, 01 Jun 2019 21:19:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4935
x-xss-protection
0
server
sffe
etag
"03f1e956731b4c69"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 21:19:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame A482 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0af992ccbf46caf34e8db2299cc3605c68a281d3904cc8335a7fd097aa4a23cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
64485
status
200
date
Sun, 02 Jun 2019 21:46:52 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38988
x-xss-protection
0
server
sffe
etag
"4064996315d71de9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Mon, 01 Jun 2020 21:46:52 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame A482 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
36d3dbf3eebeddc67a072de42a5308383e183ef2534a7da73b0e9c58da7a3110
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
407343
status
200
date
Wed, 29 May 2019 22:32:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1401
x-xss-protection
0
server
sffe
etag
"1a1e735beccb9943"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 28 May 2020 22:32:34 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame A482 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
79f46d56255aad2486ce0183730868edf754a05c9716fe6fde651e26067f1bca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
171977
status
200
date
Sat, 01 Jun 2019 15:55:20 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
13459
x-xss-protection
0
server
sffe
etag
"9b7689891d979320"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 15:55:20 GMT
truncated
/ Frame A482 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3f4adba8e07b75db52be8f38c2b565ec93b1431433dcb5c2c5d6cf91627fe80

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/011905291911450/ Frame B9A4 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81a880c00c7558a4f9aa19ee99f1a7333020b72b06581507661a391312546e82
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
184062
status
200
date
Sat, 01 Jun 2019 12:33:55 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76583
x-xss-protection
0
server
sffe
etag
"857f78993ce3bbc0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 12:33:55 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame B9A4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
91bc8cb001a38fb244ef1173f4a1173af97efd89b8ea19f4fe637baf296b7c7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
152523
status
200
date
Sat, 01 Jun 2019 21:19:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4935
x-xss-protection
0
server
sffe
etag
"03f1e956731b4c69"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 21:19:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame B9A4 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0af992ccbf46caf34e8db2299cc3605c68a281d3904cc8335a7fd097aa4a23cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
64485
status
200
date
Sun, 02 Jun 2019 21:46:52 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38988
x-xss-protection
0
server
sffe
etag
"4064996315d71de9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Mon, 01 Jun 2020 21:46:52 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame B9A4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
36d3dbf3eebeddc67a072de42a5308383e183ef2534a7da73b0e9c58da7a3110
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
407343
status
200
date
Wed, 29 May 2019 22:32:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1401
x-xss-protection
0
server
sffe
etag
"1a1e735beccb9943"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 28 May 2020 22:32:34 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame B9A4 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
79f46d56255aad2486ce0183730868edf754a05c9716fe6fde651e26067f1bca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
171977
status
200
date
Sat, 01 Jun 2019 15:55:20 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
13459
x-xss-protection
0
server
sffe
etag
"9b7689891d979320"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 15:55:20 GMT
css
fonts.googleapis.com/ Frame B9A4 		7 KB
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 03 Jun 2019 15:41:37 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 03 Jun 2019 15:41:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:37 GMT
9390354607711101615
tpc.googlesyndication.com/daca_images/simgad/ Frame B9A4 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9390354607711101615
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
47979e0a5d84414178aded793f76b4daa12f473370ec2021c83771b043b8b9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 21:17:14 GMT
x-content-type-options
nosniff
age
152663
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
50876
x-xss-protection
0
last-modified
Wed, 22 May 2019 18:39:06 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 May 2020 21:17:14 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12035840617284889599/ Frame B9A4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12035840617284889599/downsize_200k_v1?w=300&h=300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4017b18e7a8f4ec880145c7f4a799e6ecd8d790448f4991e34bee90ba57400d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 23:29:02 GMT
x-content-type-options
nosniff
age
58355
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
16034
x-xss-protection
0
last-modified
Mon, 15 Oct 2018 21:27:49 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Jun 2020 23:29:02 GMT
truncated
/ Frame B9A4 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B9A4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cfc3192e20100ef22ad52dacdfa481302a1d2792bffe50697e4745f89d15cbe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/011905291911450/ Frame F776 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81a880c00c7558a4f9aa19ee99f1a7333020b72b06581507661a391312546e82
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
184062
status
200
date
Sat, 01 Jun 2019 12:33:55 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76583
x-xss-protection
0
server
sffe
etag
"857f78993ce3bbc0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 12:33:55 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame F776 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
91bc8cb001a38fb244ef1173f4a1173af97efd89b8ea19f4fe637baf296b7c7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
152523
status
200
date
Sat, 01 Jun 2019 21:19:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4935
x-xss-protection
0
server
sffe
etag
"03f1e956731b4c69"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 21:19:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame F776 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0af992ccbf46caf34e8db2299cc3605c68a281d3904cc8335a7fd097aa4a23cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
64485
status
200
date
Sun, 02 Jun 2019 21:46:52 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38988
x-xss-protection
0
server
sffe
etag
"4064996315d71de9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Mon, 01 Jun 2020 21:46:52 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame F776 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
36d3dbf3eebeddc67a072de42a5308383e183ef2534a7da73b0e9c58da7a3110
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
407343
status
200
date
Wed, 29 May 2019 22:32:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1401
x-xss-protection
0
server
sffe
etag
"1a1e735beccb9943"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 28 May 2020 22:32:34 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame F776 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
79f46d56255aad2486ce0183730868edf754a05c9716fe6fde651e26067f1bca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
171977
status
200
date
Sat, 01 Jun 2019 15:55:20 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
13459
x-xss-protection
0
server
sffe
etag
"9b7689891d979320"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 15:55:20 GMT
css
fonts.googleapis.com/ Frame F776 		4 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 03 Jun 2019 15:41:37 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 03 Jun 2019 15:41:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:37 GMT
css
fonts.googleapis.com/ Frame F776 		4 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 03 Jun 2019 15:41:37 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 03 Jun 2019 15:41:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:37 GMT
truncated
/ Frame F776 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a4807a64ee7cb4a860ce10207fb872221646b4d7f3776fbe46c14518c30459d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F1EE 		0
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5UND16PqR18S4L9HOYAMFHVcnEcRZ9Jt2uAoqJOQR9gs28Pg8PxoW1N7qupWP_yPPYdmCVJXKvzvk6OM6odHuNs0Hhc6rpbiDVb5y_VPiWGUaZlcWmD4pszY1vwrvvjye3svdtgYzyPTUy3jtOVddFk77vYbIgvZLwUig4NTD1UwYnGvMj5Amm6_4s-BG7bVTIcpXvJxlaLZuBcIA65fwbrZr2B7O8jgvFcIC3xEDWDb4Ypr3dx3x5s1v_aPJDzPOMSNfM519LmJ_TCFXEyZ2CFIE&sai=AMfl-YRp-Gs56QITAELIu5CjOERx139MLjL3rAT07fyzwdkh6sPPO-gmGZnyoxtb9DQNc7FH00MVM7J-kNA9YvuN5X0BPjxekIzMXzKImNm_GQ&sig=Cg0ArKJSzE7ZyAORBeN0EAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jun 2019 15:41:37 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:37 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame F1EE 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7bf5cc86c3864ac00f684f6b619c01d44070bfca139fe2e91f0677501d8ab568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1559301155462102"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28384
x-xss-protection
0
expires
Mon, 03 Jun 2019 15:41:37 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame 6FCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-33/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3444
date
Sat, 01 Jun 2019 04:54:41 GMT
expires
Sun, 31 May 2020 04:54:41 GMT
last-modified
Tue, 16 Apr 2019 19:37:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
211616
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
8500299841315725430
tpc.googlesyndication.com/simgad/ Frame 0268 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8500299841315725430?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkzYuuz8p3I-wV3qUqx0oyEeZg2ww
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8d319c78ad8562f5729dd995f80a427dbe534975f2ec8d917023f78bb02d2747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 22:00:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 Jan 2018 09:29:15 GMT
server
sffe
age
63677
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
28560
x-xss-protection
0
expires
Mon, 01 Jun 2020 22:00:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0268 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 20:15:35 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
69962
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jun 2019 20:15:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0268 		295 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 16:12:39 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
84538
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jun 2019 16:12:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0268 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChYw0sD_1XPzUEMzJ1fAPs56TkAKLi4CIVrbl_urfB-iqtpWLAxABINrXxTlglfrwgYwHoAGToL_dA8gBAqkCozl1eFXCsj7gAgCoAwHIAwiqBKkCT9DDatP76doxlBQXx_4T7KSjAgmmsgF96XkEVWGazVXT4ObjHymiRl6F7cZ8y8a2XKW67U9jnAQwxbPbE1hS9M5AmehEk5tIa8L3La8SRNtiKrqbHRiuKhdya0gaTrdSP7LDVftvY05q1mi22ObL1LrhUXbdoDz0ml-XaYtA0rRxyDfyt143wEy2ik1soYUbCUo7VZxhIJJP7G_jWG76jjeFMw4_mdxy7BfZNXRN-Tt7gC-IQzbjCGA7hWEORwwWARjJkGcSwhgW7UTS21-9naGOFxNohQ5EG351_KvagrNWhhGjneEqA1ZeXJ1N0BB4GJ75vdci0A8TijFKcx8nliDFxQPyhdKQ3GkWcWQdU5ZWL3xd7waWAxpGztnyMZPfzQ_UgT0qwKEf4AQBoAYCgAfV38AiqAeOzhuoB9XJG6gHwdMbqAeB1BuoB4LUG6gH4NMbqAe6BqgH2csbqAfPzBuoB6DWG6gHpr4b2AcB8gcEENeIKNIICQiA4YAQEAEYDfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA9gTAw&sigh=GdbblIU97Io&tpd=AGWhJmv54miKY3XxAmAeKUwC-shgZw0mM3thyF5NlYo4F_6UjA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
12490772543527645483
tpc.googlesyndication.com/simgad/ Frame A482 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12490772543527645483?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnpILYSeiO340sGwRpxGwVHkB3zyw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c7864f9ab5d7d7d5fe49417c384c55dd9941f7aac4e8411213ee80f1c89d8043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 05:44:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Apr 2019 18:50:31 GMT
server
sffe
age
208657
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6000
x-xss-protection
0
expires
Sun, 31 May 2020 05:44:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A482 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 20:15:35 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
69962
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jun 2019 20:15:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A482 		295 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 16:12:39 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
84539
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jun 2019 16:12:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A482 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFRuJsD_1XN3XEMzJ1fAPs56TkAKozOPvVsD056vsCL_hHhABINrXxTlglfrwgYwHoAHXxNvOA8gBAuACAKgDAcgDCKoEpgJP0P1bXwWu-AdC-MutlqU4NJRFs3TM421hNbf1vg1xsgXOH4YH2GjvVHbCRnDRkwz1wpRU3J9yaCf-jugjMN6CsXceIMJB78ZjUGlOAVSlDZa6OP0caAhDTxmwSyINYpVkQ9EuScg27zmfWw0NHXu8I62yh91GOVNZdhIm_WdhH_SYN8oIaOktI8DKDMrjNsriiBoWtfB14yVg6pbCh9XqYfuMCcqAnX8gaZbl_lbpOZ3seVo6JKClYwDaxOASFi5NWthdUltsOVW_xXFx3JJFvuzh3U81g_isAGJ_zVFxDGOMP6MmtvhTOYMRByJG07up-brPhTPCOuXvmORxKuqKliMT-DlVsgXLFcgS7bZC3uKvQaB1rEWHn0RrOL6fhSGyrCjwcLvABM6i2t79AeAEAZIFBAgEGAGSBQQIBRgEoAYCgAeRu6QxqAeOzhuoB9XJG6gHwdMbqAeB1BuoB4LUG6gH4NMbqAe6BqgH2csbqAfPzBuoB6DWG6gHpr4b2AcB8gcEEM2FB9IICQiA4YAQEAEYDfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA9gTDQ&sigh=8kvolALzg5Q&tpd=AGWhJmvAlhRpiCj54hz09kuABqUJv3TE9nDT0WVYl-HKxNVsfg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9A4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 20:15:35 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
69963
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jun 2019 20:15:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9A4 		295 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 16:12:39 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
84539
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jun 2019 16:12:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B9A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CosyTsD_1XIjaEMzJ1fAPs56TkALEqODaVp7Y4s6lCcGhj5UBEAEgx4P8AWCV-vCBjAegAYPbtoMDyAEJ4AIAqAMByAMKqgSpAk_Qx8CHpHZy_iqMcdsn-ei3LmgDOQWK7KBDIeAJKJAIYVq2g3-veKaJXZQTmIQGsTKh_Xz_WHy-B8x6JWdPnuWS5DS_YEbU5_i2E9uhgqQj93pq5N8bslatun-6PtvhK8t0pbzH9SbIbGjFt217qJqcLkdpAoX0d5NTfcA7Erek7HPHaKrghQIFOIBw8eCgY7sa-ADS4-M_WlfCbsrvVM3_BkCxp62GypbsfcmZy53c9UrVb6xXYzAKiezOIhM78ahZbbErfTLjfOIN8iN_VyQdcZ1gFkwqEqhlSvpd9IDq-52UuplWGJmVxoREKJ1gSrAfZIWlrs_txEMfvWqXZPCicWIx6ZNaVGtSeYUr7diGs85uDk4WJnv6s7h4Y1Emo4j_1UvEPGKTi8AEqp-IqfYB4AQBkgUECAQYAZIFBAgFGASgBi6AB5Wp1S-oB47OG6gH1ckbqAfB0xuoB4HUG6gHgtQbqAfg0xuoB7oGqAfZyxuoB8_MG6gHoNYbqAemvhvYBwDyBwQQmIoM0ggJCIDhgBAQARgNgAoB2BMC&sigh=1BjlJx9ujC8&template_id=484&tpd=AGWhJms2gYiMrh_YYWHHn-QmnDDWzGVfIofBnc27q8_9_99DNg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/12752798741317035459/ Frame F776 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12752798741317035459/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIrAEQWhgBIAEtAAAAPzCsAThaRQAAgD8&rs=AOga4qm5JgaiBNGBzJMeVqC42jWjUyK4ug
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c6a103d6a2819235feca4884d85972cff492d9b3e2203ddb3cbd23d2cd85125e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 10:13:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Feb 2019 13:08:38 GMT
server
sffe
age
106059
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8301
x-xss-protection
0
expires
Mon, 01 Jun 2020 10:13:59 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10404015934066600049/ Frame F776 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10404015934066600049/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlEMcDKtCzzyGoycrDiGWN9Jhcssg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ec2672361d8bad047379f00ae9478db785167e750350d77d1522b9bc201f0e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 16:09:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Jun 2018 14:41:44 GMT
server
sffe
age
171149
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
2840
x-xss-protection
0
expires
Sun, 31 May 2020 16:09:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F776 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIk1-sD_1XNjeEMzJ1fAPs56TkAKU3L6OULi5q_u6CMCNtwEQASDa18U5YJX68IGMB6AB7Yvo6wPIAQbgAgCoAwHIAwqqBKYCT9DMkUSU-znwPn9EOHQJmW1kx_4WFQmSTRspL5UctcGosSd3EOAaA1SWBAiUAHgKFlMeZi0p_BbCXP4es7jjpI7wzD8X5LvdUMXp5FC6IVyUNniunOZJeur7zUrf17ylHSh1js5j-vOkwy0T8aDhHu36sqZPej3ojSYGVwbk7Wo3VFUUGzR7fJ3fAkfZkfapSD8HgQXGQtlOFZg8rXbRhcJvK8JR6XJyn-9eiCQfoyogqrbxSsCDjOUMOSKVUvM0CBFXssBc00KT2aqkz_51a8YefsM3dOwGQ7eTVNla4sUsuYUoCSZqhZ9-h_MYoWvWNyGTpSf9GPdMgX5IkBvOveGbVjRk6QoEdWx5S5x6cV4g2udDvo5yqtjswTDdvCoiovVyMRBxwASt1dehvQHgBAGSBQQIBBgBkgUECAUYBKAGN4AH68_cNqgHjs4bqAfVyRuoB8HTG6gHgdQbqAeC1BuoB-DTG6gHugaoB9nLG6gHz8wbqAeg1huoB6a-G9gHAfIHBBDolAvSCAkIgOGAEBABGA3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwyIFAE&sigh=SV3Zbar1Bks&template_id=492&tpd=AGWhJmvdS27F6dy1PY5Z4mc0QUHgResBcvc6lo4lpg0R5yvXnA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F776 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 20:15:35 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
69963
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jun 2019 20:15:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F776 		295 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 16:12:39 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
84539
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jun 2019 16:12:39 GMT
sd
us-u.openx.net/w/1.0/ Frame 91E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH7TKxVxATsHVas71KpdCsY&google_cver=1
0
0
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame B9A4 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 16:28:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:03 GMT
server
sffe
age
83568
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Mon, 01 Jun 2020 16:28:51 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame B9A4 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 03 Jun 2019 02:07:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:42 GMT
server
sffe
age
48848
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Tue, 02 Jun 2020 02:07:31 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ Frame B9A4 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 04:36:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
126329
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Mon, 01 Jun 2020 04:36:10 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ Frame F776 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 04:36:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
126329
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Mon, 01 Jun 2020 04:36:10 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame F776 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 07:50:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:38 GMT
server
sffe
age
114681
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Mon, 01 Jun 2020 07:50:18 GMT
c
c.pub.network/ 		36 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
1f345d4a24b7fc4402da5ebdd6dd0a0ccd06df429394f3bbb6490f07c7c1f5c3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:39 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin
Content-Type
text/plain;charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3086992626336173&correlator=1643962812331957&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21062456%2C21062819&vrg=2019052302&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190603&iu_parts=15184186%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3Ddbb0af2aca839c7e%3AT%3D1559576496%3AS%3DALNI_MZsudX5dtu1nkx0QC53551qeNGszg&cookie_enabled=1&bc=31&abxe=1&lmt=1559048143&dt=1559576499446&dlt=1559576488997&idt=4507&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1105&adks=3056404191&ucis=f&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&dssz=54&icsg=149533757546496&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&psts=CisI7by9nRLoAf7Q9oSDBIAC-t3hBoAC8t7hBoACob7d9lDRAmuE5ngBtBom&ga_vid=1804342404.1559576491&ga_sid=1559576492&ga_hid=664172114&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
9976b9106d34a70114d769687c64e0603007f8c4c17146dda592ec4cdbffc46c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 03 Jun 2019 15:41:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10226
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
134240187179576
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/134240187179576?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fb6dc0640f00bb5170a802c1c243f7167b61db0d6bce43d4d8e72487397bf93a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
56214
x-xss-protection
0
pragma
public
x-fb-debug
UMiN61hQWYMhWE9CFVJ8Tiz0YMQFXE+18KVXk1QPqTGwUBsL7H/Wa81QKjmO/jomJ5CVdIYTe/Bw/7sVZ7zjGA==
date
Mon, 03 Jun 2019 15:41:39 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1559576499606&ns_c=UTF-8&cv=3.1&c8=A%20Closer%20Look%20at%20the%20RobbinHood%20Ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.c...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1559576499606&ns_c=UTF-8&cv=3.1&c8=A%20Closer%20Look%20at%20the%20RobbinHood%20Ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer....
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1559576499606&ns_c=UTF-8&cv=3.1&c8=A%20Closer%20Look%20at%20the%20RobbinHood%20Ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.200.131 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a96-17-200-131.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1559576499606&ns_c=UTF-8&cv=3.1&c8=A%20Closer%20Look%20at%20the%20RobbinHood%20Ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c9=
Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 14:52:10 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
age
2986
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA54
x-amz-cf-id
PQ5ysVDF9QcoNQpsXm47ghG1PSv4xy110xQ0AQvvyg5JTmd1lPXPqQ==
via
1.1 420810dc8ca5cb74b64cae9e4b264cc9.cloudfront.net (CloudFront)
Cookie set checksync.php
hbx.media.net/ Frame 74F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
hbx.media.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

Server
Apache
Content-Type
text/html; charset=UTF-8
Set-Cookie
gdpr_status=1; Expires=Thu, 05 Dec 2019 15:41:41 GMT; domain=.media.net; Path=/; visitor-id=2025781020724645000V10; Expires=Tue, 02 Jun 2020 15:41:42 GMT; domain=.media.net; Path=/;
X-MNET-HL2
E
P3P
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=28216
Expires
Mon, 03 Jun 2019 23:31:58 GMT
Date
Mon, 03 Jun 2019 15:41:42 GMT
Content-Length
6511
Connection
keep-alive
amp4ads-v0.js
cdn.ampproject.org/rtv/011905291911450/ Frame 2F75 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81a880c00c7558a4f9aa19ee99f1a7333020b72b06581507661a391312546e82
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
184065
status
200
date
Sat, 01 Jun 2019 12:33:55 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76583
x-xss-protection
0
server
sffe
etag
"857f78993ce3bbc0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 12:33:55 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 2F75 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
91bc8cb001a38fb244ef1173f4a1173af97efd89b8ea19f4fe637baf296b7c7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
152526
status
200
date
Sat, 01 Jun 2019 21:19:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4935
x-xss-protection
0
server
sffe
etag
"03f1e956731b4c69"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 21:19:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 2F75 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0af992ccbf46caf34e8db2299cc3605c68a281d3904cc8335a7fd097aa4a23cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
64488
status
200
date
Sun, 02 Jun 2019 21:46:52 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38988
x-xss-protection
0
server
sffe
etag
"4064996315d71de9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Mon, 01 Jun 2020 21:46:52 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 2F75 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
36d3dbf3eebeddc67a072de42a5308383e183ef2534a7da73b0e9c58da7a3110
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
407346
status
200
date
Wed, 29 May 2019 22:32:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1401
x-xss-protection
0
server
sffe
etag
"1a1e735beccb9943"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 28 May 2020 22:32:34 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011905291911450/v0/ Frame 2F75 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905291911450/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
79f46d56255aad2486ce0183730868edf754a05c9716fe6fde651e26067f1bca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
171980
status
200
date
Sat, 01 Jun 2019 15:55:20 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
13459
x-xss-protection
0
server
sffe
etag
"9b7689891d979320"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 31 May 2020 15:55:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F75 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 20:15:35 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
69965
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jun 2019 20:15:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F75 		295 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 16:12:39 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
84541
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jun 2019 16:12:39 GMT
truncated
/ Frame 2F75 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67f67145ad682fff4000e8b27127baa0e9b4af72d4731655c1e0f434ec7f3663

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
3963370173998455028
tpc.googlesyndication.com/simgad/ Frame 2F75 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3963370173998455028?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk1ezckd2qSswh1eojDDmEkxLxx7Q
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
749ed95a2c0cef002224f1cbbb09c7e30f5d317a83a10381ee7e4be937441d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 07:00:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Jun 2018 21:37:16 GMT
server
sffe
age
31242
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13229
x-xss-protection
0
expires
Tue, 02 Jun 2020 07:00:58 GMT
l
www.google.com/ads/measurement/ Frame 2F75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLLFtW9e6hFj_7nyPSA82arIXLXDLmYZWzgxP8NlQJjuSeDj6wFGhzrdeQj9SFvJp9D69eHGYScxRO6P6MTGsmsxW9ew
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
B21456287.229688350;dc_pre=CLGksJrTzeICFY-HdwodNXcCUw;dc_trk_aid=427692958;dc_trk_cid=103966985;ord=801713851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 2F75
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21456287.229688350;dc_trk_aid=427692958;dc_trk_cid=103966985;ord=801713851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21456287.229688350;dc_pre=CLGksJrTzeICFY-HdwodNXcCUw;dc_trk_aid=427692958;dc_trk_cid=103966985;ord=801713851;dc_lat=;dc_rdid=;tag_...
42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21456287.229688350;dc_pre=CLGksJrTzeICFY-HdwodNXcCUw;dc_trk_aid=427692958;dc_trk_cid=103966985;ord=801713851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:40 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21456287.229688350;dc_pre=CLGksJrTzeICFY-HdwodNXcCUw;dc_trk_aid=427692958;dc_trk_cid=103966985;ord=801713851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2F75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiqZnsz_1XJTFH8vB1fAPl7mDoAnBrNDqVq7o--yICIuywOalCRABINrXxTlglfrwgYwHoAHv9Y7bA8gBAuACAKgDAcgDCKoEqQJP0FzY0GZQi73FhMyEbOmKMAlVb4Gv_KjXVYpemQGDHJT6tUtpiOvMaYnnM1lPPZRjQnnFyNzjr_Sg4HIOA7_dmvsawi5qobFLA7F8yFN1VK6ZXtgrxzmG-47IjYBeIgJ7sUoZbXOx82NySNhhnX65-7VeKBVxI_M-wIlnd0ZQwi5wadw68gZ6CBHuKkj4bf0yjUvPKGUZVTp0cnx64-u3rpNzuTU-OCz7XbiPf9Y14302FJtC7jW0MVdzQsi447UI4ElAwMSeNU8h56syOM6fcaOw30yD6lP2VxdItYN3mhPopeDZKCpJDoXdiPSlCa_PELdLhenxcee69NIge1piAL4kg42N31ukTB5yfbAutWiPHYNM1pWicEPv7Di9thdQ76_B0SSq5zbABL61pMKWAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeetpspqAeOzhuoB9XJG6gHwdMbqAeB1BuoB4LUG6gH4NMbqAe6BqgH2csbqAfPzBuoB6DWG6gHpr4b2AcB8gcEEIbkIdIICQiA4YAQEAEYDfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA9gTDA&sigh=rnQ169YDPeQ&tpd=AGWhJms2yiaDqi4Nn4qQyD7CZ827nps48H2utNCO65Xe9hGN5Q
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
c
c.pub.network/ 		36 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
1f345d4a24b7fc4402da5ebdd6dd0a0ccd06df429394f3bbb6490f07c7c1f5c3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:40 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin
Content-Type
text/plain;charset=utf-8
av
connatix-d.openx.net/v/1.0/ Frame 91E4 		48 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&cb=961ae267dae9c7e197931559576499768&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:40 GMT
content-encoding
gzip
server
OXGW/16.146.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
expires
Mon, 26 Jul 1997 05:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0268
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 03 Jun 2019 15:41:41 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
246
x-xss-protection
0
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
6JbcfADhWM9B4AulUZPiCAdbmomvphKHv4kjApf6YRUECDIzN2NdY/7YmKdKwREH7JIb8ZrEMN24SNTJG60HJw==
date
Mon, 03 Jun 2019 15:41:41 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F776
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 03 Jun 2019 15:41:41 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame A482
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 03 Jun 2019 15:41:41 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
246
x-xss-protection
0
t
jadserve.postrelease.com/ 		97 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:41 GMT
content-encoding
gzip
server
nginx/1.12.1
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
108
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
www.facebook.com/tr/ 		44 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&rl=&if=false&ts=1559576501378&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1559576501376.650092256&it=1559576499512&coo=false&rqm=GET
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 03 Jun 2019 15:41:41 GMT
/
www.facebook.com/tr/ 		44 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&rl=&if=false&ts=1559576501381&cd[freestar]=093aed4b-11a1-4683-8912-838169728a09&cd[client]=392&cd[site]=535&cd[page]=ff9a53d1e300d877fb1fc9dc91c1c9c8&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1559576501376.650092256&it=1559576499512&coo=false&rqm=GET
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 15:41:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 03 Jun 2019 15:41:41 GMT
r
amp-error-reporting.appspot.com/ Frame 0268 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Jun 2019 15:41:41 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
c
c.pub.network/ 		36 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
1f345d4a24b7fc4402da5ebdd6dd0a0ccd06df429394f3bbb6490f07c7c1f5c3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:41 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin
Content-Type
text/plain;charset=utf-8
hb
ssc.33across.com/api/v1/ 		117 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
da0f8f4c503c738fd110403a5cd473bb6d6570661a478dd606e9930cbfd785fa

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		117 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
4691bc6a8f6624b5dd2a2a790ce82232469d02fa0c8470c67a40d2ee1181a67e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		117 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
d773abd067fc371894f63b1f85110e33d25e586a024497473ecef7d305aa068b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		117 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
f3a35abdc0f890208bfcb2295432e9e7499c471daacd2705b45f9a9f3a579bbe

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		117 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
5547e471372fe6cae5297dba41bf1c0f4b7ed49535de6651e1306b9f7c09d53c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		117 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
7cb2aca35ecb4c7bb3ce3fdc511d199d7b654f79395a98fcc1a7b54cdd7cc71a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		117 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
be4b8a8c56763d5a262e8506296a1423720cc130dad340e9a8c57ee125766e21

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		117 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
20cea22f74e65283086e38b8592330f121b47c82ad09281d76d0be867382a0c8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		118 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
92585631b72efd654cdfc75b71ecdddf66fed252c45e5e99f7c9873d32d4a566

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		118 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
d43763b539d5dff2dc235e28e362bda5d63d621cf7a082722107d94f596773b7

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		118 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
226fd472756d5f3100371df3f39be8b1ddb5b5dfb53d8fc832f52a27cead13f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		118 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
c10436f1fa0df638e75b492f56678ade07486f56cb237c7c01fb03b7f3111e7b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		101 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
21490019917dfc5ec2694c6fd37b58bc39fce8b7dc2dbed376fc84e7e8078f2e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		101 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69b2a0f65b5435b203e0d81abc166510540a55f4f14d95dbbc77379a2741cba9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		101 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3c43577c9b7856d1dfef0fa8e474231f179f8ddf1fa4fa301c8ba0128e1077f4

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
/
hb.emxdgt.com/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1200&ts=1559576501680
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.23.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-184-23-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7042f252e1366aa2514e1a2e923e9a5de4e2fb9f1414c164944b59a3ed47023b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:41 GMT
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
content-length
8357
prebid_display
display.bfmio.com/ 		0
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		584 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN25751 (VALUECLICK - Conversant, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dca5e7aac01bf10982ef0bcadbb9ec59c81ed79f33b7b916cce95c38910fecc9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:41 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
584
expires
0
HeaderBiddingService
ssp.pub.network/ssp-server/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.pub.network/ssp-server/HeaderBiddingService
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.202.179.74 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
74.179.202.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
c47c7316f7039c307e59a101cabb753966b6278a6739bb157014de9e17f1391b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 03 Jun 2019 15:41:41 GMT
Server
Apache-Coyote/1.1
Vary
Origin
Access-Control-Allow-Methods
POST
Content-Type
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
arj
freestar-d.openx.net/w/1.0/ 		174 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=8708ed68-1c69-4faa-9852-49c0eadd25bb%2C61e4c675-02cb-404d-b7c2-7fc6b999cdfe%2C5048b243-c468-4e27-acbc-d9af14afe88b%2C0accdc1f-372c-494d-8a14-ba99e7515f71%2C2f68e2ed-fccd-4ca7-b0a8-7f07cc35d83d%2Ce8e97590-af2c-4ed4-85d4-5f65146bd1e2%2C942520df-2aed-4c61-84ec-4eb49c4c7a99&nocache=1559576501700&x_gdpr_f=1&pubcid=4740329e-70d2-45ce-b222-f604f40e3deb&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600%7C728x90%2C970x90&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_970x90_728x90_320x50_sticky&auid=539181725%2C539181725%2C539181725%2C539181725%2C539181725%2C539181725%2C539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
aaa5f98a63fa837b195d5d095fdd639b94f178b44e037a784eacc3cd3128180a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:41 GMT
content-encoding
gzip
server
OXGW/16.146.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
0
v2
i.connectad.io/api/ 		234 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a7e288b29c4288deff04af0456d7d643a5888edb729625d5c21b69a421626

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
content-encoding
gzip
content-type
application/json
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
4e12c5d06eb3befb-FRA
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		838 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e59c59524fa1f99be7b643ac7eb227befbb749b31791542162728febf0206669
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 03 Jun 2019 15:41:43 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.249.64.174; 89.249.64.174; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
321568d5-e7c3-41c5-85ba-2e617495efc1
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=8708ed68-1c69-4faa-9852-49c0eadd25bb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8464282476540974
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
783d23220a099bc9129aa52026284db92e20b15f398ed97b6a1fd5327ab6f80b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:41 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=9
Content-Length
1547
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=61e4c675-02cb-404d-b7c2-7fc6b999cdfe&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.26471091383348266
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
8fbb40960dd4ddbd54f414d5d06683c844f34702a0137883a0e430a1df01d97a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:42 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=1
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		257 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=5048b243-c468-4e27-acbc-d9af14afe88b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8647096484024568
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
c61b2497bb9bb263ddf55f9fe2bd20a0f61e3480f64d78f83a40e17c82eb331c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:42 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=5
Content-Length
257
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=0accdc1f-372c-494d-8a14-ba99e7515f71&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7434665117363692
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
5c94d5869805bed362e6056343157d31a81d54cef0376c2be1b9163247e50b91

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:42 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=9
Content-Length
1549
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=2f68e2ed-fccd-4ca7-b0a8-7f07cc35d83d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8333478823046081
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
6170d68d4e70b5cd265878a847d52818a4e1dc523297b0caa98cac1a559341ce

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:42 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=1
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		257 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=e8e97590-af2c-4ed4-85d4-5f65146bd1e2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.17771426145009217
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
009705cc7a6c03bfda51be9f00c2cfb3fcde46ba68ac2698430eaf1f8e11cb58

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:42 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=6
Content-Length
257
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=942520df-2aed-4c61-84ec-4eb49c4c7a99&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.03935670211623754
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
469012a7943f6dda7e3bdddf3a1cce32b6e14ba0f5f6b3cf27d5629f865fa3f0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:42 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=7
Content-Length
1514
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=119822842925b6bd&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.128.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-128-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=12048f1c221a915b&placement_key=wDH8n844o8J5LF7qDwHQ7sj5&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.128.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-128-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=1215ddb172d9d1be&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.128.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-128-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=1229ceb77a1edec4&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.128.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-128-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=123228c59c778b3e&placement_key=wDH8n844o8J5LF7qDwHQ7sj5&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.128.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-128-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=124d7f302d328e71&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.128.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-128-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
r
amp-error-reporting.appspot.com/ Frame A482 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Jun 2019 15:41:41 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
r
amp-error-reporting.appspot.com/ Frame F776 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Jun 2019 15:41:41 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
/
www.facebook.com/tr/ Frame D0F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
6958
pragma
no-cache
cache-control
no-cache
origin
https://www.bleepingcomputer.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
cookie
fr=01M6N1LAAbfuuwrYo..Bc9T-1...1.0.Bc9T-1.
Origin
https://www.bleepingcomputer.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 03 Jun 2019 15:41:42 GMT
c
c.pub.network/ 		36 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
1f345d4a24b7fc4402da5ebdd6dd0a0ccd06df429394f3bbb6490f07c7c1f5c3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:42 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin
Content-Type
text/plain;charset=utf-8
r
amp-error-reporting.appspot.com/ Frame B9A4 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
adview
securepubads.g.doubleclick.net/pagead/ Frame 0268 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ6R8sD_1XPzUEMzJ1fAPs56TkAKLi4CIVrbl_urfB-iqtpWLAxABINrXxTlglfrwgYwHoAGToL_dA8gBAqkCozl1eFXCsj7gAgCoAwGqBKkCT9DDatP76doxlBQXx_4T7KSjAgmmsgF96XkEVWGazVXT4ObjHymiRl6F7cZ8y8a2XKW67U9jnAQwxbPbE1hS9M5AmehEk5tIa8L3La8SRNtiKrqbHRiuKhdya0gaTrdSP7LDVftvY05q1mi22ObL1LrhUXbdoDz0ml-XaYtA0rRxyDfyt143wEy2ik1soYUbCUo7VZxhIJJP7G_jWG76jjeFMw4_mdxy7BfZNXRN-Tt7gC-IQzbjCGA7hWEORwwWARjJkGcSwhgW7UTS21-9naGOFxNohQ5EG351_KvagrNWhhGjneEqA1ZeXJ1N0BB4GJ75vdci0A8TijFKcx8nliDFxQPyhdKQ3GkWcWQdU5ZWL3xd7waWAxpGztnyMZPfzQ_UgT0qwKEf4AQBoAYCgAfV38AiqAeOzhuoB9XJG6gHwdMbqAeB1BuoB4LUG6gH4NMbqAe6BqgH2csbqAfPzBuoB6DWG6gHpr4b2AcB8gcEENeIKNIICQiA4YAQEAEYDfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA9gTAw&sigh=sjRxizSIoXk&vt=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 0268 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvU-AM0gixMN0hAEd5qhJ-hzmeFBZWXsfySajUHh7F52RPOctFsGr81RxyAYkI9B9OdPa3jS9VXaYubyKs5B9QJazsvp8ugwP02XeQKX5z3muwr4I8GVw&sai=AMfl-YTcFrqXLGNN2Db8Kk4WEA0GDhQcrSqQUvb1AXhx0ixaBnshtzBsexjoAeftoaBFCAHqx2uyEJ_5mr3Icay35lfzWXd2mOvxsw0blPoebA&sig=Cg0ArKJSzBO_RsKRPzJuEAE&id=ampim&o=436,146&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=749&tls=1749&g=100&h=100&pt=4632&tt=1750&rpt=4632&rst=1559576496797&r=v&adk=960084856&avms=ampa
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B9A4 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqbZiuDbUzrS_HrwvNZPrpXk0_Pm4yqha4yVk1OGakpFmDbNFj7Y4lvcT7Xcnq-BFQzh5-vDN-PSYR24tZUV_0WJjfat3JWR5YjLG2et3ZDujxFxqx0A&sai=AMfl-YQWIxbeVd56Y5SAXDvBtT8JphCvm5q2e3HsxIC7bqbEa0tdJBV3EHEl8kC53n8vp4x_sYza2JKxMTE56qOjXTxt9-Bco3HTnLDf9rixBA&sig=Cg0ArKJSzBfq0VfKLYWVEAE&id=ampim&o=1082,327&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1032&mtos=0,0,1032,1032,1032&tos=0,0,1032,0,0&tfs=640&tls=1672&g=100&h=100&pt=4186&tt=1673&rpt=4186&rst=1559576497040&r=v&adk=771041174&avms=ampa
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F75 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBnXPPpAA6eIx7QV3ssz2gCGpVemGZpUr0APyLGIPSAwOth9O6HqQl5e2ezsVDoxmvAbIcTvbkxa7UIUQNsP_rPSuYx_ey4PuWSV6y_spPF8gO5bW_bsu4hDELtyMD8mK-Fo0fD6YGwHEt4A&sai=AMfl-YRgGG_RAzwXl7m0VTlhJJnn9cLkaBkDfYJlTCdu-A5cqqZDLIbqy8NwOfKWSOWC2bmwOr4Sh-JOsIfB6A_MQSfyHvUi9a6BRxmhJEoUADwLqt519koyfDpRAmmt&sig=Cg0ArKJSzBbp0bSVtfZvEAE&cid=CAASF-RofddYIl-hfVtSOUKgw4bO2vMB_BH9&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=177&tls=1182&g=100&h=100&pt=1425&tt=1182&rpt=1425&rst=1559576500076&r=v&adk=3056404191&avms=ampa
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r
amp-error-reporting.appspot.com/ Frame 2F75 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Jun 2019 15:41:42 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
c
c.pub.network/ 		36 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
0f6d9ef5af10cc7a0e50ce53db11fca7ff3631a732f0139a20572daea0b02864

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 03 Jun 2019 15:41:43 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin
Content-Type
text/plain;charset=utf-8
v1
dmx.districtm.io/b/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.203.66.107 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
107.66.203.35.bc.googleusercontent.com
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Mon, 03 Jun 2019 15:41:44 GMT
server
nginx/1.13.12
access-control-allow-origin
https://www.bleepingcomputer.com
vary
origin
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
origin, content-type
hb
ssc.33across.com/api/v1/ 		119 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
b669e15c9162f3e4c98b7f4106a50078286c6220aa34df5f5f8779a69a685f63

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:44 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		119 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.251.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-251-174.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
d757fe6531ea9a006a7b96e8c3aef61cbaa67d767df42fa664da9f6830605dc4

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:44 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
arj
freestar-d.openx.net/w/1.0/ 		174 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=b08460b3-8af7-4bb7-af01-11b8f3f80d7e&nocache=1559576504239&x_gdpr_f=1&pubcid=bd51f3ad-cb91-4ef1-8d2f-80cf9d4ec310&aus=728x90%2C970x90&divIds=bleepingcomputer_970x90_728x90_320x50_sticky&auid=539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
cc5e259cd4f3b449c1c687b42562292da80155680899ff93dcaa3cd1c271f64e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:44 GMT
content-encoding
gzip
server
OXGW/16.146.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=b08460b3-8af7-4bb7-af01-11b8f3f80d7e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6145598453891052
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
535b0b6142931b8460b3e29e2eb6ec0023399b6ca17a96d7cb23f525c5c36ac1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:44 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=8
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
HeaderBiddingService
ssp.pub.network/ssp-server/ 		900 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.pub.network/ssp-server/HeaderBiddingService
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.202.179.74 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
74.179.202.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
20647f6d3bb0a03c8dcfdfe0e50cd0116b96aa2378cdb58ab49dad62d6c91e16

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 03 Jun 2019 15:41:43 GMT
Server
Apache-Coyote/1.1
Vary
Origin
Access-Control-Allow-Methods
POST
Content-Type
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b9f52c06e3f1fd8d6114a03d5ebcae8b555cf6c5d060930d074efc78d117154
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 15:41:46 GMT
X-Proxy-Origin
89.249.64.174; 89.249.64.174; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.15:80
AN-X-Request-Uuid
3c0b802a-909b-485d-9520-1e6348b221ad
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:44 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		55 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-31-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:44 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v2
i.connectad.io/api/ 		97 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2feb1d4156d7bb554fb6eb8a34f100a91d01d43d6d646560c8a1237224d2ef1c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jun 2019 15:41:44 GMT
content-encoding
gzip
content-type
application/json
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
4e12c5dfbedabefb-FRA
alt-svc
clear
via
1.1 google
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		194 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN25751 (VALUECLICK - Conversant, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
37be31eaba43877852759100f234b7a464534a6f53fd00eea03af2e3c5e89a49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 15:41:44 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
prebid_display
display.bfmio.com/ 		130 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.121.89 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-121-89.compute-1.amazonaws.com
Software
/
Resource Hash
49d07481a945b50138df6d182b6fdb53510ff7ac8fcd331865cc97f83c9ab565
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
140
v1
dmx.districtm.io/b/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.203.66.107 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
107.66.203.35.bc.googleusercontent.com
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Jun 2019 15:41:45 GMT
server
nginx/1.13.12
status
204
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
origin, content-type
g
rtb.connatix.com/ 		107 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_ivt=0&connatix_sess=U5K4f-u469LI2nE7r8AgEUGUn_q5tRJu8FqMOg4odVoVkllK8_gZLG4hkVOq1jrRvZ9wKg7rRmplph4wcQdKIiHDj9DG_pTNzAPpL59HtsRF0g929Ti6u1ZRFHOrkHxE3ySF_Qma8MonELJZksXqiG0zMWpOCZRuCEvZrQ5JG2h0GAzo142Vv0W4YTuDlu3q&notServed=false&xplr=false&c_s=false&c_pl=amo7k7z713fCHRc_kPhLtkdvJQ5VKj5-AiBrq3HPtBnyFDkZ6N8bPzEgNqkJgw539RDl7MdbeLtkKLCzOTpATY9cLccpF3THO643IBN5T4hUtiXxCcdSuoBD9AmasDY6nF9jUFynjM5bGDcWVYMRkKGJpcKQalQqX1qKF82bfuQZH6fG4zz8L7zgVOAvyaiQyHDckQ4rY6GYxx79hCsKCxMtlchjYQ3eaeqSAmW2hkF_it3Fpok93OvOokFclpT5GTdsqLmsyhWskdu2MxKNtg&gdpr=1&med_id=639404&request_guid=8e2a1b547359e77b7ef01559576505233&req_no=1&c_f=[{id:12393,r:1,i:0,sr:1},{id:13706,r:1,i:0,sr:1},{id:12388,r:1,i:0,sr:1}]&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_v=1494_0_0_0_0&callback=cnxJSONP_c55af03778de1aa192b21559576505233
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.118.21 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-230-118-21.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
ccea328deaafa36f36564bf97e8be72ce6e52a537eed42ec611b30b0e9e37df6

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Jun 2019 15:41:45 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
122
sync_iframe
sync.bfmio.com/ Frame 1CD8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1559576504348
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.142.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-203-142-219.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

access-control-allow-origin
*
Content-Type
text/html
Content-Length
217
Connection
keep-alive
sync_iframe
sync.bfmio.com/ Frame B13F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.142.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-203-142-219.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

access-control-allow-origin
*
Content-Type
text/html
Content-Length
217
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 88D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.172.253 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-75-172-253.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Vary
Accept-Encoding
ETag
W/"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 02 Jun 2020 15:41:49 GMT
Date
Mon, 03 Jun 2019 15:41:49 GMT
Connection
keep-alive
v2
de.tynt.com/deb/ Frame AE58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip182.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 04 Jun 2019 15:41:49 GMT
content-type
text/html
content-length
75
date
Mon, 03 Jun 2019 15:41:49 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
v2
de.tynt.com/deb/ Frame 74DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cMP4reZxWr6jPmaKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip182.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=cMP4reZxWr6jPmaKlId8sQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 04 Jun 2019 15:41:49 GMT
content-type
text/html
content-length
75
date
Mon, 03 Jun 2019 15:41:49 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
v2
de.tynt.com/deb/ Frame 9564 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=dxLHU2ZxSr6lrlaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip182.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=dxLHU2ZxSr6lrlaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 04 Jun 2019 15:41:49 GMT
content-type
text/html
content-length
75
date
Mon, 03 Jun 2019 15:41:49 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
sync
eb2.3lift.com/ Frame C90D
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.149.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-149-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
cookie
tluid=16946571673603532841
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
date
Mon, 03 Jun 2019 15:41:49 GMT
content-type
text/html; charset=utf-8
content-length
531
set-cookie
sync=CgkIcxC894PwsS0KCgjmARC894PwsS0KCQgJELz3g_CxLQoKCKkBELz3g_CxLQoJCDoQvPeD8LEtCgoIvQEQvPeD8LEtCgoIjgEQvPeD8LEtCgoI3gEQvPeD8LEtCgkIHxC894PwsS0KCQhfELz3g_CxLQ==; Max-Age=7776000; Expires=Sun, 1 Sep 2019 15:41:49 GMT; Path=/sync; Domain=.3lift.com tluid=16946571673603532841; Max-Age=7776000; Expires=Sun, 1 Sep 2019 15:41:49 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Mon, 03 Jun 2019 15:41:49 GMT
content-length
0
set-cookie
tluid=16946571673603532841; Max-Age=7776000; Expires=Sun, 1 Sep 2019 15:41:49 GMT; Path=/; Domain=.3lift.com
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
eu-u.openx.net/w/1.0/ Frame 9CF4
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
cookie
i=5206804d-161c-02bf-2cdd-be05da5ee476|1559576509
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
vary
Accept
set-cookie
i=5206804d-161c-02bf-2cdd-be05da5ee476|1559576509; Version=1; Expires=Tue, 02-Jun-2020 15:41:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1559576509|mOsLgqgikin0fcmWiygu; Version=1; Expires=Tue, 18-Jun-2019 15:41:49 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 03 Jun 2019 15:41:49 GMT
content-type
text/html
content-encoding
gzip

Redirect headers

status
302
set-cookie
i=841f28fb-dfde-0ced-0036-30fbf69adc51|1559576509; Version=1; Expires=Tue, 02-Jun-2020 15:41:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
date
Mon, 03 Jun 2019 15:41:49 GMT
content-length
0
v2
de.tynt.com/deb/ Frame C337 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip182.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 04 Jun 2019 15:41:49 GMT
content-type
text/html
content-length
75
date
Mon, 03 Jun 2019 15:41:48 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cookie set check.html
biddr.brealtime.com/ Frame BF15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

Date
Mon, 03 Jun 2019 15:41:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2882ee287cf58e180f93ee1c5432d3cd1559576509; expires=Tue, 02-Jun-20 15:41:49 GMT; path=/; domain=.brealtime.com; HttpOnly
x-amz-id-2
avkWHamSa/erPUleuk0LWmMdY13rHAUH9XtVYo0zn6Ug6D/WocMJevI/iMkGH//Hs1TrOgDrcJs=
x-amz-request-id
41EC72810F7ED8D6
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status
HIT
Expires
Mon, 03 Jun 2019 15:42:49 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4e12c5fe8e339d66-AMS
Content-Encoding
gzip
connectmyusers.php
cdn.connectad.io/ Frame D909 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
date
Mon, 03 Jun 2019 15:41:49 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0379c98d56e118b66dee46041a7af22e1559576509; expires=Tue, 02-Jun-20 15:41:49 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
expires
Mon, 03 Jun 2019 23:41:49 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e12c5fe8922befb-FRA
content-encoding
gzip
pd
eu-u.openx.net/w/1.0/ Frame C183
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
cookie
i=5206804d-161c-02bf-2cdd-be05da5ee476|1559576509
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
vary
Accept
set-cookie
i=5206804d-161c-02bf-2cdd-be05da5ee476|1559576509; Version=1; Expires=Tue, 02-Jun-2020 15:41:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1559576509|mOsLgqgikin0fcmWiygu; Version=1; Expires=Tue, 18-Jun-2019 15:41:49 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 03 Jun 2019 15:41:49 GMT
content-type
text/html
content-encoding
gzip

Redirect headers

status
302
set-cookie
i=5206804d-161c-02bf-2cdd-be05da5ee476|1559576509; Version=1; Expires=Tue, 02-Jun-2020 15:41:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
date
Mon, 03 Jun 2019 15:41:49 GMT
content-length
0
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4E14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.172.253 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-75-172-253.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Vary
Accept-Encoding
ETag
W/"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 02 Jun 2020 15:41:49 GMT
Date
Mon, 03 Jun 2019 15:41:49 GMT
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame EB96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:13e8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
date
Mon, 03 Jun 2019 15:41:49 GMT
content-type
text/html
set-cookie
__cfduid=dc9442f258922117f1c9b93aaf37cc4601559576509; expires=Tue, 02-Jun-20 15:41:49 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e12c5fef9a8d6b9-FRA
content-encoding
br
index.html
cdn.districtm.io/ids/ Frame AA45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:13e8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
date
Mon, 03 Jun 2019 15:41:49 GMT
content-type
text/html
set-cookie
__cfduid=dc9442f258922117f1c9b93aaf37cc4601559576509; expires=Tue, 02-Jun-20 15:41:49 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e12c5fef9abd6b9-FRA
content-encoding
br
connectmyusers.php
cdn.connectad.io/ Frame 4B7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
date
Mon, 03 Jun 2019 15:41:49 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0379c98d56e118b66dee46041a7af22e1559576509; expires=Tue, 02-Jun-20 15:41:49 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
expires
Mon, 03 Jun 2019 23:41:49 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e12c5fe8923befb-FRA
content-encoding
gzip
v2
de.tynt.com/deb/ Frame E8DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=bzPstcZxSr6lrlaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip182.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=bzPstcZxSr6lrlaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 04 Jun 2019 15:41:49 GMT
content-type
text/html
content-length
75
date
Mon, 03 Jun 2019 15:41:49 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
usync.html
eus.rubiconproject.com/ Frame BE62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 30 May 2019 17:53:28 GMT
Content-Encoding
gzip
Content-Length
7539
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=34399
Expires
Tue, 04 Jun 2019 01:15:08 GMT
Date
Mon, 03 Jun 2019 15:41:49 GMT
Connection
keep-alive
Vary
Accept-Encoding
1x1.gif
s3.amazonaws.com/brt-appnexus-cookie-sync/
Redirect Chain
  • https://edba.brealtime.com/
  • https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
42 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.32.98 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 15:41:50 GMT
Last-Modified
Fri, 10 Nov 2017 21:53:47 GMT
Server
AmazonS3
x-amz-request-id
87CD9C156B309F88
ETag
"d89746888da2d9510b64a9f031eaecd5"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
42
x-amz-id-2
gBcZr3qA7YrweznFOX21nfFsCN6fDI6JI3MnGWTF6uS/Kt9EWqHZh72ER1HViumGc5rx6qcmwu4=

Redirect headers

Date
Mon, 03 Jun 2019 15:41:49 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Location
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4e12c5fe8b0ebbfa-LHR
Expires
Thu, 01 Jan 1970 00:00:01 GMT
g
rtb.connatix.com/ 		101 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_ivt=0&connatix_sess=U5K4f-u469LI2nE7r8AgEUGUn_q5tRJu8FqMOg4odVoVkllK8_gZLG4hkVOq1jrRvZ9wKg7rRmplph4wcQdKIiHDj9DG_pTNzAPpL59HtsRF0g929Ti6u1ZRFHOrkHxE3ySF_Qma8MonELJZksXqiG0zMWpOCZRuCEvZrQ5JG2h0GAzo142Vv0W4YTuDlu3q&notServed=false&xplr=false&c_s=false&c_pl=amo7k7z713fCHRc_kPhLtkdvJQ5VKj5-AiBrq3HPtBnyFDkZ6N8bPzEgNqkJgw539RDl7MdbeLtkKLCzOTpATY9cLccpF3THO643IBN5T4hUtiXxCcdSuoBD9AmasDY6nF9jUFynjM5bGDcWVYMRkKGJpcKQalQqX1qKF82bfuQZH6fG4zz8L7zgVOAvyaiQyHDckQ4rY6GYxx79hCsKCxMtlchjYQ3eaeqSAmW2hkF_it3Fpok93OvOokFclpT5GTdsqLmsyhWskdu2MxKNtg&gdpr=1&med_id=639404&request_guid=b3bdf284917f296d1fc31559576520233&req_no=2&c_f=[{id:12393,r:2,i:0,sr:2},{id:13706,r:2,i:0,sr:2},{id:12388,r:2,i:0,sr:2}]&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&c_v=1494_0_0_0_0&callback=cnxJSONP_9479bf0a8dee86f2573e1559576520233
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1494/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.200.205 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-200-205.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
7479c9913ebaa8619f37e0c7815d5a648d1686dff0397af59d63e005378b6391

Request headers

Referer
https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Jun 2019 15:42:00 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
116

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH7TKxVxATsHVas71KpdCsY&google_cver=1
Domain
display.bfmio.com
URL
https://display.bfmio.com/prebid_display
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=1.32.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fa-closer-look-at-the-robbinhood-ransomware%2F&tmax=1200
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=125ed928c31db5b5&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=12636aea6199e6be&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=127317865d48844d&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=128c54cd18534235&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=1296002f9286c6ea&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=1300cb90753eefa8&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=131ab8e2b8e6bc75&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=13247c97fc1fc015&placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=133133571fee4a7&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=13446100825d858c&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=13588ddbbbbf1d1c&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| freestar object| apd_options function| gtag object| dataLayer object| elem object| scpt function| __cmp object| adsbygoogle object| google_tag_manager object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars string| GoogleAnalyticsObject function| ga function| Blazy object| jQuery1111016280010852166216 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf function| _ object| fsdata function| load_script object| googletag object| pbjs function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| _typeof object| _0x29f5 function| _0x2b8b object| BT object| closure_memoize_cache_ object| oattr function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| __cmpui boolean| cnx_poly object| cnxBindings function| cnxUnbind object| cnxtimeouts object| cnxintervals function| cnxSetTimeout function| cnxSetInterval function| cnxClearAll object| cnxUmm string| btID function| pbjsChunk object| __core-js_shared__ function| JSEncrypt string| cnxPageGuid object| cnxJSONP_f166ae7b5fa466efe9671559576492911 boolean| google_noFetch boolean| google_DisableInitialLoad object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| atajsshctcbwnpzR function| atajsshctcbsWGCW object| _qevents object| advBidxc object| _comscore object| cnxJSONP_cbd5df663fba86d880bb1559576495232 function| sha256_H28SdxWrZ387Ldn0qogCzFiUDDxfPiNIyJX7BECQkDE function| Goog_AdSense_OsdAdapter function| fbq function| _fbq object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| udm_ object| ns_p object| COMSCORE function| quantserve function| __qc object| ezt object| _qoptions function| _mR function| _mD function| CMD function| initCmd object| $jscomp object| ntv number| ntvLoadStart undefined| nQuery object| prdom function| ntvInsertTracking function| ntvTrackingUrlUtil function| ntvStopWatch function| ntvTimeOnContentStopWatch function| ntvGetElementViewability function| ntvViewableImpressionTracker function| ntvArticleTracker function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript object| ntvToutAds object| PostRelease function| parcelRequire function| TrackerFactory function| _MOAT function| _Viant object| businessLogic object| cnxJSONP_c55af03778de1aa192b21559576505233 function| cnxAddEventListener

1 Cookies

Domain/Path Name / Value
www.bleepingcomputer.com/ Name: _pubcid
Value: bd51f3ad-cb91-4ef1-8d2f-80cf9d4ec310

14 Console Messages

Source Level URL
Text
console-api warning URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1)
Message:
Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api log URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 5)
Message:
Video gallery initializing
console-api error URL: https://static.quantcast.mgr.consensu.org/v18/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api info URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 580)
Message:
Powered by AMP ⚡ HTML – Version 1905291911450
console-api error URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 160)
Message:
localStorage not supported.
console-api info URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 580)
Message:
Powered by AMP ⚡ HTML – Version 1905291911450
console-api error URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 160)
Message:
localStorage not supported.
console-api info URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 580)
Message:
Powered by AMP ⚡ HTML – Version 1905291911450
console-api error URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 160)
Message:
localStorage not supported.
console-api info URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 580)
Message:
Powered by AMP ⚡ HTML – Version 1905291911450
console-api error URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 160)
Message:
localStorage not supported.
console-api info URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 580)
Message:
Powered by AMP ⚡ HTML – Version 1905291911450
console-api error URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 160)
Message:
localStorage not supported.
console-api warning URL: https://cdn.ampproject.org/rtv/011905291911450/amp4ads-v0.js(Line 17)
Message:
Response unparseable or failed to send image request

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
api.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
biddr.brealtime.com
btlr.sharethrough.com
c.pub.network
cdn.ampproject.org
cdn.connatix.com
cdn.connectad.io
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cluster-ca.cdnjquery.com
connatix-d.openx.net
connect.facebook.net
core.connatix.com
cse.google.com
d.pub.network
de.tynt.com
display.bfmio.com
dmx.districtm.io
eb2.3lift.com
edba.brealtime.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
graph.facebook.com
hb.emxdgt.com
hbx.media.net
i.connatix.com
i.connectad.io
ib.3lift.com
ib.adnxs.com
jadserve.postrelease.com
m.addthisedge.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rtb.connatix.com
rules.quantcount.com
s.adtelligent.com
s.ntv.io
s3.amazonaws.com
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
ssp.pub.network
static.quantcast.mgr.consensu.org
sync.bfmio.com
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
us-u.openx.net
vendorlist.consensu.org
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.reddit.com
btlr.sharethrough.com
display.bfmio.com
dmx.districtm.io
tlx.3lift.com
us-u.openx.net
104.111.230.142
104.17.119.107
104.20.59.209
104.24.0.61
104.24.1.61
104.75.172.253
13.35.253.107
13.35.253.108
13.35.253.27
13.35.253.51
13.35.253.55
151.101.1.140
173.241.240.143
173.241.240.220
18.184.23.97
185.33.223.83
2.18.232.15
2.18.234.163
2.18.235.93
208.100.17.182
213.19.162.21
216.58.206.2
216.58.208.38
23.227.137.154
2600:9000:200c:600:9:46dc:4700:93a1
2600:9000:200c:aa00:9:46dc:4700:93a1
2600:9000:2043:6e00:1:af78:4c0:93a1
2600:9000:2043:7000:6:44e3:f8c0:93a1
2606:4700:10::6814:8528
2606:4700:20::6819:c072
2606:4700:30::681c:13e8
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2014
2a00:1450:4001:814::200e
2a00:1450:4001:817::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2008
2a00:1450:4001:81f::200e
2a00:1450:4001:821::2001
2a00:1450:4001:825::2002
2a02:fa8:8806:13::1460
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::645
2a05:f500:10:101::b93f:9101
3.81.251.174
34.195.70.133
34.198.121.89
34.203.142.219
34.230.118.21
35.188.71.214
35.202.179.74
35.203.66.107
35.226.36.58
52.19.153.98
52.59.128.192
52.59.149.28
52.86.200.205
54.173.215.67
54.175.89.167
54.231.32.98
54.76.31.118
91.228.74.162
96.17.200.131
009705cc7a6c03bfda51be9f00c2cfb3fcde46ba68ac2698430eaf1f8e11cb58
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0af992ccbf46caf34e8db2299cc3605c68a281d3904cc8335a7fd097aa4a23cc
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f6d9ef5af10cc7a0e50ce53db11fca7ff3631a732f0139a20572daea0b02864
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11843a1492df18c04aa4d13faa0a3274fcf6ac61f0130f4f473c808ee174246f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32
1c9fd72dc74e661b9e69326cc494fa101a33df9aa88321f3807a3cae7c2a49a4
1f345d4a24b7fc4402da5ebdd6dd0a0ccd06df429394f3bbb6490f07c7c1f5c3
20647f6d3bb0a03c8dcfdfe0e50cd0116b96aa2378cdb58ab49dad62d6c91e16
20cea22f74e65283086e38b8592330f121b47c82ad09281d76d0be867382a0c8
21490019917dfc5ec2694c6fd37b58bc39fce8b7dc2dbed376fc84e7e8078f2e
226fd472756d5f3100371df3f39be8b1ddb5b5dfb53d8fc832f52a27cead13f3
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
25825be1054d3f740a75117b5da68d7a5af5b15deb005561c9c31f35bf82a5e1
26e3a3490c370bdcf8e69347eee8f5d54ae2b7d2376d706c2c6eb6b2f323c743
272277c4464a35dddd60aa4d0757e8c83fcb43c1f0b5da4ec151de3f03db2fd2
2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3
2865d564c3dcac90857801b97229d38ac2e4d529b1463089abddcbdc6430f379
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2feb1d4156d7bb554fb6eb8a34f100a91d01d43d6d646560c8a1237224d2ef1c
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
32006b665c48d165c3c109a07122bf5e950f1ed57e179eb22b0b1e54c5bd827f
320a7eec7c7ad3d2f0e1653cd99d908c738d6666ce74126936c3e446459b6a87
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
357017568ad102cf853bced7d960ecd7fcc8854ab807a9958dff7c2106b35d27
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36d3dbf3eebeddc67a072de42a5308383e183ef2534a7da73b0e9c58da7a3110
371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208
37be31eaba43877852759100f234b7a464534a6f53fd00eea03af2e3c5e89a49
392052f027818de38eb23d2e99bf20e017e9ad6a18f2a3de17002cdbc7495087
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3c43577c9b7856d1dfef0fa8e474231f179f8ddf1fa4fa301c8ba0128e1077f4
4017b18e7a8f4ec880145c7f4a799e6ecd8d790448f4991e34bee90ba57400d7
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
44bcae493ddea950d6e2ec1f9ef7cf5b41c0cbd193512c0d27a55b6344df5d92
469012a7943f6dda7e3bdddf3a1cce32b6e14ba0f5f6b3cf27d5629f865fa3f0
4691bc6a8f6624b5dd2a2a790ce82232469d02fa0c8470c67a40d2ee1181a67e
46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78
478c6b278b7bdaeb656033355ed843d2bcfcad523d27da9d2d2ad57561ea304f
47979e0a5d84414178aded793f76b4daa12f473370ec2021c83771b043b8b9e0
49d07481a945b50138df6d182b6fdb53510ff7ac8fcd331865cc97f83c9ab565
4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c
4ad6475774c992df47815925a96f40ea0f43a5dce7bdc9366b93061aaed0ddcc
4b9f52c06e3f1fd8d6114a03d5ebcae8b555cf6c5d060930d074efc78d117154
4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
535b0b6142931b8460b3e29e2eb6ec0023399b6ca17a96d7cb23f525c5c36ac1
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5547e471372fe6cae5297dba41bf1c0f4b7ed49535de6651e1306b9f7c09d53c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5875e9c01f7f297e1241085e73ec158551b3092caecebb40c6e8f330704be5bf
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5a4807a64ee7cb4a860ce10207fb872221646b4d7f3776fbe46c14518c30459d
5aaf688e01a991bd9d796ca1adc8b66d432d477efdad550b7e991b692c6dbc5b
5c94d5869805bed362e6056343157d31a81d54cef0376c2be1b9163247e50b91
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d90874802ac121168dfd7a121058e335bade356eeaf0f9bfb74a5bdfb310f0a
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6170d68d4e70b5cd265878a847d52818a4e1dc523297b0caa98cac1a559341ce
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577
66e0f9a747bdd042fb9d01000d611034c4bdd2351cadb25fda445defec19c603
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f67145ad682fff4000e8b27127baa0e9b4af72d4731655c1e0f434ec7f3663
698a7e288b29c4288deff04af0456d7d643a5888edb729625d5c21b69a421626
69b2a0f65b5435b203e0d81abc166510540a55f4f14d95dbbc77379a2741cba9
6a4b3f35a47738cd19c08af6876b9db4ec9259694e4f4541723092f7c870e297
6a55d70f54aa8d42c16e5591d7c8b290f7cd25ecfa3d8c012bd3cbc2cee4d4fa
6a5ed4ad6f0094e68f08f7755f8960e7fd3f120001721ffac3bfd198d4e6cc43
6b7b21b3a1d175d69d7624ddd2024bfc5c56443552719180e4e7f79108217478
6d577d94f1675029cbc48a4a7e98f03942874723d30c7a8c6263e19a7b5d3329
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6ebee3fab4fdb2f178afd3d4a64d03c44b658f81ead11e46b46a5ad5b7b16663
7042f252e1366aa2514e1a2e923e9a5de4e2fb9f1414c164944b59a3ed47023b
7479c9913ebaa8619f37e0c7815d5a648d1686dff0397af59d63e005378b6391
749ed95a2c0cef002224f1cbbb09c7e30f5d317a83a10381ee7e4be937441d96
783d23220a099bc9129aa52026284db92e20b15f398ed97b6a1fd5327ab6f80b
78b31549a44b93371d878d96104fc2565fb1c068e0956cc7164855953a486870
79769503cd5d7f0577285b77cf8dca74cd080f95b091c75f8dfc29f4483a339c
79ae6835680932d4e2689acbde31f27067486cf205223688d60267bc5db9b7bb
79f46d56255aad2486ce0183730868edf754a05c9716fe6fde651e26067f1bca
7b0ba976f51ee59161622fc7d364c35985343adca90a2f5045e1dbb227f6bd3a
7bf5cc86c3864ac00f684f6b619c01d44070bfca139fe2e91f0677501d8ab568
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7cb2aca35ecb4c7bb3ce3fdc511d199d7b654f79395a98fcc1a7b54cdd7cc71a
7d190e76419b4ebe77f76a63323ad876df621293b5e613dcf026b0b391ea2dc0
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e7e02ad63a892c9155f440d15a7a0cf181f185b6b2dd17e279dcc6e048b6905
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81a880c00c7558a4f9aa19ee99f1a7333020b72b06581507661a391312546e82
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f541d43ea7ee73301eaee3f049399e75ae6f109da1008899d3615d73a9a29d
84d3a74865aaf560e9399f2aed3e6b1aba46e61cb702eb13c6602ae7f5b912f1
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8a8d0ab73ab540e184d64ad188d77df4fd798e55a2a2807d567aa3cea37fb409
8cfc3192e20100ef22ad52dacdfa481302a1d2792bffe50697e4745f89d15cbe
8d319c78ad8562f5729dd995f80a427dbe534975f2ec8d917023f78bb02d2747
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
8fbb40960dd4ddbd54f414d5d06683c844f34702a0137883a0e430a1df01d97a
91bc8cb001a38fb244ef1173f4a1173af97efd89b8ea19f4fe637baf296b7c7a
924c341ee5457922a197ad6fc1fcf9395334be8e5fcad61be8247dd8ccd4b1ee
92585631b72efd654cdfc75b71ecdddf66fed252c45e5e99f7c9873d32d4a566
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9976b9106d34a70114d769687c64e0603007f8c4c17146dda592ec4cdbffc46c
9b1f162ffa8166f66ca57329b7f3929a4d5b823b9865a23a48be1bedf2398137
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a0beecd8e6ef2f385b003b006511ef7c0b66e45616370947be5c8092c1d72fe6
a1af15b17fd7099b2d3a81a8b3aeffd94b26d2c1a58489c3903e11ec5a4896d3
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a6d4ea4e2f95dcd77bc3acb8408f8ed9c2d9453aeafef8af9387b04e6c9a8ff9
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
aaa5f98a63fa837b195d5d095fdd639b94f178b44e037a784eacc3cd3128180a
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b669e15c9162f3e4c98b7f4106a50078286c6220aa34df5f5f8779a69a685f63
b84ffa0bfad9fe528f603a8c84b965e6d09752342a645a67cfcf020c9ad21f82
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be4b8a8c56763d5a262e8506296a1423720cc130dad340e9a8c57ee125766e21
bf3f696ad18067627b9f0c27079294c16e750856a6533dcb3d4aacbbf895865c
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c10436f1fa0df638e75b492f56678ade07486f56cb237c7c01fb03b7f3111e7b
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c47c7316f7039c307e59a101cabb753966b6278a6739bb157014de9e17f1391b
c61b2497bb9bb263ddf55f9fe2bd20a0f61e3480f64d78f83a40e17c82eb331c
c6a103d6a2819235feca4884d85972cff492d9b3e2203ddb3cbd23d2cd85125e
c7864f9ab5d7d7d5fe49417c384c55dd9941f7aac4e8411213ee80f1c89d8043
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
ca63a5bf8f9e3e8f87bc6966bd6865309df0ec43339334769f31b42b7dd5bed2
cadeee5406393f5e169b38430d61e7bce7d70b669ec2461e059ed8dfcaf98aa0
cb46ec12d8220d903a93787a8022b4f2968ad1a09d2c99b2346827f56768cf9f
cc3fe6d56d2a5fc0e60a391a9106ecbc9fb47142aece14854467ed2900daa255
cc5e259cd4f3b449c1c687b42562292da80155680899ff93dcaa3cd1c271f64e
ccea328deaafa36f36564bf97e8be72ce6e52a537eed42ec611b30b0e9e37df6
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d3f4adba8e07b75db52be8f38c2b565ec93b1431433dcb5c2c5d6cf91627fe80
d43763b539d5dff2dc235e28e362bda5d63d621cf7a082722107d94f596773b7
d54113d5d99914636c06db627ef72342a4cfe764fae03e886d878d68589b58f3
d6553a6c991fe91210741e39d64cea8f76b37d71a4905ad673e887f123a7db5a
d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564
d757fe6531ea9a006a7b96e8c3aef61cbaa67d767df42fa664da9f6830605dc4
d773abd067fc371894f63b1f85110e33d25e586a024497473ecef7d305aa068b
d7ca2224450a2ed8cad8586ca83b073e414293cf484dd8f182383a1885ce6254
d9983221f969de6a2d49d65f72fe579b21e0c6ee83e0f2fc97213b14839f9673
da0f8f4c503c738fd110403a5cd473bb6d6570661a478dd606e9930cbfd785fa
db0999cc027657767c26670e2504c86b54b05f0c2e1cceea3f1433f06be181ae
dca5e7aac01bf10982ef0bcadbb9ec59c81ed79f33b7b916cce95c38910fecc9
e1cfef8563ed1c6e611844e2a5480e8423e1d1c70c85599201675cbdd5181b2e
e1ed25f4abd181e54349b19a94bd563692385ef339df2540abbee5638ccb3765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59c59524fa1f99be7b643ac7eb227befbb749b31791542162728febf0206669
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e8f1d3fd6813a65588f0c7215a8f1f844fb40787bfc7a0e247257a6ba96f2683
ec2672361d8bad047379f00ae9478db785167e750350d77d1522b9bc201f0e61
ee9b2fe75e3a5637b840957e2f9aefedb394224a1846a731ad7ead76abf91d58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3d32ea9a9fa05f8170d164890b55e15ce39157bb9ae7e96b047c1996d22a8b
efffbce121db9a7883702953d0a3ac807d605ab61622433d7679ca0f2576addc
f2ba83c922a59c0700ee00a309cc1dae4596f471164e15f209b3ce6a7d4d6f50
f3a35abdc0f890208bfcb2295432e9e7499c471daacd2705b45f9a9f3a579bbe
f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fb6dc0640f00bb5170a802c1c243f7167b61db0d6bce43d4d8e72487397bf93a
fd93f72da2955395970fea214455dfe9b45b15eb27c1e4b2b9574745f4d05a50