usanews.site Open in urlscan Pro
2a07:7800::194  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

• https://usanews.site/favicon.ico HTTP 302
• https://usanews.site/wp-includes/images/w-logo-blue-white-bg.png

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/	148 KB 49 KB	682ms 577ms	Document text/html	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / PHP/7.4.33 Resource Hash c859c0ef22210406f26739170acfc435def5ed4b7963b6311dfa9d190965b23a Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control public, s-maxage=216000 content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 15 Apr 2024 13:32:04 GMT link <https://usanews.site/wp-json/>; rel="https://api.w.org/", <https://usanews.site/wp-json/wp/v2/posts/53808>; rel="alternate"; type="application/json", <https://usanews.site/?p=53808>; rel=shortlink server Apache vary Accept-Encoding Accept-Encoding x-cache-enabled true x-cdn-cache-status MISS x-origin-cache-status HIT x-pingback https://usanews.site/xmlrpc.php x-powered-by PHP/7.4.33 x-provided-by StackCDN x-stackcache-cacheable yes x-via LHR4
GET H2	200	style.min.css usanews.site/wp-includes/css/dist/block-library/	111 KB 19 KB	78ms 70ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Wed, 03 Apr 2024 06:24:49 GMT server Apache etag W/"1bae5-6152b47a39f11" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:45:43 GMT
GET H2	200	wp-automatic.css usanews.site/wp-content/plugins/wp-automatic/css/	3 KB 965 B	96ms 88ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 05 Feb 2024 09:16:11 GMT server Apache etag W/"a99-6109ee9a965fb" x-cdn-cache-status HIT vary Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	237ms 66ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0c7b9b6429957fb998022948f64a29aacb06f7e96623ee15cf12ac51f3b34899 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 15 Apr 2024 13:32:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 15 Apr 2024 12:27:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 15 Apr 2024 13:32:10 GMT
GET H2	200	bootstrap.css usanews.site/wp-content/themes/newsup/css/	202 KB 36 KB	38ms 31ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/css/bootstrap.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 4c5798c5768d1fff57be971c1433ab44d971d717a56016facb2794a51b52ffea Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"329d5-6159506f9a353" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:47:15 GMT
GET H2	200	style.css usanews.site/wp-content/themes/newsgine/	7 KB 3 KB	99ms 93ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsgine/style.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 779e980fea5cc393a074df6181418a30b75a0fdb68fc421d89187ab01a6c25e2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 05 Feb 2024 08:53:27 GMT server Apache etag W/"1d50-6109e985ef180" x-cdn-cache-status HIT vary Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:44:36 GMT
GET H2	200	all.min.css usanews.site/wp-content/themes/newsup/css/font-awesome/css/	100 KB 27 KB	96ms 89ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 3548d37f54914ba085e8616975e91b0f37e856736c530ba9833e8921e2aa88b4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"190f4-6159506f9b2f3" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:44:37 GMT
GET H2	200	v4-shims.min.css usanews.site/wp-content/themes/newsup/css/font-awesome/css/	26 KB 5 KB	97ms 91ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/css/font-awesome/css/v4-shims.min.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 43c76c55901666edc020c33b12756390a7d723063c0bfe58899776b2db4d85da Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"6802-6159506f9b6db" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:44:38 GMT
GET H2	200	owl.carousel.css usanews.site/wp-content/themes/newsup/css/	2 KB 831 B	98ms 91ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/css/owl.carousel.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 0e180e2cf5cf8e21c295e53c3a91a4e98441e57b0527995543a68ca4b4058df1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"607-6159506f9ed8a" x-cdn-cache-status HIT vary Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:45:09 GMT
GET H2	200	jquery.smartmenus.bootstrap.css usanews.site/wp-content/themes/newsup/css/	3 KB 1 KB	100ms 93ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/css/jquery.smartmenus.bootstrap.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 2d63cc4c571351c9a41bd88e5ea38592122c05a20bc49d6931a1cb2fc0172ca4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"d29-6159506f9ed8a" x-cdn-cache-status HIT vary Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:44:48 GMT
GET H2	200	customizer.css usanews.site/wp-content/themes/newsup/inc/ansar/customize/css/	11 KB 3 KB	96ms 89ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/inc/ansar/customize/css/customizer.css?ver=1.0 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 3740bb0a39f299f80d6eb950a6ae04899f514557d9ca80463d5b09144d3ff7df Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"2a14-6159506fa3f92" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	style.css usanews.site/wp-content/themes/newsup/	81 KB 20 KB	101ms 94ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/style.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 771818a2df9f68fce7ad2d8ac0fbc58125bf1fd3b872a2133c048402c923385a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"14260-6159506fac849" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:44:40 GMT
GET H2	200	style.css usanews.site/wp-content/themes/newsgine/	7 KB 3 KB	125ms 118ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsgine/style.css?ver=1.0 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 779e980fea5cc393a074df6181418a30b75a0fdb68fc421d89187ab01a6c25e2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 05 Feb 2024 08:53:27 GMT server Apache etag W/"1d50-6109e985ef180" x-cdn-cache-status HIT vary Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	default.css usanews.site/wp-content/themes/newsgine/css/colors/	28 KB 6 KB	112ms 106ms	Stylesheet text/css	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsgine/css/colors/default.css?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 12c778e388832cf9978fcc7e3757754cd474b8b9bab36700cea66d343491ef4e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 05 Feb 2024 08:53:27 GMT server Apache etag W/"6e63-6109e985ed240" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/css x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:46:51 GMT
GET H2	200	jquery.min.js Show response usanews.site/wp-includes/js/jquery/	86 KB 35 KB	112ms 106ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Sun, 04 Feb 2024 18:12:13 GMT server Apache etag W/"15601-6109248dca109" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	jquery-migrate.min.js Show response usanews.site/wp-includes/js/jquery/	13 KB 6 KB	124ms 118ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Sun, 04 Feb 2024 18:12:13 GMT server Apache etag W/"3509-6109248dcb0a9" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	main-front.js Show response usanews.site/wp-content/plugins/wp-automatic/js/	1017 B 677 B	107ms 102ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 05 Feb 2024 09:16:11 GMT server Apache etag W/"3f9-6109ee9a9eaca" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	navigation.js Show response usanews.site/wp-content/themes/newsup/js/	2 KB 1 KB	125ms 120ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/navigation.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash c9177a21df84a75ac405848200ad1ec3d129e5c15efcb9f4d2cff8ea69a5f6ac Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"93a-6159506fa9d52" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	bootstrap.js Show response usanews.site/wp-content/themes/newsup/js/	136 KB 34 KB	109ms 104ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/bootstrap.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash c05942d83e635ab4b9783fa2026d3b3540c9fec0b383ca6a9a0f6991a8a8cd07 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"22127-6159506fa8db2" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	owl.carousel.min.js Show response usanews.site/wp-content/themes/newsup/js/	23 KB 8 KB	124ms 119ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/owl.carousel.min.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"5d80-6159506faa522" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	jquery.smartmenus.js Show response usanews.site/wp-content/themes/newsup/js/	46 KB 14 KB	107ms 102ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/jquery.smartmenus.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 489feabe8ac2d87de5bddb3638f4bb818d0c5cbc1371106eab029777a8a48364 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"b62a-6159506fa996a" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	jquery.smartmenus.bootstrap.js Show response usanews.site/wp-content/themes/newsup/js/	6 KB 2 KB	122ms 117ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash bc0c8ec8343dbaff247a4dcebe4405f3127e3dcb676d2542e265c64bb1251ca6 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"177a-6159506fa996a" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 07:45:10 GMT
GET H2	200	jquery.marquee.js Show response usanews.site/wp-content/themes/newsup/js/	23 KB 6 KB	109ms 104ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/jquery.marquee.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 072cecb33bf56cf9e0f141fff4985fa1e3be682b17272e7c630aa39c0994cb46 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"5db1-6159506fa9582" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	main.js Show response usanews.site/wp-content/themes/newsup/js/	625 B 556 B	126ms 122ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/main.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 06d667c24b5fe211ccdb1b62741cc1c9536e8076553f0224a7d811385e580b4b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"271-6159506fa9d52" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	295 KB 99 KB	254ms 72ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=GT-PLVQ3ZS Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5140f4dbfd3f9c312a67c01d91324cb70326b9f23b43733949447e5223c7962f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100715 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 15 Apr 2024 13:32:11 GMT
GET H/1.1	200 OK	c246e319f4ca0d87489d86fa070aeaa0.js Show response pl20458356.profitablegatecpm.com/c2/46/e3/	79 KB 30 KB	878ms 186ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pl20458356.profitablegatecpm.com/c2/46/e3/c246e319f4ca0d87489d86fa070aeaa0.js Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash 6aa25b4fab794f661eb0a33a3e318ea5d9a0d0a215453a8ed07f8b284cf14031 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:11 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID 6100d416744bd6cbdc5d25763d42fe43 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	295 KB 99 KB	234ms 88ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7MF1ZFZ528 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2788871074af67f5208af58f0020f0e96084b8bf7dcea1348a819e0bd5b486a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100867 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 15 Apr 2024 13:32:11 GMT
GET H/1.1	200 OK	7f3583c7536c504c6d8fa50262560435.js Show response pl20458497.profitablegatecpm.com/7f/35/83/	43 KB 16 KB	894ms 208ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash fe927ad8300d3fa9beaffd1b1ab2a81a133d9c350737c2f9fde5945758587221 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:11 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID 87c9010b1b07bd2b8b842226d1e3c992 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	868022515535b968f7bfc97150b279cc secure.gravatar.com/avatar/	2 KB 2 KB	148ms 31ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/868022515535b968f7bfc97150b279cc?s=150&d=mm&r=g Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5fb967d10f49ce514c908cc021755e29791fbf475d8653faf0940c9a25235c87 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT lhr 3 date Mon, 15 Apr 2024 13:32:10 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="868022515535b968f7bfc97150b279cc.png" accept-ranges bytes link <https://gravatar.com/avatar/868022515535b968f7bfc97150b279cc?s=150&d=mm&r=g>; rel="canonical" content-length 2131 alt-svc h3=":443"; ma=86400 expires Mon, 15 Apr 2024 13:37:10 GMT
GET H2	200	RansomHub-Change-Healthcare-Alamy-W5BW53.jpg i2.wp.com/media.wired.com/photos/66194e33b6dbceed427548e2/191:100/w_1280,c_limit/	76 KB 76 KB	186ms 27ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i2.wp.com/media.wired.com/photos/66194e33b6dbceed427548e2/191:100/w_1280,c_limit/RansomHub-Change-Healthcare-Alamy-W5BW53.jpg?w=1200&resize=1200,0&ssl=1 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 15bccbc195c864df2bd691799c99113dbcea8e301f1f14ebe2e9a4a6c9d2ab2a Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:10 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 77672 x-nc HIT lhr 5 last-modified Fri, 12 Apr 2024 19:44:28 GMT server nginx etag "747f171899bf1315" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://media.wired.com/photos/66194e33b6dbceed427548e2/191:100/w_1280,c_limit/RansomHub-Change-Healthcare-Alamy-W5BW53.jpg>; rel="canonical" expires Mon, 13 Apr 2026 07:44:28 GMT
GET H2	200	comment-reply.min.js Show response usanews.site/wp-includes/js/	3 KB 2 KB	29ms 26ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-includes/js/comment-reply.min.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Sun, 04 Feb 2024 18:12:14 GMT server Apache etag W/"ba5-6109248e03ecd" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	json-ld.js Show response usanews.site/wp-content/plugins/featured-image-from-url/includes/html/js/	507 B 590 B	27ms 26ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.6.9 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 8b9e686457dcdbe229329076432ea1239d05c3d4411f89bcebf0951bbf00ff6d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Fri, 05 Apr 2024 18:34:00 GMT server Apache etag W/"1fb-6155db30d8302" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	custom.js Show response usanews.site/wp-content/themes/newsup/js/	3 KB 1 KB	31ms 30ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/custom.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 28603e90af4cad1a6c4afd2e347f9bd94290ab252bae9c5c01f0eab7e9c6cdea Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"dbe-6159506fa919a" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	custom-time.js Show response usanews.site/wp-content/themes/newsup/js/	381 B 538 B	30ms 30ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/js/custom-time.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash ec6c241bf5feb4fe95b908093f198c6ae6ed7991dc78db287d4107f1335b088e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag W/"17d-6159506fa8db2" x-cdn-cache-status HIT vary Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET BLOB	200 OK	80f936ce-cbc1-40d0-a536-a5d50717b683 https://usanews.site/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://usanews.site/80f936ce-cbc1-40d0-a536-a5d50717b683 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Length 1185 Content-Type text/javascript
GET H2	200	sfp.js Show response downstairsnegotiatebarren.com/	84 KB 27 KB	280ms 129ms	Script application/javascript	2606:4700:e4::ac40:ac24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://downstairsnegotiatebarren.com/sfp.js Requested by Host: pl20458356.profitablegatecpm.com URL: https://pl20458356.profitablegatecpm.com/c2/46/e3/c246e319f4ca0d87489d86fa070aeaa0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ac24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:11 GMT strict-transport-security max-age=0; includeSubdomains content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" alt-svc h3=":443"; ma=86400 x-request-id 5d828d650ea99379628bdecf2e181f68 last-modified Mon, 15 Apr 2024 13:32:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGW8T2q7hxbu%2Fws5h7YRfTkz55yPWbf0GFanKaJqj0tFfbjAQpirmeE6eWUz7nXt%2FjaQ01uFa3upWJuZzP8SYa2osa4OBS%2FCvVGsQ2dkcGulW%2BGtfMxhT23OOqwiPss2aDUmRhvat%2FGIDy4ocygmRuisN1M8NhBz5t6zPg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 874c4cde1a4e76a3-LHR expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	stats Show response proftrafficcounter.com/	40 B 297 B	232ms 61ms	XHR text/html	3.123.64.179 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://proftrafficcounter.com/stats Requested by Host: pl20458356.profitablegatecpm.com URL: https://pl20458356.profitablegatecpm.com/c2/46/e3/c246e319f4ca0d87489d86fa070aeaa0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.123.64.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-64-179.eu-central-1.compute.amazonaws.com Software fasthttp / Resource Hash 793b4caae8f4cad6808f1118a5e0b3b245106cc4b6fdb17b66f83175e8aaa644 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://usanews.site date Mon, 15 Apr 2024 13:32:11 GMT access-control-allow-credentials true server fasthttp content-length 40 vary Origin content-type text/html; charset=UTF-8
GET H/1.1	200 OK	purst repeatedlyitsbrash.com/pixel/	0 469 B	519ms 204ms	Image text/plain	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://repeatedlyitsbrash.com/pixel/purst?dl=0&th=0&sc=0&rs=1665.099998474121&rd=1665.099998474121&fd=971.9000015258789&bv=24.4.2204&tmpl=70 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:12 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	stats Show response proftrafficcounter.com/	40 B 297 B	305ms 80ms	XHR text/html	3.123.64.179 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://proftrafficcounter.com/stats Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.123.64.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-64-179.eu-central-1.compute.amazonaws.com Software fasthttp / Resource Hash b3041ee7349e0be6744a8b61ec88a80d7bb904c8dc0187f8928a36851efd831a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://usanews.site date Mon, 15 Apr 2024 13:32:11 GMT access-control-allow-credentials true server fasthttp content-length 40 vary Origin content-type text/html; charset=UTF-8
GET H2	200	head-back.jpg usanews.site/wp-content/themes/newsup/images/	180 KB 181 KB	27ms 26ms	Image image/jpeg	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Show image Full URL https://usanews.site/wp-content/themes/newsup/images/head-back.jpg Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 708b6c74f01e4c44b61d0893995de0c3cef481d005d8661dcb78bfc9b431c01b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag "2d1f6-6159506fa08e2" x-cdn-cache-status HIT content-type image/jpeg x-via LHR4 cache-control max-age=86400 accept-ranges bytes content-length 184822 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:25 GMT
GET H2	200	rs_1200x1200-230928133151-rhop2.jpg i3.wp.com/akns-images.eonline.com/eol_images/Entire_Site/2023828/	342 KB 342 KB	32ms 25ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i3.wp.com/akns-images.eonline.com/eol_images/Entire_Site/2023828/rs_1200x1200-230928133151-rhop2.jpg?fit=around|1080:1080&output-quality=90&crop=1080:1080;center,top&w=1200&resize=1200,0&ssl=1 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 72af9dce9cabc348488a86430ab51c038f8f1a742500bbe21f001decfb8b1c0b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:11 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 349862 x-nc HIT lhr 4 last-modified Mon, 15 Apr 2024 13:28:41 GMT server nginx etag "f096be0b26946960" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://akns-images.eonline.com/eol_images/Entire_Site/2023828/rs_1200x1200-230928133151-rhop2.jpg>; rel="canonical" expires Thu, 16 Apr 2026 01:28:41 GMT
GET H2	200	e2f235702a834dceb53adce6bca0b711_xl.jpg i2.wp.com/imagez.tmz.com/image/e2/16by9/2024/04/15/	33 KB 33 KB	143ms 142ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i2.wp.com/imagez.tmz.com/image/e2/16by9/2024/04/15/e2f235702a834dceb53adce6bca0b711_xl.jpg?w=1200&resize=1200,0&ssl=1 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 4a9327a8ed762e4adfadaebdd993e4909f4876a75da7682a4acf1cd1ebefeb87 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:11 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 33590 x-nc MISS lhr 4 last-modified Mon, 15 Apr 2024 13:32:11 GMT server nginx etag "461f2df4858d3135" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://imagez.tmz.com/image/e2/16by9/2024/04/15/e2f235702a834dceb53adce6bca0b711_xl.jpg>; rel="canonical" expires Thu, 16 Apr 2026 01:32:11 GMT
GET H2	200	MarkRuffaloJessicaHecht.jpeg i0.wp.com/www.hollywoodreporter.com/wp-content/uploads/2024/04/	63 KB 64 KB	267ms 261ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.hollywoodreporter.com/wp-content/uploads/2024/04/MarkRuffaloJessicaHecht.jpeg?w=1024&w=1200&resize=1200,0&ssl=1 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash c2c939f1230b1ed97b06efe4435a54015fd3ade95c8fac2c949b3291cee3b605 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:11 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 64638 x-nc MISS lhr 4 last-modified Mon, 15 Apr 2024 13:32:11 GMT server nginx etag "26f1914a69065209" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.hollywoodreporter.com/wp-content/uploads/2024/04/MarkRuffaloJessicaHecht.jpeg>; rel="canonical" expires Thu, 16 Apr 2026 01:32:11 GMT
GET H2	200	original-815-1712783154-9.jpg i0.wp.com/img.buzzfeed.com/buzzfeed-static/static/2024-04/10/21/enhanced/aa93f15b356e/	665 KB 666 KB	718ms 714ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/img.buzzfeed.com/buzzfeed-static/static/2024-04/10/21/enhanced/aa93f15b356e/original-815-1712783154-9.jpg?crop=1581:830;0,0&downsize=1250:*&w=1200&resize=1200,0&ssl=1 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 5147c79047a951fcea6253ca8652a51d836da644d2f12dec68935ef232fdfa45 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:12 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 680552 x-nc MISS lhr 2 last-modified Mon, 15 Apr 2024 13:32:12 GMT server nginx etag "b9cdf89a81500498" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://img.buzzfeed.com/buzzfeed-static/static/2024-04/10/21/enhanced/aa93f15b356e/original-815-1712783154-9.jpg>; rel="canonical" expires Thu, 16 Apr 2026 01:32:12 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	213ms 59ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://usanews.site Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 09 Apr 2024 06:41:12 GMT x-content-type-options nosniff age 543059 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Apr 2025 06:41:12 GMT
GET H2	200	fa-solid-900.woff2 usanews.site/wp-content/themes/newsup/css/font-awesome/webfonts/	153 KB 153 KB	31ms 29ms	Font font/woff2	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2 Requested by Host: usanews.site URL: https://usanews.site/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.5.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.5.2 Origin https://usanews.site Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag "26350-6159506f9e5ba" x-cdn-cache-status HIT content-type font/woff2 x-via LHR4 cache-control max-age=86400 accept-ranges bytes content-length 156496 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:26 GMT
GET H2	200	fa-brands-400.woff2 usanews.site/wp-content/themes/newsup/css/font-awesome/webfonts/	115 KB 115 KB	32ms 29ms	Font font/woff2	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-content/themes/newsup/css/font-awesome/webfonts/fa-brands-400.woff2 Requested by Host: usanews.site URL: https://usanews.site/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.5.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.5.2 Origin https://usanews.site Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT last-modified Mon, 08 Apr 2024 12:34:31 GMT server Apache etag "1ca7c-6159506f9ca63" x-cdn-cache-status HIT content-type font/woff2 x-via LHR4 cache-control max-age=86400 accept-ranges bytes content-length 117372 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:14:26 GMT
GET H2	200	wp-emoji-release.min.js Show response usanews.site/wp-includes/js/	18 KB 6 KB	68ms 67ms	Script text/javascript	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 Requested by Host: usanews.site URL: https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:04 GMT content-encoding gzip last-modified Wed, 03 Apr 2024 06:24:49 GMT server Apache etag W/"4926-6152b47992b56" x-cdn-cache-status HIT vary Accept-Encoding, Accept-Encoding content-type text/javascript x-via LHR4 cache-control max-age=86400 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:23:11 GMT
GET H/1.1	200 OK	advertisers.js Show response capaciousdrewreligion.com/	0 329 B	459ms 178ms	Script application/javascript	172.240.253.132 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://capaciousdrewreligion.com/advertisers.js Requested by Host: pl20458356.profitablegatecpm.com URL: https://pl20458356.profitablegatecpm.com/c2/46/e3/c246e319f4ca0d87489d86fa070aeaa0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:12 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.21.6 Content-Type application/javascript Cache-Control no-cache Connection keep-alive Content-Length 0 X-Request-ID 83c8cac61341572abea4f01d3042a523 Expires Thu, 01 Jan 1970 00:00:01 GMT
POST H2	204	collect www.google-analytics.com/g/	0 251 B	200ms 65ms	Ping text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-79XFTL54EN&gtm=45Pe44a0v9164238217za200&_p=1713187930929&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=733603533.1713187932&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713187932&sct=1&seg=0&dl=https%3A%2F%2Fusanews.site%2F2024%2F04%2F12%2Fchange-healthcare-faces-another-ransomware-threat-and-it-looks-credible%2F%3Ffeed_id%3D83745%26_unique_id%3D661980d0b3856&dt=Change%20Healthcare%20Faces%20Another%20Ransomware%20Threat%E2%80%94and%20It%20Looks%20Credible%20%E2%80%93%20Usa%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2058 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GT-PLVQ3ZS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 15 Apr 2024 13:32:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://usanews.site cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	295 KB 99 KB	58ms 57ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7MF1ZFZ528&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GT-PLVQ3ZS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9eb13b02eea8a84427ffb1e0c2064dd6d1b2217eed17778a3a83c724d704792d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100792 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 15 Apr 2024 13:32:12 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	87ms 66ms	Ping text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7MF1ZFZ528&gtm=45je44a0v9176961703za200&_p=1713187930929&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=733603533.1713187932&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713187932&sct=1&seg=0&dl=https%3A%2F%2Fusanews.site%2F2024%2F04%2F12%2Fchange-healthcare-faces-another-ransomware-threat-and-it-looks-credible%2F%3Ffeed_id%3D83745%26_unique_id%3D661980d0b3856&dt=Change%20Healthcare%20Faces%20Another%20Ransomware%20Threat%E2%80%94and%20It%20Looks%20Credible%20%E2%80%93%20Usa%20News&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2173 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7MF1ZFZ528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 15 Apr 2024 13:32:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://usanews.site cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	sbar.json Show response sandysuspicions.com/	12 KB 10 KB	850ms 592ms	XHR text/plain	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://sandysuspicions.com/sbar.json?key=7f3583c7536c504c6d8fa50262560435&uuid=360c5ee5-0ab6-449a-af9c-db232d35cf46%3A3%3A1 Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash 0cdfcb2f6805e27d3fce87bbec5ab0fc1f452d0ee4b90dce6f7beb96eaf0e090 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:12 GMT Custom-Referer https://usanews.site Content-Encoding gzip Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.21.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://usanews.site Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive X-Request-ID efe6c11021a90e1a6fd4ec7976cd72a8 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	w-logo-blue-white-bg.png usanews.site/wp-includes/images/ Redirect Chain https://usanews.site/favicon.ico https://usanews.site/wp-includes/images/w-logo-blue-white-bg.png	4 KB 4 KB	28ms 28ms	Other image/png	2a07:7800::194 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://usanews.site/wp-includes/images/w-logo-blue-white-bg.png Protocol H2 Server 2a07:7800::194 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0 Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://usanews.site/2024/04/12/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/?feed_id=83745&_unique_id=661980d0b3856 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers date Mon, 15 Apr 2024 13:32:04 GMT last-modified Sun, 04 Feb 2024 18:12:15 GMT server Apache etag "1017-6109248eeb5db" x-cdn-cache-status HIT content-type image/png x-via LHR4 cache-control max-age=86400 accept-ranges bytes content-length 4119 x-origin-cache-status HIT x-provided-by StackCDN expires Tue, 16 Apr 2024 08:23:15 GMT Redirect headers date Mon, 15 Apr 2024 13:32:04 GMT x-cache-enabled true server Apache x-powered-by PHP/7.4.33 x-redirect-by WordPress x-cdn-cache-status HIT content-type text/html; charset=UTF-8 location https://usanews.site/wp-includes/images/w-logo-blue-white-bg.png x-via LHR4 cache-control public, s-maxage=216000 link <https://usanews.site/wp-json/>; rel="https://api.w.org/" content-length 0 x-origin-cache-status HIT x-stackcache-cacheable yes x-provided-by StackCDN
GET H/1.1	200 OK	pxf.gif unseenreport.com/	1 B 425 B	796ms 197ms	Image image/gif	192.243.61.227 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://unseenreport.com/pxf.gif?uuid=360c5ee5-0ab6-449a-af9c-db232d35cf46&eb=22814f7892ecc56fc63b9418b8bab8c8&te=18a1d4279f1d9de2f2caf02464cadcb2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=c246e319f4ca0d87489d86fa070aeaa0&bl=en-GB&sr=1200x1600&sz=1200x1600&hjs=14 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.21.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 1 X-Request-ID d7868e58be04bd849a7ad1de0cdbbf9a Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	pxf.gif unseenreport.com/	1 B 425 B	820ms 206ms	Image image/gif	192.243.61.227 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://unseenreport.com/pxf.gif?uuid=360c5ee5-0ab6-449a-af9c-db232d35cf46&eb=22814f7892ecc56fc63b9418b8bab8c8&te=18a1d4279f1d9de2f2caf02464cadcb2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=7f3583c7536c504c6d8fa50262560435&bl=en-GB&sr=1200x1600&sz=1200x1600&hjs=14 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.21.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 1 X-Request-ID 12ff8274d7e97da7b72833929607652c Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	index.html Show response cdn.barscreative1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/	3 KB 1 KB	185ms 41ms	XHR text/html	2a02:b48:8300::3 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.barscreative1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/index.html Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:b48:8300::3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash 1cbf422cdd08e5e4976b8ba48a75d83815d93f6ced9396f6160dd1088df6d2c3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Mon, 15 Apr 2024 14:32:13 GMT date Mon, 15 Apr 2024 13:32:13 GMT content-encoding gzip last-modified Fri, 19 Jan 2024 14:19:27 GMT server nginx/1.21.6 etag W/"65aa84ef-ac8" content-type text/html; charset=utf-8 access-control-allow-origin * access-control-expose-headers Date cache-control max-age=3600 x-proxy-cache HIT
GET H/1.1	200 OK	ren.gif sandysuspicions.com/	7 B 670 B	120ms 119ms	Image image/gif	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sandysuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSv28dxRaetaM0T09PL82THomyBUWC7Ju7P68vkUjihIRgO4TEkSloZmdmrwfvzqxmdu86hsIigEJ3oUqF1t9NYgFRBA2i4dc1EoUlikvlxv8AigQFPbqOJUucKc6Zc74jzfd989FWtU98VHRPL%2BkNmWX0XNRqu2dWpOK6tu6NZddrt9rn3RWp4vC8ux6HZ91LRZGJFZEsyPJcFHRaQeyeWXhteWlxxs3kmnCvCbamz7qXV43OxTnPD1rtyXFv05QaebgCWTz1umGrE7Z8z2957Qjr5p8dWzmw1AHv75MTkHz877%2FK1yHZCCr%2F6oqwa6UuZl7Nq4yW2qDPt%2B%2BoNaVrhfyoTI2DVG0foqHtmJAHU9Bq%2B5AkdP%2FhhCQSOSZT078gUY%2Bfvx1Jf%2Bj5AZIMQiHh%2F0LdH0FkI0g6AtP3IPkSGMe1eaj86R0lS8HdBal6XOfPMXSCGZPj029B1mNy%2FIM2VP79vJGltKvussgE03leKcloKbWy7s3Fy1hPG8j1EWRvhKLaQbnhQNY7YOX7kPxXcmblNFT%2BeFErrhUk33sxiNssEiKabdMkng3DLp2laZfN8sQPfB5ELA3jA92kHEGmI2RiAGqnUVkHlXRQpQ6qwkHO99wui1jcabNON%2BjMeWE8F3YjSr1Ol%2FM48jyBik1YDVAWA7BsAGY2UZhNrMkBTPUj7GoDyx3YkqDPG9SCoLYENSWoJUFdEtT95hHPrG%2BbxzyzVeIdZv8wB81Ql70t%2BkiXPaEIqBnA8Gar2Cf%2FnUjqxEOFNbHndtIgmgtYJwpiFrVDFvO5lEZtP%2FajuB0GEaxsIO0UqHWwIcdk5uVtFHJMTpz8Bgndgc12wOQ0aHUKtG5AVxtsqCeVpUrUtmVlKcB1g6I8hvKus5XtkxcOTF16dxOC7V4MP%2Fv2zd8%2FPA1mGhSmwTvyZ4Jedn94S9fk4S1dW%2FL1G0Upc7lxYPLtkpbi2BcL4m6tDb9%2BxQ4%2Bv8Qmg0n5ZFnYcpEqLlXPki%2FnJefCXNWGCfLddbsikpuVXZ2vjKqKxZuXr17PCyOslVqNQOWYOB%2F%2FCSbH5D8nHxz855ee%2FR%2FSjGCqBnm1Sw4DUu%2BAFZuwxe7F8JXownvPPoHVBCY7wiSFg7pqhsZPjpqZJMjE0Z0mDaw4EiERuz%2F88Xw2NHSyTWWzZe%2BjZ6ZAy3tQeYO%2BadDPGtBsAFtND8vC7F74LTgIJNnUMMnM1MMkM9mnBzKPyY3%2F%2FQQr99y5KAp9zlnqx50g7ogu87rhHO8I5qWBSAKUdpyemnn7bwAAAP%2F%2FAQAA%2F%2F%2B6wGpt2QQAAA%3D%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.21.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 7 X-Request-ID fd98f2328b2b479b45c0a7de8c6a058f Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H3	200	animate.css Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/css/	77 KB 5 KB	174ms 56ms	XHR text/css	2606:4700:e0::ac40:6d0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/css/animate.css Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 211 alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jan 2024 14:19:27 GMT server cloudflare etag W/"65aa84ef-13365" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nC3Q9XxbGxPtUFE7ObD7c1xpD7qfllDGrsbS6vZR37gp7Fi%2FqAfa9qGYJZrMOfUyIBoKHSYRdGrEXOavw1vp1rW38u1kFHhPkLOKTf5ekReN4zT74Z38yc4rI0Sff%2BAiQsegMXgJ%2FMwfCyhBgIdUYF0TeEUz"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 874c4ce7ad2263d9-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	style.css Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/css/	9 KB 3 KB	162ms 44ms	XHR text/css	2606:4700:e0::ac40:6d0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/css/style.css Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c44658d02ac847db2c809185ccf7d875dc6cae9ff52b633d074962a50cd5dc1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 211 alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jan 2024 14:19:27 GMT server cloudflare etag W/"65aa84ef-23d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xZT66VMsV74wyoeE71ZZVJuG%2FCrT4rP%2Fq%2FoOsWPiO7W%2F1%2F2Oa97dYiPejKmo5w8Tf1vRz%2FlJRUUCPlmkTdVBGyydpNL9CrTOWb9tb%2F9ePWSW4kCBfEBzrucyMWh1Wh3rdWHGseRgB9OumIbo2Frs%2Bldr737"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 874c4ce7ad2663d9-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sbls sandysuspicions.com/pixel/	0 469 B	101ms 101ms	Image text/plain	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sandysuspicions.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2Fmulti%2F1%2Findex.html&l=2760&fd=188.6999969482422 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Server nginx/1.21.6 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	css fonts.googleapis.com/ Frame 7170	7 KB 841 B	52ms 50ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 15 Apr 2024 13:32:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 15 Apr 2024 13:02:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 15 Apr 2024 13:32:13 GMT
GET H3	200	close.svg cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/img/ Frame 7170	1 KB 1 KB	222ms 103ms	Image image/svg+xml	2606:4700:e0::ac40:6d0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/img/close.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2041495 alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jan 2024 14:19:27 GMT server cloudflare etag W/"65aa84ef-4ff" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNY3uJPHZv%2BOvqAGlkR%2FfzqtQ1csG4ukrcwfM%2FjwZXttgVVfLlmLgnN1kFX63QcVf7FpogOiF7%2FJhF7igpp%2Fb%2Fvvljq0sbdDqy52M7YuMTCSpdvuaKNcBFlKeHBzd%2B0yRK2FUALMklKYQrf6CKRAVtIUmlJX"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 874c4ce859376361-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	Chrome.png cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/img/ Frame 7170	9 KB 9 KB	195ms 76ms	Image image/png	2606:4700:e0::ac40:6d0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/img/Chrome.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9d3e91aa95e9e633a8e5aac0f4e11bc7942d19511d283d2b625bae021c0c437 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:13 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2056973 alt-svc h3=":443"; ma=86400 content-length 9069 last-modified Fri, 19 Jan 2024 14:19:27 GMT server cloudflare etag "65aa84ef-236d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWeh0YDrYDLeSpCHxMn8YKUzwtfEy5SNSyDpJVulfqnbRG8sbefEM%2B3xGkZh01eHKADAhwAq53Q9ii6eSheozY%2BSDz5wjp5lMfjzJSKdHR48mJ0fv7%2BjCP5XPIm8Iemn%2BVnkFEYr5TNdi9aVhpNT0a%2FRYyh7"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 accept-ranges bytes cf-ray 874c4ce859366361-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	jquery.min.js Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/js/ Frame 7170	82 KB 30 KB	165ms 47ms	Script application/javascript	2606:4700:e0::ac40:6d0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/js/jquery.min.js Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2041495 alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jan 2024 14:19:27 GMT server cloudflare etag W/"65aa84ef-149a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUhGiL75e847qJTwfFs0MCfcbwqykZaQjlBR8k9jsNfK%2FBrfuqWYPL5WDsv4yp4f3YZE4ci2RpoOKHcg%2Ffr1QIwxNBc0eFLKGbkVmwu8KkuZfRonkFbGAjxWmkZQn5H86VqyYoIPqL5RfPfWjSSWayq%2FWzGW"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 874c4ce859306361-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sbls sandysuspicions.com/pixel/	0 469 B	102ms 102ms	Image text/plain	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sandysuspicions.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2Fmulti%2F1%2Fcss%2Fstyle.css&l=9174&fd=163.4000015258789 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Server nginx/1.21.6 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	sbls sandysuspicions.com/pixel/	0 469 B	191ms 99ms	Image text/plain	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sandysuspicions.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2Fmulti%2F1%2Fcss%2Fanimate.css&l=78693&fd=175 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Server nginx/1.21.6 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H3	200	script.js Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/js/	33 KB 13 KB	39ms 38ms	XHR application/javascript	2606:4700:e0::ac40:6d0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/ff/multi/1/js/script.js Requested by Host: pl20458497.profitablegatecpm.com URL: https://pl20458497.profitablegatecpm.com/7f/35/83/7f3583c7536c504c6d8fa50262560435.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ba435e15a4ee915296bf4f86a540771f6709192d95d43cd9e4e7a4f7a4de2df Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:32:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 211 alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jan 2024 14:19:27 GMT server cloudflare etag W/"65aa84ef-83fe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1OalmiH%2FR56TT8dECzfQ7b2OufjbpJjnXpkISR7TxfQCt4tJuOV1usNrsEEpRdZAFBRgCR9OfTkhLCOXXscvZsCfb05nUn6lbHImGwllIuXfJ7JzujaN%2Bz5SFvCeqmERX2MNOmtZYGfCxirn9%2FsLGMwNQwj"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 874c4ce8deb663d9-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sbls sandysuspicions.com/pixel/	0 469 B	100ms 99ms	Image text/plain	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sandysuspicions.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2Fmulti%2F1%2Fjs%2Fscript.js&l=26398&fd=63.900001525878906 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Server nginx/1.21.6 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	impr.gif sandysuspicions.com/	7 B 670 B	278ms 278ms	Image image/gif	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sandysuspicions.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSv28cRRuetaM0nz4h0iBBomxBkSD7snt7u3dHJJI4ISHYDiFxZAqa2ZnZ8%2BDdmdXM7q1jKCwCKHQHVSq0fi6JBUQRNIiGX2ckCksUR%2BXG%2FwCKBAU9OtuSJd4p3nfe93mleZ5nPtks90gTJd3Vi3pdpik9FzY898yyVFxX1r2x5PpewzvvLksVtc67a1HrrHspz1OxLOJ5WZwLg3YjiNwz828sLS7MuKlcFe41wVb1WffyitGZOOc3g4Y3Oe5tmlAjD1cg86d%2Bt9VotxpNv9nwvRBr5r8dWzqw1AHv75ETkHz8%2F3%2BKNyHZCCr75oqwq4XOZ17PypQW2qDPt%2B6oVaUrheyoTIyDRG0doqHtmJAHU9Bq65AkdP%2FhhCRiOSZT078hVo8P3o64P%2FSbAeIUQiHm%2F0PVH0GkI0g6AtP3IPkiGMe1Oajs6R0lC8Hdeal6XGcHGDrBjMnx6XcgqzE5%2FpEHlf04Z2Qh7Yq7JFLBdJaVSjJaSK2se3PhMtaSGnJtBNkbIS%2B3Uaw7kNU2WPEhJP%2BdnFk%2BDZU9XtCKawXJd18OIo%2BFQoSzHo2j2VarS2dp0mWzPG4GTR6ELGlF%2B7pJOYJMRkjFANROo7QOSumgTByUuYOM77pdFrKo7bF2N2h3%2FFbUaXVDSv12l%2FMo9H2Bkk1YDVDkA7B0AGY2kJsNrMoBTPkz7EoNyx3YgqDPa1SCoLIEFSWoJEFVEFT9%2BhFPbdPWj3lqy9g%2FzM3DHNRDXfQ26SNd9IQioGYAw%2BvNfI88P5HUiYYKq2LXbSdB2AlYOwwiFnotFvFOQkOvGTXDyGsFIaysIe0UqHWwLsdk5tUt5HJMTpz8DjHdhk23weQ0aHkKtKpBV2qsqyelpUpUtmFlIcB1jbw4huKus5nukZf2TV18fwOC7VxsffH9239%2BfBrM1MhNjffkrwS99P7wlq7Iw1u6suTbt%2FJCZnJ93%2BTbBS3Esa%2Fmxd1KG379ih18eYlNBpPyyZKwxQJVXKqeJV%2FPSc6FuaoNE%2BSH63ZZxDdLuzJXGlXmCzcvX72e5UZYK7UagcoxcT79G0yOyXMnH%2Bz%2F51eevQhpRjBljazcIYcBqbfB8g3YfOdi67XwwgfPPoPVBCY9wsS5g6qsh6YZHzVTSZCKozuNa1hxJEIsdn7662A2NHSyTWW9ae%2BjZ6ZAi3tQWY2%2BqdFPa9B0AFtOD4vc7Fz4I9gPxOnUME7N1MM4Nenn%2BzKPyY0XfoGVuy71w26c%2BEGHM9rucOp7nXY7ZH4cJXFXeBSFHSenZt79FwAA%2F%2F8BAAD%2F%2F1Vr8HXZBAAA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.21.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 7 X-Request-ID c8c85c1caf6badc4f9ab64e842be8ab2 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	sbs sandysuspicions.com/pixel/	0 469 B	240ms 240ms	Image text/plain	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sandysuspicions.com/pixel/sbs?c=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://usanews.site/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 15 Apr 2024 13:32:13 GMT Server nginx/1.21.6 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT