saudigazette.com.sa Open in urlscan Pro
192.124.249.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Submission: On January 12 via api (January 12th 2021, 5:58:00 pm UTC) from US

Summary HTTP 217 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 34 domains to perform 217 HTTP transactions. The main IP is 192.124.249.107, located in United States and belongs to SUCURI-SEC, US. The main domain is saudigazette.com.sa.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 20th 2020. Valid for: a year.

This is the only time saudigazette.com.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	192.124.249.107 192.124.249.107	30148 (SUCURI-SEC) (SUCURI-SEC)
4	13.224.94.34 13.224.94.34	16509 (AMAZON-02) (AMAZON-02)
21	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3 6	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2606:4700::68... 2606:4700::6811:a755	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::681b:a611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::681f:599c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20e8:ca00:1d:6b27:c980:93a1	16509 (AMAZON-02) (AMAZON-02)
4	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
29	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10:... 2a02:26f0:10:4b8::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:824::2010	15169 (GOOGLE) (GOOGLE)
3	78.140.185.32 78.140.185.32	35415 (WEBZILLA) (WEBZILLA)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:21f... 2600:9000:21f3:6e00:b:3c99:a880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.93.55 143.204.93.55	16509 (AMAZON-02) (AMAZON-02)
1	184.31.88.106 184.31.88.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.108.145.75 104.108.145.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:219... 2600:9000:2190:b800:3:3133:8480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:ae00:18:757a:bc40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e8:5a00:1e:a814:d680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.7.113 65.9.7.113	16509 (AMAZON-02) (AMAZON-02)
1	13.224.94.113 13.224.94.113	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:400:f:b7c0:a340:93a1	16509 (AMAZON-02) (AMAZON-02)
1 13	108.128.24.244 108.128.24.244	16509 (AMAZON-02) (AMAZON-02)
3	139.162.26.143 139.162.26.143	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2600:9000:206... 2600:9000:206f:2200:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.85.246.125 3.85.246.125	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
1	52.16.29.86 52.16.29.86	16509 (AMAZON-02) (AMAZON-02)
2 2	34.249.135.160 34.249.135.160	16509 (AMAZON-02) (AMAZON-02)
217	47

26 192.124.249.107 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10107.sucuri.net

saudigazette.com.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.94.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-34.zrh50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:a755 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.speakol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rd.speakol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
recommendation.speakol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:a611 (United States)

ASN13335 (CLOUDFLARENET, US)

vendo.mmpww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::681f:599c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.wickplayer.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:ca00:1d:6b27:c980:93a1 (United States)

ASN16509 (AMAZON-02, US)

vibecdn.forkcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10:4b8::26e5 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6e00:b:3c99:a880:93a1 (United States)

ASN16509 (AMAZON-02, US)

me-ssl.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-55.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.88.106 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.145.75 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-75.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:b800:3:3133:8480:93a1 (United States)

ASN16509 (AMAZON-02, US)

dac.forkcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ae00:18:757a:bc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api-cengine.forkcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:5a00:1e:a814:d680:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics-vibe.forkmantra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.94.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-113.zrh50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1a0f1f95b52943f18c1eba80ad310f8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2735169f0b5b866f5a041c19ff9eae6d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

europe-west2-mmpww-vendo.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:400:f:b7c0:a340:93a1 (United States)

ASN16509 (AMAZON-02, US)

dac.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 108.128.24.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.162.26.143 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-139-162-26-143.singapore.nodebalancer.linode.com

wtf2.forkcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:2200:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.85.246.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-246-125.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f34.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.253.109.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.29.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-29-86.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.135.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-135-160.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com tpc.googlesyndication.com fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com b1a0f1f95b52943f18c1eba80ad310f8.safeframe.googlesyndication.com 2735169f0b5b866f5a041c19ff9eae6d.safeframe.googlesyndication.com	343 KB
27	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	490 KB
26	saudigazette.com.sa saudigazette.com.sa	2 MB
18	effectivemeasure.net 1 redirects me-ssl.effectivemeasure.net t.effectivemeasure.net collector.effectivemeasure.net detect-survey.effectivemeasure.net survey.effectivemeasure.net	14 KB
15	ampproject.org cdn.ampproject.org	291 KB
11	google.com 3 redirects www.google.com adservice.google.com	3 KB
9	crwdcntrl.net 2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	28 KB
8	googletagservices.com www.googletagservices.com	207 KB
8	speakol.com cdn.speakol.com rd.speakol.com recommendation.speakol.com	93 KB
7	googleapis.com fonts.googleapis.com storage.googleapis.com imasdk.googleapis.com	129 KB
6	forkcdn.com vibecdn.forkcdn.com dac.forkcdn.com api-cengine.forkcdn.com wtf2.forkcdn.com	20 KB
6	teads.tv a.teads.tv s8t.teads.tv sync.teads.tv t.teads.tv	190 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	366 KB
3	stat-rock.com serving.stat-rock.com	4 KB
3	google.de adservice.google.de	1 KB
3	addthis.com s7.addthis.com m.addthis.com	114 KB
2	adsrvr.org 2 redirects match.adsrvr.org	915 B
2	adform.net 2 redirects dmp.adform.net	646 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
2	facebook.net connect.facebook.net	61 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	addthisedge.com v1.addthisedge.com	324 B
1	krxd.net beacon.krxd.net	338 B
1	turn.com 1 redirects d.turn.com	418 B
1	mathtag.com 1 redirects pixel.mathtag.com	587 B
1	contextads.live dac.contextads.live
1	cloudfunctions.net europe-west2-mmpww-vendo.cloudfunctions.net	337 B
1	moatads.com z.moatads.com	1 KB
1	forkmantra.com analytics-vibe.forkmantra.com	574 B
1	google.dk adservice.google.dk	799 B
1	googleadservices.com partner.googleadservices.com	444 B
1	wickplayer.pro cdn.wickplayer.pro	86 KB
1	mmpww.com vendo.mmpww.com	2 KB
1	jquery.com code.jquery.com	30 KB
217	34

	Domain	Requested by
26	saudigazette.com.sa	saudigazette.com.sa code.jquery.com
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net saudigazette.com.sa cdn.ampproject.org tpc.googlesyndication.com pagead2.googlesyndication.com
20	securepubads.g.doubleclick.net	saudigazette.com.sa securepubads.g.doubleclick.net www.googletagservices.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	pagead2.googlesyndication.com	saudigazette.com.sa pagead2.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
13	collector.effectivemeasure.net	1 redirects saudigazette.com.sa t.effectivemeasure.net
8	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	www.google.com	3 redirects saudigazette.com.sa
5	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com saudigazette.com.sa
5	cdn.speakol.com	saudigazette.com.sa cdn.speakol.com
4	fonts.googleapis.com	saudigazette.com.sa securepubads.g.doubleclick.net
4	tags.crwdcntrl.net	saudigazette.com.sa tags.crwdcntrl.net
3	wtf2.forkcdn.com	vibecdn.forkcdn.com wtf2.forkcdn.com
3	t.teads.tv	saudigazette.com.sa
3	serving.stat-rock.com	cdn.wickplayer.pro saudigazette.com.sa
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	match.adsrvr.org	2 redirects
2	dmp.adform.net	2 redirects
2	survey.effectivemeasure.net	t.effectivemeasure.net
2	fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	saudigazette.com.sa connect.facebook.net
2	recommendation.speakol.com	cdn.speakol.com
2	storage.googleapis.com	vendo.mmpww.com storage.googleapis.com
2	d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s7.addthis.com	saudigazette.com.sa s7.addthis.com
2	www.google-analytics.com	saudigazette.com.sa www.google-analytics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	beacon.krxd.net	saudigazette.com.sa
1	d.turn.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	detect-survey.effectivemeasure.net	t.effectivemeasure.net
1	dac.contextads.live	dac.forkcdn.com
1	europe-west2-mmpww-vendo.cloudfunctions.net	saudigazette.com.sa
1	2735169f0b5b866f5a041c19ff9eae6d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b1a0f1f95b52943f18c1eba80ad310f8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	certify.alexametrics.com	saudigazette.com.sa
1	t.effectivemeasure.net	me-ssl.effectivemeasure.net
1	imasdk.googleapis.com	cdn.wickplayer.pro
1	z.moatads.com	s7.addthis.com
1	analytics-vibe.forkmantra.com	vibecdn.forkcdn.com
1	api-cengine.forkcdn.com	vibecdn.forkcdn.com
1	dac.forkcdn.com	vibecdn.forkcdn.com
1	sync.teads.tv	s8t.teads.tv
1	certify-js.alexametrics.com	saudigazette.com.sa
1	me-ssl.effectivemeasure.net	saudigazette.com.sa
1	rd.speakol.com	cdn.speakol.com
1	adservice.google.dk	securepubads.g.doubleclick.net
1	s8t.teads.tv	a.teads.tv
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vibecdn.forkcdn.com	saudigazette.com.sa
1	cdn.wickplayer.pro	saudigazette.com.sa
1	vendo.mmpww.com	saudigazette.com.sa
1	a.teads.tv	saudigazette.com.sa
1	code.jquery.com	saudigazette.com.sa
217	61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.saudigazette.com.sa
news.sophos.com
speakol.com
rd.speakol.com
www.youtube.com
www.snapchat.com
layoutintl.com

Subject Issuer	Validity	Valid
saudigazette.com.sa Go Daddy Secure Certificate Authority - G2	`2020-07-20` - `2021-08-18`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.forkcdn.com Amazon	`2020-09-18` - `2021-10-20`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.dk GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
serving.stat-rock.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.effectivemeasure.net Amazon	`2020-03-02` - `2021-04-02`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.forkmantra.com Amazon	`2020-10-22` - `2021-11-21`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
misc.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
delivery.contextads.live Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
forkcdn.com R3	`2020-12-10` - `2021-03-10`	3 months	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Frame ID: 45AA5593B4F43FC62FDE500FCE00F4C0
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 57B716C5553B650CFC584AB3089F17AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&adk=1812271804&adf=3025194257&lmt=1610474259&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&ea=0&flash=0&pra=5&wgl=1&dt=1610474257537&bpp=1688&bdt=1544&idt=1688&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4381365441128&frm=20&pv=2&ga_vid=65631350.1610474258&ga_sid=1610474259&ga_hid=76089762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067214%2C21066434%2C21068769%2C21069720%2C21069711&oid=3&pvsid=130653929432493&pem=741&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=1723
Frame ID: 32490BBE95CE0E89494F207F88F96663
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqayJYtm66jnei1h2X3SL0rsh4fqIiDR4YaWhISEbAKVIrerzsBHJ1apOW7dK1aZgzXrtk4k23uLi6uJnkQdo0voNIXK4-RLVfnIem_S6pSPH5YZAoE_EajUM7-caK7zqEQrFhxlezDGOd5AawbStw3FvjDS1ACMfSdbSIys1KV_3PtlmM_Xg2nJNZAQb2frlxA-4qmcD4TdlvUeG-88kLF4qX_OgTwahoy8P9UMOHiZsO0w0DmojHYm9BmrDeCgbUViaUmkeIWMtuklJzv9JUq5llw-mFege8n6xQ5xutoSsj3l5KC6NPsdoAm34&sai=AMfl-YQu6-7uvGczhf154Vvo_fYcCiiVEMa5U0OvcAM3NHNiQdET0XoL-aQNZbvZAN9U9ExXGo9X_gXF7yi9IW1Cf_oE2qdE4GGSAC0O7SlizjOmU4Pyf1mg7ZFK0tUIFFE&sig=Cg0ArKJSzIPzfLCIyyqbEAE&urlfix=1&adurl=
Frame ID: DF9AE426342BB6130981F8B56AA39914
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr-WOKdgatUEai80faat4LG9MWmaMYUkiiOq1G1xvIVR9l1K1LY-oihISfsgJIdiGMXqdWJDTi_cCkh4nEv-sev2FAV5zVslbLhgTiXz7d5ONulUEKDNKPmbEvrlR4rsDmN_6EfpYAMDnD5bxmVhrjFec5Gk2mERAGJlmgnZzFfeNuOHilI-2IE_QPCGaxyXIypdrznMMR9C-YBfLIFfy9P9k_jD8vnwS-d9Rs_PMYbji_deodOnIUQibhkCL0W2olP5UiUrd_Pa54Y4Ha-wqkZ0VsDuwK4ugXvSUt3GPouiywbQ-r7o9CyoYPF_on&sai=AMfl-YSHB8HGR_FCbrNjyx5D4Ri3yEbxkc7kTTta_PO6SMAHK_ib9l3hXL-oj8d5OI0zW7Hk9pq1dJFczTR3JA8nM8Iqqbdjed_3GID6B9ZfPtSn03B-aaeEHuEe_xtsmsg&sig=Cg0ArKJSzKF72Eg9cfV2EAE&urlfix=1&adurl=
Frame ID: 7666C3D1A906F88ED2919DF52EA649D0
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJlkSgT7smzY8jtFBw8kIdgGSO3ghXDHlQexbvkmV_dyXYrMA-lofr717HT81ZSRTiQC4O6ZewfAnTDUy7As80nYiDZYK6uIinxJB01dbJ2L8woiCXvPA9FjR31yAEil6iDHOWp7eEBoxwAnAF3Kh-W_bPYy8PumGTKmOXuVSbDoK4fzP1icfkOzxWuQc1MRiPDEMjUxeNO9gFBodqMz3v9IBMiCiUn10JxQ-Fyp5yVnSkCNt9W05As2mgdYxr4qXcIdkiE1Eh8yCvRUiodAcGHMSA8jQr2IoCCaXRet9f4dqFEjI11JkWMII&sai=AMfl-YQYy7nRK9hCL1yCMuZKhfNEezcY7WFGHvvkwlfkzKteEkMn0oLs_RAjKWibysyomIFpvQzDNmT8uLoTXae0JkIICjf7mojoD3BUiknMb9p9ZVsxM5xMivfkveDDPXs&sig=Cg0ArKJSzB7I99SqUbt6EAE&urlfix=1&adurl=
Frame ID: 93DECCD3A2EBE106FEEC12011D1B7BE3
Requests: 15 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 49C12F8B2DF960021A6D220749FC387B
Requests: 1 HTTP requests in this frame

Frame: https://storage.googleapis.com/vendo-gcs.mmpww.com/jwplayer/index.html?r=25952552
Frame ID: 95C880DE0E05B203FD4C22478FADBD2C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 505B1250F25496340DF0BB919646E21B
Requests: 14 HTTP requests in this frame

Frame: https://dac.contextads.live/blank.html?url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&amp=false
Frame ID: 3C357E34EBBADC4F4936FFC4B099C544
Requests: 1 HTTP requests in this frame

Frame: https://cdn.speakol.com/widget/html/speakol-appends.html
Frame ID: BB2DC49197348DB24A75467B2C6CEEEB
Requests: 1 HTTP requests in this frame

Frame: https://d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B589323EC5B2DE7E447FE632C58EE3EA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 6C4B3362CF4C2CDAB051DA90BC274EF7
Requests: 13 HTTP requests in this frame

Frame: https://fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: B5B8D79268BDF1D761FFD6C1FE330CA1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 3760B230C8E7A3907C5689C9D5AC25C6
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 5644EDACFC419810D9C3DA1E98B09FA0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: BB68DF527ED3888F5269BB9F8608846F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 7FDF17C0608C31A3D679C0188AC33F0C
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=12596/rand=571526766/pv=y/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/rt=ifr
Frame ID: 7CD4CFDBC681382124156862330FE130
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=12596/rand=674257908/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/rt=ifr
Frame ID: A346638E7422EE0B08EEAF90901B6FC6
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 34E229EA4917334454BC89E8B576F1CD
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7F9D7C6F7FC3E14670B2FA5E9390795E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: F275358477629037D9156B4087FED724
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15790
Frame ID: 6342E31B58752B679559721487087B44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

217
Requests

97 %
HTTPS

57 %
IPv6

34
Domains

61
Subdomains

47
IPs

9
Countries

4157 kB
Transfer

8455 kB
Size

6
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/SaudiGazette

Search URL Search Domain Scan URL

URL: https://twitter.com/saudi_gazette

Search URL Search Domain Scan URL

URL: https://www.instagram.com/saudigazette_sa/

Search URL Search Domain Scan URL

URL: http://www.saudigazette.com.sa/epaper/
Title: E-paper

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2020/08/04/the-realities-of-ransomware-five-signs-youre-about-to-be-attacked/
Title: By Peter Mackenzie

Search URL Search Domain Scan URL

URL: https://speakol.com/
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/c?serving_algorithm=&version=v2&cid=28885&did=4789&uid=a92912f3-54ff-11eb-8083-d2d28308414d&token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiJhOTI5MTJmMy01NGZmLTExZWItODA4My1kMmQyODMwODQxNGQiLCJyZXF1ZXN0X2lwIjoiMmEwMTo0Zjg6MTkyOjU0MTQ6OjIiLCJhaWQiOjI4ODg1LCJjaWQiOjEwNzYxLCJuZXR3b3JrX2lkIjowLCJhcGlfdmVyc2lvbiI6InYyIiwiYmlkX3ByaWNlIjowLjAwNSwiY3BtIjowLCJjYXRlZ29yeV9pZCI6OCwiZXhwIjoxNjEwNDc0ODU5fQ.3n5LMJDmj60WHgl0qvhIbyh92CJPXZr-ZNZdT2WaZkQ&adurl=https%3A%2F%2Fir3.xyz%2F5cb73baf430c9%3Fp1%3Dnativeads%26p2%3D%23publisher_domain%23&wid=wi-6295&box_id=1&request_id=a9291335-54ff-11eb-8083-d2d28308414d&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/c?serving_algorithm=&version=v2&cid=28885&did=4789&uid=a92912f3-54ff-11eb-8083-d2d28308414d&token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiJhOTI5MTJmMy01NGZmLTExZWItODA4My1kMmQyODMwODQxNGQiLCJyZXF1ZXN0X2lwIjoiMmEwMTo0Zjg6MTkyOjU0MTQ6OjIiLCJhaWQiOjI4ODg1LCJjaWQiOjEwNzYxLCJuZXR3b3JrX2lkIjowLCJhcGlfdmVyc2lvbiI6InYyIiwiYmlkX3ByaWNlIjowLjAwNSwiY3BtIjowLCJjYXRlZ29yeV9pZCI6OCwiZXhwIjoxNjEwNDc0ODU5fQ.3n5LMJDmj60WHgl0qvhIbyh92CJPXZr-ZNZdT2WaZkQ&adurl=https%3A%2F%2Fir3.xyz%2F5cb73baf430c9%3Fp1%3Dnativeads%26p2%3D%23publisher_domain%23&wid=wi-6295&box_id=1&request_id=a9291335-54ff-11eb-8083-d2d28308414d&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: Aliexpress Shopping - 50% Off AliExpress

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=2&article_id=16198969&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602344%2FWorld%2FAmerica%2FUN-chief-highlights-need-for-climate-action-pandemic-response&version=v2&network_id=0&category_id=5&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=2&article_id=16198969&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602344%2FWorld%2FAmerica%2FUN-chief-highlights-need-for-climate-action-pandemic-response&version=v2&network_id=0&category_id=5&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: UN chief highlights need for climate action, pandemic response Timely ...

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=3&article_id=16189925&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602333%2FWorld%2FEurope%2FGlobal-coronavirus-caseload-crosses-90-million&version=v2&network_id=0&category_id=5&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=3&article_id=16189925&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602333%2FWorld%2FEurope%2FGlobal-coronavirus-caseload-crosses-90-million&version=v2&network_id=0&category_id=5&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: Black boxes of crashed Sriwijaya Air plane located as search for survi...

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=4&article_id=16189877&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602316%2FWorld%2FEurope%2FRecord-snowfall-blankets-Spain-bringing-transport-in-and-out-of-Madrid-to-a-halt&version=v2&network_id=0&category_id=5&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=4&article_id=16189877&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602316%2FWorld%2FEurope%2FRecord-snowfall-blankets-Spain-bringing-transport-in-and-out-of-Madrid-to-a-halt&version=v2&network_id=0&category_id=5&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: Black boxes of crashed Sriwijaya Air plane located as search for survi...

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=5&article_id=16189870&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602338%2FWorld%2FAsia%2FMassive-power-outage-in-Pakistan-plunges-whole-country-into-darkness&version=v2&network_id=0&category_id=5&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=5&article_id=16189870&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602338%2FWorld%2FAsia%2FMassive-power-outage-in-Pakistan-plunges-whole-country-into-darkness&version=v2&network_id=0&category_id=5&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: Black boxes of crashed Sriwijaya Air plane located as search for survi...

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=6&article_id=16189867&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602342%2FSAUDI-ARABIA%2FAl-Rajhi-logs-first-victory-as-Al-Saif-takes-second-win-in-Dakar-Rally-stage-7&version=v2&network_id=0&category_id=5&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=6&article_id=16189867&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602342%2FSAUDI-ARABIA%2FAl-Rajhi-logs-first-victory-as-Al-Saif-takes-second-win-in-Dakar-Rally-stage-7&version=v2&network_id=0&category_id=5&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: Al-Rajhi logs first victory as Al-Saif takes second win in Dakar Rally...

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=7&article_id=16189858&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602327%2FSAUDI-ARABIA%2FAlUla-mdash-The-Worlds-Masterpiece&version=v2&network_id=0&category_id=5&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=7&article_id=16189858&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602327%2FSAUDI-ARABIA%2FAlUla-mdash-The-Worlds-Masterpiece&version=v2&network_id=0&category_id=5&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: Crown Prince announces THE LINE at NEOM MoH: 178,337 people receive co...

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=8&article_id=16189852&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602321%2FWorld%2FAsia%2FCars-stranded-trains-affected-as-heavy-snow-blankets-Japan&version=v2&network_id=0&category_id=5&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=8&article_id=16189852&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602321%2FWorld%2FAsia%2FCars-stranded-trains-affected-as-heavy-snow-blankets-Japan&version=v2&network_id=0&category_id=5&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: S. Korea confirms 48th case of highly pathogenic bird flu Cars strande...

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=9&article_id=16189842&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602339%2FSAUDI-ARABIA%2FA-revolution-in-urban-living&version=v2&network_id=0&category_id=32&did=4789&trigger=image&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title:

Search URL Search Domain Scan URL

URL: https://rd.speakol.com/api/v1/r?serving_algorithm=latest-news&wid=wi-6295&box_id=9&article_id=16189842&l=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F602339%2FSAUDI-ARABIA%2FA-revolution-in-urban-living&version=v2&network_id=0&category_id=32&did=4789&trigger=title&ref=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Title: Crown Prince announces THE LINE at NEOM Saudi Arabia and Algeria sign ...

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SaudiGazette/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/Saudi_Gazette
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC533uSPWSFXF_JmbknAtmOw
Title:

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/saudigazette
Title:

Search URL Search Domain Scan URL

URL: http://layoutintl.com/
Title: NewsPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1610474260016_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1610474260016_1

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEJd7a53-0-CUFLYnM-mwQhY&google_cver=1

Request Chain 180

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID] HTTP 302
https://collector.effectivemeasure.net/sync_webhook/mediamath/51095ffd-e314-4000-985b-997b41bd1255

Request Chain 181

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/lotame/826e9f292d28b8a019f346de11579c98

Request Chain 182

https://dmp.adform.net/serving/cookie/match?party=1181 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/adform/5557376989509192270

Request Chain 183

https://d.turn.com/r/dd/id/L21rdC8xMzg2L2NpZC8xNzQ4MjE2NzY5L3QvMg/url/https://collector.effectivemeasure.net/sync_webhook/amobee/$!%7BTURN_UUID%7D HTTP 302
https://collector.effectivemeasure.net/sync_webhook/amobee/8767250782314601884

Request Chain 185

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ttd/0c2ef85f-ade7-468f-8e4c-49a44734dd2a

217 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked Show response
saudigazette.com.sa/article/601690/BUSINESS/ 170 KB
53 KB 333ms
260ms Document
text/html 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

a9b9aad0d9c47057e7dc0b31bde7ab21ff3bac6742727cfc4de4fcc74febfadd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: saudigazette.com.sa
:scheme: https
:path: /article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 12 Jan 2021 17:57:35 GMT
content-type: text/html
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
set-cookie: device=web; expires=Tue, 12-Jan-2021 18:27:35 GMT; path=/ device_used=web; expires=Tue, 12-Jan-2021 18:27:35 GMT; path=/ device_type=web; expires=Tue, 12-Jan-2021 18:27:35 GMT; path=/ device=web; expires=Tue, 12-Jan-2021 18:27:35 GMT; path=/ device_used=web; expires=Tue, 12-Jan-2021 18:27:35 GMT; path=/ device_type=web; expires=Tue, 12-Jan-2021 18:27:35 GMT; path=/
x-cache: BYPASS BYPASS BYPASS BYPASS
content-encoding: gzip
x-sucuri-cache: MISS

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15790/ 42 KB
14 KB 148ms
62ms Script
text/javascript 13.224.94.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15790/lt.min.js
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-34.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68b460bc8b09c1efa570617facdcaee200a87ee9d42bc8d52793f3cc2bf3eab8

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 04:13:11 GMT
content-encoding: gzip
etag: W/"907081c0618095cb4c7e24f514f0a9e8"
last-modified: Wed, 23 Dec 2020 17:09:23 GMT
server: AmazonS3
age: 51431
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 0vo9B-s19uXdnWx2kj2RVy5zHMx3LIqRY21LpPpQEKGuYMxHGuoAtg==

GET
H2 200 cc_af.js Show response
tags.crwdcntrl.net/c/12596/ 40 KB
12 KB 134ms
48ms Script
application/json 13.224.94.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12596/cc_af.js
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-34.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d9a56aaee81ad500cc58757aa6e5e7d59c295b94107b39ff9e7975da66796f4

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 03:40:26 GMT
content-encoding: gzip
etag: W/"dfa9e09f2a52f0fdd066dd6f52ab4311"
last-modified: Fri, 01 May 2020 06:23:38 GMT
server: AmazonS3
age: 51431
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: FK0D7tz9SyA9j4JoObjcNmchSQaiuoxKvesrRRdpIX-QZBze-X6Z0g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 150ms
52ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9256cecc880b22ae6b325110e8b24d5cc43ad6078e473f06a24aa53f6019b040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "752 / 441 of 1000 / last-modified: 1610471675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18846
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 49ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a357b7145cf9cb6702a0045e07c898860e18baa0989ca9c5f7460733fe1b1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47064
x-xss-protection: 0
server: cafe
etag: 9489384909010990628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 17:57:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
650 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 16:33:50 GMT
server: ESF
date: Tue, 12 Jan 2021 17:57:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 17:57:36 GMT

GET
H2 200 font-awesome.min.css
saudigazette.com.sa/themes/saudigazette/css/default/font-awesome-4.5.0/css/ 28 KB
7 KB 37ms
35ms Stylesheet
text/css 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/themes/saudigazette/css/default/font-awesome-4.5.0/css/font-awesome.min.css

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 03 Jul 2017 08:40:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"595a02e3-718b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all-styles.min.css
saudigazette.com.sa/themes/saudigazette/css/ 167 KB
31 KB 40ms
38ms Stylesheet
text/css 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/themes/saudigazette/css/all-styles.min.css?v=1.52

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

cd17ba9120d64bdc8b6bd355e1e3942e54f8e585027b2415d7b4f9d2c0539bb0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 28 Dec 2020 14:59:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5fe9f2e1-29d5e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all-widgets.min.css
saudigazette.com.sa/themes/saudigazette/css/ 58 KB
9 KB 60ms
58ms Stylesheet
text/css 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/themes/saudigazette/css/all-widgets.min.css?v=1.52

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

4fe5d7cfb1736c0624169730e0a1430446010b9228f29866dadaf49874d512b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 11 Jan 2021 13:01:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ffc4c16-e8ed"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all-pages.min.css
saudigazette.com.sa/themes/saudigazette/css/ 13 KB
3 KB 62ms
60ms Stylesheet
text/css 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/themes/saudigazette/css/all-pages.min.css?v=1.52

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

f5da43795f729af11cefc529667f1f48264a4b0399bb92669ab7a622fab57976

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5fdb3927-3403"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 3198ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://saudigazette.com.sa
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1610474259.dop210.fr8.t,1610474259.cds273.fr8.hc,1610474259.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 owl.carousel.min.js Show response
saudigazette.com.sa/js/ 39 KB
11 KB 65ms
63ms Script
application/javascript 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/js/owl.carousel.min.js

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 19 Sep 2016 11:44:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"57dfcfa9-9dd1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
646 B 17ms
15ms Script
text/javascript 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Tue, 12 Jan 2021 17:57:36 GMT

GET
H2 200 sg-logo-new.png
saudigazette.com.sa/themes/saudigazette/images/ 4 KB
4 KB 36ms
36ms Image
image/png 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/themes/saudigazette/images/sg-logo-new.png

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

ef54049620e6f5c6510cd7d3996a23daa2d5907a6413d398967a1c81659d1b55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 4203
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 28 Dec 2020 14:59:45 GMT
server: nginx
etag: "5fe9f2e1-106b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-icon.svg
saudigazette.com.sa/themes/saudigazette/images/ 468 B
812 B 35ms
34ms Image
image/svg+xml 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/themes/saudigazette/images/search-icon.svg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

45b2fe7bd706ab0371812b1013247a4b85e054cfa58154905ccd3bd62af7f592

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 468
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:29 GMT
server: nginx
etag: "5fdb3921-1d4"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1716480.jpg
saudigazette.com.sa/uploads/images/2020/12/22/ 87 KB
87 KB 40ms
40ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2020/12/22/1716480.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

1f16a49a97bd2d99796d60bfcede2ba87fe7b3dcb769abd22f5b4a5f64d4d4c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 88968
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 22 Dec 2020 10:03:39 GMT
server: nginx
etag: "5fe1c47b-15b88"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2285
date: Tue, 12 Jan 2021 17:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 12 Jan 2021 19:19:32 GMT

GET
H2 200 tag Show response
a.teads.tv/page/29098/ 769 B
728 B 142ms
76ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/29098/tag
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ebb0d291ab54b8d639867a97a05e212ed1b4b10ea4f45591720cd65971e4d3e8

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 478
expires: Tue, 12 Jan 2021 18:57:37 GMT

GET
H2 200 messenger-icon.svg
saudigazette.com.sa/themes/saudigazette/images/ 396 B
739 B 35ms
34ms Image
image/svg+xml 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/themes/saudigazette/images/messenger-icon.svg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

981300b3deb6d7fd5e0ef117e8519b649385979c094423dae314e874c6ef9ebf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 396
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:29 GMT
server: nginx
etag: "5fdb3921-18c"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 email-icon.svg
saudigazette.com.sa/themes/saudigazette/images/ 322 B
665 B 33ms
33ms Image
image/svg+xml 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/themes/saudigazette/images/email-icon.svg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

1937afc87be16a054fdec63d2e35d89cb1e08efa3fc4b6fe35317f0a5914676a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 322
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:29 GMT
server: nginx
etag: "5fdb3921-142"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viber-icon.svg
saudigazette.com.sa/themes/saudigazette/images/ 2 KB
2 KB 34ms
34ms Image
image/svg+xml 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/themes/saudigazette/images/viber-icon.svg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

5919e3039230bcae76ca744c68ab8ed4fb771c6327e1a780113db30306b1d4c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 2077
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:29 GMT
server: nginx
etag: "5fdb3921-81d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 speakol-widget-v2.js Show response
cdn.speakol.com/widget/js/ 85 KB
19 KB 76ms
45ms Script
application/javascript 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f55bd35e0ed8077e232d49e49b8e233f84a8806011f6df376c38cb023fd25f3

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:36 GMT
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2926
x-cache: Hit from cloudfront
content-encoding: br
cf-request-id: 0799580f2e0000980e3e3c4000000001
last-modified: Wed, 09 Dec 2020 09:23:52 GMT
server: cloudflare
etag: W/"92d92bf5e41a1d3de7a9584a82b733ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
cf-ray: 6108c2c51acb980e-FRA
x-amz-cf-id: 4npa5VOZtrQJkvG2DVlLJfVzv1llqlxQnSiH2_6_gR6EbwITvBEn9Q==
expires: Wed, 13 Jan 2021 17:57:36 GMT

GET
H2 200 e610f1b0-d7db-11ea-8880-d9db59eed07a Show response
vendo.mmpww.com/video/ 1 KB
2 KB 1035ms
986ms Script
text/javascript 2606:4700:3033::681b:a611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vendo.mmpww.com/video/e610f1b0-d7db-11ea-8880-d9db59eed07a
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:a611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2933a74c2cead9b5ebc22ffeb1e47dbba0dcfb064518f32a1af00d4f24c9152

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l6GtyRCbf%2F9ltTvD%2BkwSOKeOI2bLMETWSducWPD0eYRjdtUW6LNKCRQQYVXw6Bv1SCfelUuxxarJwGsOO8xeB5Db%2FkthLExsY6vPNi2MgsWA8ZXhSnNer83ymKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
x-cloud-trace-context: 414577bdad2805fdb10225c48c610d31
cache-control: no-cache, private
cf-ray: 6108c2c5b917c2c2-FRA
cf-request-id: 0799580f900000c2c2a9303000000001
expires: Tue, 12 Jan 2021 17:57:37 GMT

GET
H2 200 thewickfirm.js Show response
cdn.wickplayer.pro/player/ 283 KB
86 KB 87ms
25ms Script
application/javascript 2606:4700:3030::681f:599c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wickplayer.pro/player/thewickfirm.js
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681f:599c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efca8d23ba9c7eee9bd178fb58c534d9932879020bcc9725fc1f0c1c586619c8

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 16:19:00 GMT
server: cloudflare
age: 27
etag: W/"5fc66cf4-46ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tyfAcy0gpKSLKtSN5YKQnhgxiMvWFLkHaE%2BVwk2k4kFzrNehI8%2BT0JY19NSJ9z09JHahkcUG8OnGe%2FVLN9iR7Y7uDGpo373R4SMo8Xqoh265Sb0zJo%2F5MIovb0PRvBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6108c2d05e334a5c-FRA
cf-request-id: 079958163c00004a5c26094000000001

GET
H2 200 lazyload-img.jpg
saudigazette.com.sa/themes/saudigazette/images/ 2 KB
2 KB 34ms
33ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/themes/saudigazette/images/lazyload-img.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

2400e55cf3800c3d9791c8b79f3c88263dfc38c0886eb291824b981894e0da74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 2217
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:29 GMT
server: nginx
etag: "5fdb3921-8a9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footerLogo.png
saudigazette.com.sa/themes/saudigazette/images/ 3 KB
4 KB 34ms
33ms Image
image/png 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/themes/saudigazette/images/footerLogo.png

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

25f564b484cde5bdc6c01c1d49d6849ebb0ee65854d6250086ca5a0a3e4626bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 3284
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 13 May 2019 12:38:17 GMT
server: nginx
etag: "5cd96539-cd4"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iav.js Show response
vibecdn.forkcdn.com/Inarticle/ 28 KB
9 KB 93ms
16ms Script
application/javascript 2600:9000:20e8:ca00:1d:6b27:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vibecdn.forkcdn.com/Inarticle/iav.js?publisher=saudigazette
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:ca00:1d:6b27:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82afe71a7c1ff5337b021b707348455bdb99418a243ae1e43a972023707454b6

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 18:28:12 GMT
content-encoding: gzip
last-modified: Tue, 06 Oct 2020 11:10:24 GMT
server: AmazonS3
age: 84567
etag: W/"ffcf981110298c63d2be92f939729b83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3a415eca835d78c74f508f31b6bbdaf0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: OzBnf3f-zaIMUTz9X-OHwK_2K8_gYBtEwmE7ysE14i94oe3prANQFg==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 101ms
35ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 12 Jan 2021 17:57:38 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 master.min.js Show response
saudigazette.com.sa/themes/saudigazette/js/ 48 KB
16 KB 35ms
35ms Script
application/javascript 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/themes/saudigazette/js/master.min.js?v=1.52

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

9256fc0d41d49dcb3c54049b08652df5ccd95dc7ee3654abba48ab997142df92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5fdb3927-c1c2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 119ms
68ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:38 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 17:57:38 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=76089762&t=pageview&_s=1&dl=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&ul=en-us&de=UTF-8&dt=The%20realities%20of%20ransomware%3A%20Five%20signs%20you%E2%80%99re%20about%20to%20be%20attacked%20-%20Saudi%20Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=973931981&gjid=173233002&cid=65631350.1610474258&tid=UA-3885354-1&_gid=1447732785.1610474258&_r=1&_slc=1&z=1993381156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3885354-1&cid=65631350.1610474258&jid=973931981&gjid=173233002&_gid=1447732785.1610474258&_u=IEBAAEAAAAAAAC~&z=209209381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 12 Jan 2021 17:57:37 GMT
content-type: text/plain
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 334 KB
334 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://saudigazette.com.sa
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:20:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Dec 2020 23:05:51 GMT
server: sffe
age: 2253
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341608
x-xss-protection: 0
expires: Wed, 12 Jan 2022 17:20:06 GMT

GET
H2 200 Heuristica-Regular.otf
saudigazette.com.sa/themes/saudigazette/font/ 242 KB
242 KB 35ms
34ms Font
application/octet-stream 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/themes/saudigazette/font/Heuristica-Regular.otf

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/themes/saudigazette/css/all-styles.min.css?v=1.52

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

32737b1bce66d2183d49ae0c71feb1b9d268f49fdb40612b1cebdb119c1502ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://saudigazette.com.sa
Referer: https://saudigazette.com.sa/themes/saudigazette/css/all-styles.min.css?v=1.52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 247416
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 17 Dec 2020 10:55:33 GMT
server: nginx
etag: "5fdb3925-3c678"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 57B7 0
0 6ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Jan 2021 09:58:13 GMT
expires: Tue, 26 Jan 2021 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 28766
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
444 B 55ms
54ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=saudigazette.com.sa&callback=_gfp_s_&client=ca-pub-9392826248043988

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7a2f959a6483f4dce21caad6e53893b355df42f3c11870b00ce5bf80f9221d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=saudigazette.com.sa&meb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
799 B 37ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saudigazette.com.sa&meb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3249 0
0 105ms
104ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&adk=1812271804&adf=3025194257&lmt=1610474259&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&ea=0&flash=0&pra=5&wgl=1&dt=1610474257537&bpp=1688&bdt=1544&idt=1688&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4381365441128&frm=20&pv=2&ga_vid=65631350.1610474258&ga_sid=1610474259&ga_hid=76089762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067214%2C21066434%2C21068769%2C21069720%2C21069711&oid=3&pvsid=130653929432493&pem=741&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=1723

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&adk=1812271804&adf=3025194257&lmt=1610474259&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&ea=0&flash=0&pra=5&wgl=1&dt=1610474257537&bpp=1688&bdt=1544&idt=1688&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4381365441128&frm=20&pv=2&ga_vid=65631350.1610474258&ga_sid=1610474259&ga_hid=76089762&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067214%2C21066434%2C21068769%2C21069720%2C21069711&oid=3&pvsid=130653929432493&pem=741&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=1723
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 17:57:39 GMT
server: cafe
content-length: 4269
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 12-Jan-2021 18:12:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 12 Jan 2021 17:57:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
7 KB 132ms
132ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=130653929432493&correlator=1329612109783989&output=ldjh&impl=fifs&eid=21068425%2C21068773%2C21069711&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210112&iu_parts=3387746%2CSG_Business_1X1_Desktop%2CSG_Business_1X1_Mobile%2CSG_Business_BB_Desktop%2CSG_Business_HP_Desktop%2CSG_Business_Interstitial_Mobile%2CSG_Business_LB_Desktop%2CSG_Business_LB_Mobile%2CSG_Business_MPU_Desktop%2CSG_Business_MPU_Mobile%2CSG_Business_SSleft_Desktop%2CSG_Business_SSright_Desktop%2CSGNew_LB_HP_Desktop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=1x1%2C1x1%2C970x250%2C300x600%2C320x480%2C728x90%2C300x50%7C320x100%7C320x50%7C300x100%2C300x250%2C300x250%2C160x600%2C160x600%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1610474259&dt=1610474259276&dlt=1610474255993&idt=2551&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933&adks=226027024%2C2635121133%2C956449708%2C2654405519%2C2731997310%2C994914564%2C3224266157%2C2920076825%2C3561967670%2C3317276596%2C3869808717%2C1104727823&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=65631350.1610474258&ga_sid=1610474259&ga_hid=76089762&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C132&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

98cc52313cb0a503cb05e2b0afa816efd9d389f87553dc5a9d4487fe7ee1c7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6601
x-xss-protection: 0
google-lineitem-id: -2,5453661967,5453661967,-2,-2,-2,-2,5453661967,-2,-2,-2,5453661823
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138321227744,138321227840,-2,-2,-2,-2,138321227828,-2,-2,-2,138321280404
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 68ms
15ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://saudigazette.com.sa
Referer: https://fonts.googleapis.com/css2?family=Roboto&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 438334
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 07 Jan 2022 16:12:05 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 445ms
444ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

2e5dc65356453deba9f807ef430f2d85c724d0030b8814adaf7651043cde72e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10560
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://saudigazette.com.sa
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 706 KB
189 KB 23ms
7ms Script
text/javascript 2a02:26f0:10:4b8::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/29098/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10:4b8::26e5 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b0e65b8c1dfddc24a85dd204338613a95cb9bd998bcfeea932f8d9e5859a151b

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: F15D289C4B6F425F
content-length: 192692
x-amz-id-2: EvjdtIcjJJnmYukZ+YSeRLYQ6XOlv1uZElBVYkD8jZPOE1DOxq6oSs6wSNrIJgW/AGO5lkK/pFM=
last-modified: Mon, 11 Jan 2021 15:04:51 GMT
etag: "e819e78b45319d408c5473f25a5a6d5a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 6
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 12 Jan 2021 18:27:39 GMT

GET
H2 200 fontawesome-webfont.woff2
saudigazette.com.sa/themes/saudigazette/css/default/font-awesome-4.5.0/fonts/ 70 KB
71 KB 35ms
35ms Font
application/octet-stream 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/themes/saudigazette/css/default/font-awesome-4.5.0/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/themes/saudigazette/css/default/font-awesome-4.5.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://saudigazette.com.sa
Referer: https://saudigazette.com.sa/themes/saudigazette/css/default/font-awesome-4.5.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 71896
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 03 Jul 2017 08:40:05 GMT
server: nginx
etag: "595a02e5-118d8"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 719 B
809 B 36ms
21ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/themes/saudigazette/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9393b934cac9289f016f73e2261e414c65d635b4304cd0ffffb64169189143e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/themes/saudigazette/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 16:15:41 GMT
server: ESF
date: Tue, 12 Jan 2021 17:57:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H2 200 mmpww_core_jw_1.js Show response
storage.googleapis.com/vendo-gcs.mmpww.com/libraries/ 16 KB
17 KB 48ms
27ms Script
text/javascript 2a00:1450:4001:824::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/vendo-gcs.mmpww.com/libraries/mmpww_core_jw_1.js?r=25952552
Requested by: Host: vendo.mmpww.com
URL: https://vendo.mmpww.com/video/e610f1b0-d7db-11ea-8880-d9db59eed07a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b286af0ddce1e63d4799155d92c4b1a6f73111c75cedff449e503506845d33f6

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
x-guploader-uploadid: ABg5-UyoFB0ltPcblcUbxXI0QZbcwMUtNlIL7e1rRTZb-wDxr-qPSngDf8XkYtyJjJ8JYuMEUVzN6YxSvO9oUnrq0W2QkZS1-Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16673
last-modified: Mon, 28 Dec 2020 11:44:37 GMT
server: UploadServer
etag: "2f982fd1004fa1a9cd721f7ca92e96ab"
x-goog-hash: crc32c=wvvx+A==, md5=L5gv0QBPoanNch98qS6Wqw==
x-goog-generation: 1609155877411676
cache-control: public, max-age=3600
x-goog-stored-content-length: 16673
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 12 Jan 2021 18:57:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
799 B 57ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=saudigazette.com.sa&meb=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
777 B 42ms
29ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saudigazette.com.sa&meb=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
18 KB 752ms
752ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8bd3e0361ddd57c944db177aaf940f099421cfa88abf2a91526330a2ade41895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17870
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF9A 0
0 79ms
79ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqayJYtm66jnei1h2X3SL0rsh4fqIiDR4YaWhISEbAKVIrerzsBHJ1apOW7dK1aZgzXrtk4k23uLi6uJnkQdo0voNIXK4-RLVfnIem_S6pSPH5YZAoE_EajUM7-caK7zqEQrFhxlezDGOd5AawbStw3FvjDS1ACMfSdbSIys1KV_3PtlmM_Xg2nJNZAQb2frlxA-4qmcD4TdlvUeG-88kLF4qX_OgTwahoy8P9UMOHiZsO0w0DmojHYm9BmrDeCgbUViaUmkeIWMtuklJzv9JUq5llw-mFege8n6xQ5xutoSsj3l5KC6NPsdoAm34&sai=AMfl-YQu6-7uvGczhf154Vvo_fYcCiiVEMa5U0OvcAM3NHNiQdET0XoL-aQNZbvZAN9U9ExXGo9X_gXF7yi9IW1Cf_oE2qdE4GGSAC0O7SlizjOmU4Pyf1mg7ZFK0tUIFFE&sig=Cg0ArKJSzIPzfLCIyyqbEAE&urlfix=1&adurl=

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DF9A 54 KB
19 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b4637ffaacba2e0aeffb02920c36eab7637bca44cc92e9958993f1f84d96df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "752 / 40 of 1000 / last-modified: 1610471675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18841
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF9A 104 KB
32 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7666 0
0 82ms
80ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr-WOKdgatUEai80faat4LG9MWmaMYUkiiOq1G1xvIVR9l1K1LY-oihISfsgJIdiGMXqdWJDTi_cCkh4nEv-sev2FAV5zVslbLhgTiXz7d5ONulUEKDNKPmbEvrlR4rsDmN_6EfpYAMDnD5bxmVhrjFec5Gk2mERAGJlmgnZzFfeNuOHilI-2IE_QPCGaxyXIypdrznMMR9C-YBfLIFfy9P9k_jD8vnwS-d9Rs_PMYbji_deodOnIUQibhkCL0W2olP5UiUrd_Pa54Y4Ha-wqkZ0VsDuwK4ugXvSUt3GPouiywbQ-r7o9CyoYPF_on&sai=AMfl-YSHB8HGR_FCbrNjyx5D4Ri3yEbxkc7kTTta_PO6SMAHK_ib9l3hXL-oj8d5OI0zW7Hk9pq1dJFczTR3JA8nM8Iqqbdjed_3GID6B9ZfPtSn03B-aaeEHuEe_xtsmsg&sig=Cg0ArKJSzKF72Eg9cfV2EAE&urlfix=1&adurl=

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7666 54 KB
18 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75cd08b2afcdbfab5b65768fcf8bf8de863b5e53100c86da07989160a3a8075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "752 / 645 of 1000 / last-modified: 1610471675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18845
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7666 104 KB
32 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93DE 0
0 80ms
79ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJlkSgT7smzY8jtFBw8kIdgGSO3ghXDHlQexbvkmV_dyXYrMA-lofr717HT81ZSRTiQC4O6ZewfAnTDUy7As80nYiDZYK6uIinxJB01dbJ2L8woiCXvPA9FjR31yAEil6iDHOWp7eEBoxwAnAF3Kh-W_bPYy8PumGTKmOXuVSbDoK4fzP1icfkOzxWuQc1MRiPDEMjUxeNO9gFBodqMz3v9IBMiCiUn10JxQ-Fyp5yVnSkCNt9W05As2mgdYxr4qXcIdkiE1Eh8yCvRUiodAcGHMSA8jQr2IoCCaXRet9f4dqFEjI11JkWMII&sai=AMfl-YQYy7nRK9hCL1yCMuZKhfNEezcY7WFGHvvkwlfkzKteEkMn0oLs_RAjKWibysyomIFpvQzDNmT8uLoTXae0JkIICjf7mojoD3BUiknMb9p9ZVsxM5xMivfkveDDPXs&sig=Cg0ArKJSzB7I99SqUbt6EAE&urlfix=1&adurl=

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 93DE 54 KB
18 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75cd08b2afcdbfab5b65768fcf8bf8de863b5e53100c86da07989160a3a8075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "752 / 650 of 1000 / last-modified: 1610471675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18845
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93DE 104 KB
32 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H2 200 1 Show response
serving.stat-rock.com/v1/placements/bC0cFERcwrj5m1LJ-ov3sig9jWwtHuPI4jSPPk8y8q_RsoI5B_Mq/code/js/ 1008 B
933 B 133ms
50ms XHR
application/json 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/v1/placements/bC0cFERcwrj5m1LJ-ov3sig9jWwtHuPI4jSPPk8y8q_RsoI5B_Mq/code/js/1?b=0.6962155820474332
Requested by: Host: cdn.wickplayer.pro
URL: https://cdn.wickplayer.pro/player/thewickfirm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0495b786daa29a55066f7f06d3cbe09fd5fa0fd027748fb64e5343f80225f3e3

Request headers

Accept: */*
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
server: nginx
srvb: 127.0.0.1:8082
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
srvf: 78.140.185.32

POST
H2 200 widget-page-view
rd.speakol.com/api/v1/push/ 0
0 201ms
186ms Fetch
application/json 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.speakol.com/api/v1/push/widget-page-view
Requested by: Host: cdn.speakol.com
URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

GET
H2 200 config Show response
recommendation.speakol.com/api/v2/recommendation/ 2 KB
1 KB 142ms
128ms Fetch
application/json 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation.speakol.com/api/v2/recommendation/config?wids=wi-6295&uid=undefined&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Requested by: Host: cdn.speakol.com
URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4584668cc75dc96ae15443837984efed324e55ecf14eb1965a6a6e6ddaeb923

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://saudigazette.com.sa
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
cf-ray: 6108c2da59e0980e-FRA
access-control-allow-headers: Origin, Content-Type, Set-Cookie, Cookie, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
cf-request-id: 0799581c740000980e3a83f000000001

GET
H2 200 recommendation Show response
recommendation.speakol.com/api/v2/ 19 KB
3 KB 209ms
195ms Fetch
application/json 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation.speakol.com/api/v2/recommendation?lang=en&wids=wi-6295&pid=undefined&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&uid=undefined&ref=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Requested by: Host: cdn.speakol.com
URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee6d03ecd8b721a9804143ace1344f549acfcdb83f3702fe86b2ecea6e1364b5

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://saudigazette.com.sa
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
cf-ray: 6108c2da59de980e-FRA
access-control-allow-headers: Origin, Content-Type, Set-Cookie, Cookie, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
cf-request-id: 0799581c730000980e0e322000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78dafd59eecc29afae08db19af418d2dc63be0cb57ca28670bd8aea964dc97d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FaDnIu5BZIVSlJIVBhrP/A==
cross-origin-resource-policy: cross-origin
expires: Tue, 12 Jan 2021 18:00:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: iiTKyC3kOdvhEygyQFktanECYrbFr+tryS1iZzMfE0TLZocLv2o/AqK2lE1oDTYHZ2X8kHQ4AnPCz5z7Z5otxg==
x-fb-trip-id: 1527350943
x-fb-content-md5: f56247815298778005661ec0cc04fe94
date: Tue, 12 Jan 2021 17:57:39 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "82b8dd12670fe1a371925aa20198abb5"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 em.js Show response
me-ssl.effectivemeasure.net/ 378 B
755 B 57ms
6ms Script
application/javascript 2600:9000:21f3:6e00:b:3c99:a880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://me-ssl.effectivemeasure.net/em.js
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6e00:b:3c99:a880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 11:58:01 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 194379
etag: "4101041d9fe2bb2666de1f78999a027a"
x-cache: Hit from cloudfront
x-amz-version-id: t7PdnOqmxGUTf0a_jPpkk1ZsC1D98ALI
cache-control: public, max-age=604800
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
content-length: 378
x-amz-cf-id: a-rdInjb6TkJtkGYb2GC_tInT76W7i_uow55RrN1_myHNQ5gFSwUUg==

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 101ms
32ms Script
text/javascript 143.204.93.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-55.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 9134572
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: euAAn2_iu7q5LgVx2pXBxL6FB1KzkakF4DHoNbeCcmo5URp19_tDXA==

GET
H2 200 wigo-no-slot
sync.teads.tv/ Frame 49C1 0
0 155ms
88ms Document
text/html 184.31.88.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /wigo-no-slot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 325
expires: Tue, 12 Jan 2021 17:57:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 12 Jan 2021 17:57:39 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 172ms
88ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=640-for-4104&ts=1610474259593&env=js-web&pageId=29098&pid=106773&auctid=c38a4d88-64fa-409b-8407-0763968c904e&f=1&debug_metadata=wb&referer=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 183ms
99ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=c38a4d88-64fa-409b-8407-0763968c904e&pageId=29098&pid=106773&fv=640-for-4104&ts=1610474259596&f=1&referer=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 231ms
146ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=c38a4d88-64fa-409b-8407-0763968c904e&pageId=29098&pid=106773&fv=640-for-4104&ts=1610474259606&f=1&referer=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DF9A 275 KB
97 KB 54ms
54ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7666 275 KB
97 KB 62ms
62ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 93DE 275 KB
97 KB 58ms
58ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H2 200 dac.min.js Show response
dac.forkcdn.com/ 5 KB
3 KB 165ms
37ms Script
application/javascript 2600:9000:2190:b800:3:3133:8480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dac.forkcdn.com/dac.min.js
Requested by: Host: vibecdn.forkcdn.com
URL: https://vibecdn.forkcdn.com/Inarticle/iav.js?publisher=saudigazette
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:b800:3:3133:8480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7546573935094a263d1cd3b3d2c0709eaa9288debd2b01c07f34fd62881e8743

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 21:44:05 GMT
content-encoding: gzip
last-modified: Sat, 25 Jul 2020 06:36:55 GMT
server: AmazonS3
age: 131631
etag: W/"54f1aaeda94d5d6df8f35608960664e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: k53fOCTSM_O6kIFuhXJPjTqUgFy4QF-5CJwr1w2mCkDPNqwFfsSU5g==

GET
H2 200 client Show response
api-cengine.forkcdn.com/ 3 KB
2 KB 323ms
292ms XHR
application/json 2600:9000:2156:ae00:18:757a:bc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cengine.forkcdn.com/client?url=https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&device=Desktop&product=vibe
Requested by: Host: vibecdn.forkcdn.com
URL: https://vibecdn.forkcdn.com/Inarticle/iav.js?publisher=saudigazette
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ae00:18:757a:bc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 / Express
Resource Hash: 3378598a269e339d5d77453f970369d71f7bc6403c84f83dee2d475b8bfe958f

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
etag: W/"c93-mJ3LinLSRvuVRinoXZrZJGQ1UN4"
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: COImuSqfIeSWV_k2E22ue5qpxK2q43iLZ6d7Ng9WlVl2j9FZuREACg==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 getPublisherConfig Show response
analytics-vibe.forkmantra.com/inarticle/v2/ 171 B
574 B 566ms
473ms XHR
application/json 2600:9000:20e8:5a00:1e:a814:d680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-vibe.forkmantra.com/inarticle/v2/getPublisherConfig?publisher_name=saudigazette&is_device=false
Requested by: Host: vibecdn.forkcdn.com
URL: https://vibecdn.forkcdn.com/Inarticle/iav.js?publisher=saudigazette
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:5a00:1e:a814:d680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 9634ddc2af07d7a7e0f40feb3a95fc8ad13dcb7f4c76d62ee5b904b3c785ac5e

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:40 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: TXL52-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 171
x-amz-cf-id: YBGUWXRQkEe1KKPnHrRZ4cGm3C7W9OqSsa5D_CX4sl0pqlsqLt_dfA==
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 103ms
35ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26916
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 601690 Show response
saudigazette.com.sa/ajax/article_count/ 45 B
523 B 144ms
144ms XHR
text/html 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://saudigazette.com.sa/ajax/article_count/601690?ts=1610474259685

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

f447ee6a813e5436967120793f69424c882828239af43be217b497667021bc54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-cache: BYPASS, BYPASS, BYPASS, BYPASS
content-type: text/html
x-sucuri-cache: BYPASS
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5028a337c496a5f877fa7e853b221067&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f08d23afd10a2bc1acf528485e89fbae9c6c48d774287c592f1bcbfcac13cacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://saudigazette.com.sa
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WFWuLI954X+IFI1rGLJQqA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60131
x-fb-rlafr: 0
x-fb-debug: 7i+6/1LNP+xru0mkmZFkmXKaWk9u7BhtZvcmdvifJtIQmOsFRZ+c3OhozRyWmOwmRVLN/qyTTw4oOG0i4nZd4Q==
x-fb-trip-id: 1527350943
x-fb-content-md5: fc0b4f9ac06f5cb936c844e78780fd68
x-frame-options: DENY
date: Tue, 12 Jan 2021 17:57:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d95f41e63936eabd989a1488cacdd0af"
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:20:46 GMT

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 38ms
37ms Image
image/gif 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1610474259692.1023&type=INIT&placementId=bC0cFERcwrj5m1LJ-ov3sig9jWwtHuPI4jSPPk8y8q_RsoI5B_Mq&tagId=DtL30HNTMM9fRIcBkGfLKIMi5fEtC1VBP5uneykeBQHcSp6LFWVB&vtId=ccKyzwSYCdZeAuWASgNRQP_tW449Se9FePz6X79gc16h4cq0g9cy&message=&u=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&t=174&v=78.fw&p=GLkiWgfGNEmw10TpTYQv0ASghedG3DFeObqYfYF5MoC0dkCVApOB&width=830&z=p%3Apl%3Bv%3AinPage%3B&r=0.9131490778658664
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://saudigazette.com.sa
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 78.140.185.32
content-length: 35

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 316 KB
109 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.wickplayer.pro
URL: https://cdn.wickplayer.pro/player/thewickfirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f116b1dfa880b849490966cdfe4716bf9c2b7a04f5b7671fa9840f736bc370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111353
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:39 GMT

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 22 KB
7 KB 132ms
53ms Script
application/javascript 65.9.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1610
Requested by: Host: me-ssl.effectivemeasure.net
URL: https://me-ssl.effectivemeasure.net/em.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: O3a7WZEATOQUEXh0NtsTxnF269jGh9BQ
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 458906
etag: W/"93cb9d1cb96864d82a396bd64bd41630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
date: Thu, 07 Jan 2021 10:29:14 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: WnGF42PTj3fhPz9E-5K23UX456EVW5e7lTv-ZyfkuPnnhX15pq1pUg==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 131ms
47ms Image
image/gif 13.224.94.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=The%20realities%20of%20ransomware%3A%20Five%20signs%20you%E2%80%99re%20about%20to%20be%20attacked%20-%20Saudi%20Gazette&time=1610474259728&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&random_number=11443130187&sess_cookie=53720352176f7bf0510f780d393&sess_cookie_flag=1&user_cookie=53720352176f7bf0510f780d393&user_cookie_flag=1&dynamic=true&domain=saudigazette.com.sa&account=hOrcu1DlQy20Y8&jsv=20130128&user_lang=en-US
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-113.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 19:20:02 GMT
Via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 81458
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: m3KPFxx916m-09aydZ0YMBNYRWtv64Zgusl00bGcfE5rJAQeaICiXw==

GET
H2 206 t.mp4
serving.stat-rock.com/player/video/ 3 KB
3 KB 119ms
51ms Media
video/mp4 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/video/t.mp4
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 12 Jan 2021 17:57:39 GMT
last-modified: Thu, 20 Sep 2018 14:11:16 GMT
server: nginx
etag: "5ba3aa84-afd"
content-type: video/mp4
Content-Range: bytes 0-2812/2813
cache-control: public, max-age=31536000
Content-Length: 2813

GET
H3-Q050 200 index.html
storage.googleapis.com/vendo-gcs.mmpww.com/jwplayer/ Frame 95C8 0
0 52ms
37ms Document
text/html 2a00:1450:4001:824::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/vendo-gcs.mmpww.com/jwplayer/index.html?r=25952552
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/vendo-gcs.mmpww.com/libraries/mmpww_core_jw_1.js?r=25952552
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /vendo-gcs.mmpww.com/jwplayer/index.html?r=25952552
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

x-guploader-uploadid: ABg5-UyN03UvPTpXbnI1dbX0Xg_dXsk04GUx4nSq1ek_iOe0H1AWDAkuhntNiTjJMYWd_TnYfqVoIsi_vJG2vdGmRJy6X_fMVw
expires: Tue, 12 Jan 2021 18:57:39 GMT
date: Tue, 12 Jan 2021 17:57:39 GMT
cache-control: public, max-age=3600
last-modified: Fri, 23 Oct 2020 06:43:08 GMT
etag: "252e386206154c4366a8933ed4b80b0e"
x-goog-generation: 1603435388466522
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 537
content-type: text/html
x-goog-hash: crc32c=7jegOA== md5=JS44YgYVTENmqJM+1LgLDg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 537
server: UploadServer
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame DF9A 109 B
130 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=saudigazette.com.sa

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DF9A 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saudigazette.com.sa

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DF9A 78 KB
25 KB 416ms
416ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2887867232663931&correlator=4111309524557471&output=ldjh&impl=fif&eid=21065645%2C21068773%2C21067257%2C21068810%2C21069716&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210112&iu_parts=27367402%2CSaudiGazette_Desktop%2CBusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&eri=6&cookie=ID%3D60855caf8acbe7b9-2244c3618bb9004c%3AT%3D1610474259%3AS%3DALNI_MbosfrnMk5yCXwqbMZ6q2vtp1yfnw&cdm=saudigazette.com.sa&bc=31&abxe=1&lmt=1610474259&dt=1610474259794&dlt=1610474259444&idt=340&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1734375648&ucis=xbe2jr5s0ocz&ifi=1&ifk=1354036810&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&top=saudigazette.com.sa&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=65631350.1610474258&ga_sid=1610474260&ga_hid=2127702098&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

4bed3489cb87663b844517fa77aa2011854222533ba8eb716d31515a723cb619

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/314174240111849299/970-x-250-dk-dish-3/index_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/314174240111849299/970-x-250-dk-dish-3/index_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfytpH8lu4CFUfTEQgdZ-AKVw&gqi=&layout=/sadbundle/%24csp%253Der3%24/314174240111849299/970-x-250-dk-dish-3/index_970x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/314174240111849299/970-x-250-dk-dish-3/index_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/314174240111849299/970-x-250-dk-dish-3/index_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfytpH8lu4CFUfTEQgdZ-AKVw&gqi=&layout=/sadbundle/%24csp%253Der3%24/314174240111849299/970-x-250-dk-dish-3/index_970x250.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24612
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 12 Jan 2021 17:57:40 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DF9A 0
0 62ms
27ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DF9A 0
0 36ms
20ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 505B 180 KB
50 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 443126
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 14:52:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:52:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 505B 13 KB
5 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 443889
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 14:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:39:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 505B 90 KB
27 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6688
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 505B 3 KB
1 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6688
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 505B 41 KB
14 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6688
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
DATA 200
OK truncated
/ Frame 505B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7350d27f0fdd07b80b79cd8088aac0876797a6dcc0fc5631854762149240f099

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 17740078715885588396
tpc.googlesyndication.com/daca_images/simgad/ Frame 505B 47 KB
47 KB 11ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17740078715885588396

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3c028a3b46161b978a152d706336da8f0a5eab56aa850b34d348abb39e472f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 06:01:26 GMT
x-content-type-options: nosniff
age: 388573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48051
x-xss-protection: 0
last-modified: Wed, 26 Jun 2019 18:08:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:01:26 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 505B 2 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 66192
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 12 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 505B 295 B
389 B 9ms
8ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 72258
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Jan 2021 21:53:21 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 505B 0
0 60ms
58ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck6bfE-P9X5X8F4ymx_APw6CRuA-Dk6S5YI6lj8K7DNvZHhABIILn5DJg0YG5gtAHoAHI7-qFA8gBAqkCzfKkJzTphT7gAgCoAwHIAwiqBMgCT9Bx7m6uD2OSfRmSDsOWNIRWeF-20P6yeehBipYLuT_0QRY6pYsrIYNtvhu322N37PEHkN1j-W0ZcYJjJAiBy9X9a9KeEcf3U_ba663Dpl7r8LfAus8sPNB02qN29cd3BtdGQQY5R_tjiVB5hBBQumAR5bN_XnMyhCVmlgVBob7iSErpQvAUd-0m-ssBJxvUHNSrnKBBfhGXyGMeMKdwoPvJD92Hab5A5RDLZomvC8VowSUHscoOle9lL-uCnpRfKC3wYwrm8h6qJaLM0sglhQQKp289D1FIaEDWiZOSjiP5CJjEtw2A9OUzwGQl1XrThd7pU9ohaEwOfK1PTIDz-6N6Uqh-HczV4Rvkuk4ECntY8Ez359LSgwdoO4Sc95KtE0YXAGLr7VfMJbZmX9NrSVkdsTpceIvpid9pm1x7neVqTGNeoKjzucAEjOfvx40C4AQBkgUECAQYAZIFBAgFGASgBgKAB6CQlXqoB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDyyh_SCAkIgOGAcBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItMTU1ODc5ODQ3MTI3MTE4Mg&sigh=AZn5I2lZYI0&tpd=AGWhJmuaa7yB_qTvMqCniKyqwtv8fVXDo1iwhlssC1zeEISjwg
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 93DE 109 B
127 B 22ms
22ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=saudigazette.com.sa

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 93DE 109 B
127 B 22ms
21ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saudigazette.com.sa

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 93DE 46 KB
11 KB 365ms
364ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1046352756845709&correlator=3039738347841577&output=ldjh&impl=fif&eid=21068773%2C21068812%2C21069716%2C21065724&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210112&iu_parts=27367402%2CSaudiGazette_Desktop%2CHomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=6&cookie=ID%3Daf138506d171bb2c-229fd7708bb900bd%3AT%3D1610474259%3AS%3DALNI_MYKO9zebOsqxk7KXVaBeIzT-w8mOw&cdm=saudigazette.com.sa&bc=31&abxe=1&lmt=1610474259&dt=1610474259899&dlt=1610474259452&idt=430&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2521754550&ucis=ki5xp2499p6a&ifi=1&ifk=1941438727&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&top=saudigazette.com.sa&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=65631350.1610474258&ga_sid=1610474260&ga_hid=238045239&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

0e3e251601f7a939e140f3c611f38750f7cae5e0c0d8ea945449238886e55274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11451
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://saudigazette.com.sa
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b1a0f1f95b52943f18c1eba80ad310f8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 93DE 0
0 30ms
15ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b1a0f1f95b52943f18c1eba80ad310f8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 93DE 0
0 9ms
7ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7666 109 B
127 B 16ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saudigazette.com.sa

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7666 51 KB
11 KB 372ms
372ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4124413925368160&correlator=4105759164347241&output=ldjh&impl=fif&eid=21066030%2C21068773%2C21069143%2C21069724&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210112&iu_parts=27367402%2CSaudiGazette_Desktop%2CBusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=6&cookie=ID%3Daf138506d171bb2c-229fd7708bb900bd%3AT%3D1610474259%3AS%3DALNI_MYKO9zebOsqxk7KXVaBeIzT-w8mOw&cdm=saudigazette.com.sa&bc=31&abxe=1&lmt=1610474259&dt=1610474259932&dlt=1610474259448&idt=476&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2884593256&ucis=57qv70fhpyna&ifi=1&ifk=3513369792&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&top=saudigazette.com.sa&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=65631350.1610474258&ga_sid=1610474260&ga_hid=212482851&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3a44aeae2ed87d0d988bafeaa85acc15aa7456448859e41c338b13cc92995b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11414
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://saudigazette.com.sa
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2735169f0b5b866f5a041c19ff9eae6d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7666 0
0 43ms
14ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2735169f0b5b866f5a041c19ff9eae6d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7666 0
0 7ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 event_log_metrics_videos
europe-west2-mmpww-vendo.cloudfunctions.net/ 2 B
337 B 316ms
280ms Image
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://europe-west2-mmpww-vendo.cloudfunctions.net/event_log_metrics_videos?guid=e610f1b0-d7db-11ea-8880-d9db59eed07a&t=1610474257&r=738146&e=vendoImpression&s=success
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
server: Google Frontend
content-type: text/html; charset=utf-8
x-cloud-trace-context: 385d5d0a7726ed58abaf6ff7b9b519f1
cache-control: private
function-execution-id: aswnj55f9hw5
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22

GET
H2 200 blank.html
dac.contextads.live/ Frame 3C35 0
0 39ms
7ms Document
text/html 2600:9000:206f:400:f:b7c0:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&amp=false
Requested by: Host: dac.forkcdn.com
URL: https://dac.forkcdn.com/dac.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:400:f:b7c0:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: dac.contextads.live
:scheme: https
:path: /blank.html?url=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&amp=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

content-type: text/html
last-modified: Fri, 28 Aug 2020 06:49:27 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 11 Jan 2021 17:58:39 GMT
etag: "ff5bdb7e1e18201b8bd4ce4ab969bd0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: uGmx9oA4hJJ7i0WISbraSvYhiCEK-7ePkrLc9BuKzfTqEccJ4kTbmQ==
age: 86342

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1610474260016_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1610474260016_1

143 B
742 B

56ms
55ms

Script
text/javascript

108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1610474260016_1

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-24-244.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

fbeed654f195bb1da904b37b2205d7651b40a90d1a39969dd4d025919d876a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 136
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1610474260016_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 speakol-appends.html
cdn.speakol.com/widget/html/ Frame BB2D 0
0 55ms
15ms Document
text/html 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speakol.com/widget/html/speakol-appends.html
Requested by: Host: cdn.speakol.com
URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.speakol.com
:scheme: https
:path: /widget/html/speakol-appends.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __SPK_UID=a92912f3-54ff-11eb-8083-d2d28308414d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-type: text/html
set-cookie: __cfduid=d03e7610048eb7e225907ab3feaa164931610474260; expires=Thu, 11-Feb-21 17:57:40 GMT; path=/; domain=.speakol.com; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 01 Jan 2021 18:02:04 GMT
x-cache: Miss from cloudfront
via: 1.1 337ca2c1f0c98d8fc6d4b167878fe4c3.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-C2
x-amz-cf-id: TBvYNzmwByzZlOoaBLlgpOP0Xh8QFV7WxfaAlrj1eE5Hvp1lX0WIQw==
cf-cache-status: HIT
age: 4757
expires: Wed, 13 Jan 2021 17:57:40 GMT
cache-control: public, max-age=86400
cf-request-id: 0799581ec10000980e0e344000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6108c2de0c9a980e-FRA
content-encoding: br

GET
H2 200 rec-speakol.png
cdn.speakol.com/widget/images/ 4 KB
4 KB 59ms
18ms Image
image/webp 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.speakol.com/widget/images/rec-speakol.png
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fffacdc62dcfc89db55fd30159d36d65bd7dec9d73871136df6ed8d77cc8148e

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
via: 1.1 a0fe1039294d0869a0a4148110d3c48d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1196
cf-polished: origFmt=png, origSize=6420
x-cache: Hit from cloudfront
content-disposition: inline; filename="rec-speakol.webp"
content-length: 3914
cf-request-id: 0799581ec20000980e2b8be000000001
last-modified: Thu, 12 Sep 2019 14:55:40 GMT
server: cloudflare
etag: "a16a6aed0224741da06e724b5a4abea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 12 Feb 2021 17:57:40 GMT
cache-control: public, max-age=2678400
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
cf-ray: 6108c2de0c9b980e-FRA
x-amz-cf-id: mkfI2N9v_a7pzd3-42FSwJHdqLO9dwDB1v9sRDuYvrnBm8XEcfWz9w==
cf-bgj: imgq:100,h2pri

GET
H2 200 1609939143_28885
cdn.speakol.com/media/prod/75e17b4889d52c8b277ade04d0ac2f95/4950/ 63 KB
64 KB 61ms
20ms Image
image/jpeg 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.speakol.com/media/prod/75e17b4889d52c8b277ade04d0ac2f95/4950/1609939143_28885
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf5b56086f66e68940f389d1d4e891aed58df556648dd64f83d51393075263b3

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 534401
cf-polished: origSize=67441, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 64590
cf-request-id: 0799581ec20000980e0423e000000001
last-modified: Wed, 06 Jan 2021 13:19:04 GMT
server: cloudflare
etag: "06c1f151cd53af95fc924d02cbbc08c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 19 Jan 2021 17:57:40 GMT
cache-control: public, max-age=604800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 6108c2de0c9c980e-FRA
x-amz-cf-id: e-I4e-lRNA5Sp5MjO8BD6H-AJ97gpJpvlcAFj_kAtl_HhoB81edR7A==
cf-bgj: imgq:100,h2pri

GET
H2 200 sponsor.png
cdn.speakol.com/widget/images/ 2 KB
2 KB 60ms
19ms Image
image/webp 2606:4700::6811:a755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.speakol.com/widget/images/sponsor.png
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e316e21e94db093c25e74a8e510e124fb7f805943fa2f2e5f3738636d70fb191

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
via: 1.1 976d678772d12ef1dc632cc293efa4f5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4069
cf-polished: origFmt=png, origSize=3349
x-cache: Hit from cloudfront
content-disposition: inline; filename="sponsor.webp"
content-length: 1600
cf-request-id: 0799581ec20000980e20325000000001
last-modified: Thu, 12 Sep 2019 14:55:40 GMT
server: cloudflare
etag: "c3f586616268e8e0ba61d6d7c327d205"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 12 Feb 2021 17:57:40 GMT
cache-control: public, max-age=2678400
x-amz-cf-pop: MXP64-C3
accept-ranges: bytes
cf-ray: 6108c2de0c9d980e-FRA
x-amz-cf-id: XkAJE7yNtdELHQH-u3WpIdSdxdJ8IH66Z4ljbeVyCyezYNkLJecW9w==
cf-bgj: imgq:100,h2pri

GET
H2 200 1725539.jpg
saudigazette.com.sa/uploads/images/2021/01/11/ 114 KB
114 KB 74ms
34ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/11/1725539.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

406d59d0b5c900ec537c56d673eb4698d03f92dce4c515cc07628d00e073d59f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 116374
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 11 Jan 2021 09:02:48 GMT
server: nginx
etag: "5ffc1438-1c696"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1725249.jpg
saudigazette.com.sa/uploads/images/2021/01/10/ 145 KB
146 KB 79ms
39ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/10/1725249.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

97455a649402b636fdd112458b908305d64ed9af2701f257442d19876aa54707

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 148640
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sun, 10 Jan 2021 14:33:01 GMT
server: nginx
etag: "5ffb101d-244a0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1724827.jpg
saudigazette.com.sa/uploads/images/2021/01/09/ 139 KB
139 KB 89ms
50ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/09/1724827.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

8fb6c27208546bd87cbaa0769365f4aa356000a1650b6ce179120b7458e7d3c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 142112
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sat, 09 Jan 2021 16:08:24 GMT
server: nginx
etag: "5ff9d4f8-22b20"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1725298.jpg
saudigazette.com.sa/uploads/images/2021/01/10/ 119 KB
119 KB 89ms
50ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/10/1725298.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

01805fdfdd37b6640a0c30cdfdb620b707eca4407a8b4ab3c587579be0d1c4d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 121512
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sun, 10 Jan 2021 17:37:03 GMT
server: nginx
etag: "5ffb3b3f-1daa8"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1725429.jpg
saudigazette.com.sa/uploads/images/2021/01/10/ 189 KB
190 KB 89ms
50ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/10/1725429.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

efd9264760b8efd2eb85c4df77ac6d1d80acb75a0c48acd3248dfa08ae95e697

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 193746
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sun, 10 Jan 2021 18:56:01 GMT
server: nginx
etag: "5ffb4dc1-2f4d2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1725152.jpg
saudigazette.com.sa/uploads/images/2021/01/10/ 196 KB
196 KB 89ms
50ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/10/1725152.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

80efdd910d7eaa64503599b88eff5a652f187000a277e831e346d97dcfa2a079

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 200252
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sun, 10 Jan 2021 10:27:56 GMT
server: nginx
etag: "5ffad6ac-30e3c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1725117.jpg
saudigazette.com.sa/uploads/images/2021/01/10/ 142 KB
143 KB 56ms
51ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/10/1725117.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

71b1a56375c21cf2035ae9747530b59d283bcb6e96f56696df5600f31e64aae7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 145829
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sun, 10 Jan 2021 08:12:11 GMT
server: nginx
etag: "5ffab6db-239a5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1725520.jpg
saudigazette.com.sa/uploads/images/2021/01/10/ 67 KB
67 KB 56ms
51ms Image
image/jpeg 192.124.249.107
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saudigazette.com.sa/uploads/images/2021/01/10/1725520.jpg

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.107 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10107.sucuri.net

Software

nginx /

Resource Hash

3fa09f4cdbdbfb76efd1e5d6b981c1747f8a15826f034292801d1a0d83b3cb56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 68520
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sun, 10 Jan 2021 19:42:26 GMT
server: nginx
etag: "5ffb58a2-10ba8"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 505B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

62ms
62ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF9A 0
0 181ms
100ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulRzA6gGdiWUeoOgfKiC1MLxwbkWlMsYk8qex0iP3zYffjyyuRczfodNPi503-NT2ietdJYUPF0Mee4VrtrjsjpFNOb5n5L0qZAXK0Y5beE_aFF05X-DMto4OzddEGYbqCHTpbZZqa3a6BjGs_mEu6F-cJJr8Ns_RBmVRV_DwJ2gvT_ekjVT2l3zQERQdw2x_UB64x_BlDMrpNbJpeQFHpzFENq23xHyHvVL7IhSgB8K_BmQW8cvmppHyNyHRVgKzTH_X5w3oVara2E6RLMsEBxU9GrpzoWFSdJFNtc2Jr6mQtv99z2dRyUjPylDDN3w&sai=AMfl-YTIRQQ2v0YHNpY5VvGm47GcgUL4lN4GUakESANjGRCifkyy5akJzPNxjM91gT5JdtAiR6XhU68-UsGMUYwDMZDdoACJGCsGkyzCynP0G1vzzjidWuo3uXJz4_tjWOE&sig=Cg0ArKJSzIsddrRQDq0CEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93DE 0
0 177ms
100ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK_QsGxzY_fCnpOkD7hSsFhTjJ6OtAOIY3_ybvBPLtjbREF7uFN4x_6JsGYObCg2F5WeXKrjqRCfOhnzb_A5kZ7EAhTJI1E5NaFhh6UFxKjbRs7XG2U0ISWC_txFfZbJ8-rJhhEGcVEWl3b_qAki_jRkcOWlxW_v9huboIZT_aC7oH9uBGs9NMYIrhvQEub_1ds_snzSDOxH6e8QvNazJjtrqpFFcotBy7cmz9NE_D07puFcrxo51fig4bQhx7u9tMp4dLGSRZ1WpLCSKXT4lXc9u0fqfldxS9Yh4_cBc0di-PzsX3nfFlKVoX3A&sai=AMfl-YQ4XC8dkxCu3u36LwoMS3ZZOcYlvW6pgAIb-b8HkbczoaODE6xQW8YE1iuIIfbhRx50epTt1YJCgGVks4veNZyzIW0SEsoHCMymU4YSr4y-k1BtJtZ-gSLFS7H1tfA&sig=Cg0ArKJSzOeTU1zWeIZUEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7666 0
0 176ms
99ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVByXV5wkaic7FW5Upn07kF6XMyXcIiYSSEcvn1YuNw8krzGTl1b1IT7v_XR7qgKc3Wu1CO01-z1b5DK-iwAEug-fZytNMOsP9Y7w2z_VGsvdVfVh4MeGZp3Tj2IA44HHpLS5D3braLboPOs_b9aUIlvGrCWVjmDfsl98kfEekmI8X-EBeS8yp2GpQUU10IIKRYT1euSWxyIM8dVilDJSAfGEWDmaliYYb9gd6OVhMezbyNoXglwEISEDs8P1ZidwR5_9rVyNxU5CyHQfP4xifaCZvXDFE5VDgpRdXVEST460T99_5NPzcZK_MKHrYBrQ&sai=AMfl-YT6EGEk-vRZYwoouthY71Kb1Tjo47gwCwub-POqUKM6Or4q7-723cf7Zd9CYzLN4MNHUbSUMRCyej0CV65hIrMf5s0M_zwFqmASJXcnQcJb1-GFPHGKIgyTJhQBvRQ&sig=Cg0ArKJSzJer0r3ykM1REAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 17740078715885588396
tpc.googlesyndication.com/daca_images/simgad/ Frame 505B 47 KB
47 KB 8ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17740078715885588396

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3c028a3b46161b978a152d706336da8f0a5eab56aa850b34d348abb39e472f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 06:01:26 GMT
x-content-type-options: nosniff
age: 388574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48051
x-xss-protection: 0
last-modified: Wed, 26 Jun 2019 18:08:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:01:26 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 505B 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 66193
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 12 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 505B 295 B
325 B 11ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 72259
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Jan 2021 21:53:21 GMT

GET
H3-Q050 200 container.html
d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B589 0
0 80ms
66ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 12 Jan 2021 17:57:39 GMT
expires: Wed, 12 Jan 2022 17:57:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK asyncjspost.php Show response
wtf2.forkcdn.com/www/delivery/ 8 KB
3 KB 952ms
283ms Script
text/javascript 139.162.26.143
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://wtf2.forkcdn.com/www/delivery/asyncjspost.php
Requested by: Host: vibecdn.forkcdn.com
URL: https://vibecdn.forkcdn.com/Inarticle/iav.js?publisher=saudigazette
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.26.143 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-139-162-26-143.singapore.nodebalancer.linode.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.19
Resource Hash: 1c73fd2454168b9d3ba915aeac08bbccd7aff3dcb4b08a29df4916abdd1c5331

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 17:57:32 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.19
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: close
Expire: Tue, 12 Jan 2021 21:57:32 GMT
X-seq: 1

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 6C4B 180 KB
51 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 443127
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 14:52:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:52:13 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6C4B 13 KB
5 KB 41ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 443890
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 14:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:39:30 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6C4B 90 KB
27 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6C4B 3 KB
1 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6C4B 41 KB
13 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6C4B 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 66193
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 12 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6C4B 295 B
320 B 6ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 72259
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Jan 2021 21:53:21 GMT

GET
H3-Q050 200 16173548980753289152
tpc.googlesyndication.com/simgad/ Frame 6C4B 18 KB
18 KB 8ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16173548980753289152?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkM2rN-Cfh_csrMSR7Ch6drQ_r9eA

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d909dc082ed1458000f25d33667a6d0dbe76388a93dc06f1dbf4d494ac9405d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 08:09:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 09:55:03 GMT
server: sffe
age: 380883
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18179
x-xss-protection: 0
expires: Sat, 08 Jan 2022 08:09:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6C4B 0
0 16ms
15ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrUUtW2udthLGaUyuYZsJ0QS6qIrDicO9COvYARX-A4ay-4mi0b5-iBw63SocPyHQhhW7v
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6C4B 0
0 87ms
86ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CH4mIE-P9X6PZOqSc-gbgjLSAD8yQwZlg89SpodkMn4O649cCEAEg94KBLWDRgbmC0AegAY-hhOwDyAECqQK2YGjygF-0PuACAKgDAcgDCKoEwAJP0MIpnvuvNrzsVo7freShBdlB8U02wTTrnUIcQUSWbQyftGSn6mz3GoMjjRZT45L4ATo1_UICNoc0ARL9QGLka_dCmhs-Wr5jCVHKMjnE1Af1VHEMwTLhS_dT8dHHpaK6LaitLAkaLWFvgsrdQwVK6v0OT330HIOUnRqVveisyjuqjkIizRCfULMk05TsinMP3-VfvcgEmC_f35gyxIKu7leD3XWG-YdiQF_7868_s9F0S3VlwH86Lg57oT8yOVDv_-E2CROgt4glnJRJZ_FPwrd43rCd_rdKU4pGkl6mkIQze6HocMaWnHf0Uo_up_qQany2y7DohgoULFfV9dq723dvL-uhXvSQT5oqHaYJ8RFDegP8V9Kz2xLTGd_A7wom8WsTgMTqud6W_QXf_5gcGWXPHkEeyFN9mHgFDoC6McAEuLqX_qoD4AQBkgUECAQYAZIFBAgFGASgBgKAB9ne-xOoB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCw2gXSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTI2NDA4MDg0NDYwMDA3MTCACgPICwHYEw2yFxoKGAgAEhRwdWItMzk5MjM5MzA1NjE2NzUxNQ&sigh=HBuAgARq_RQ&tpd=AGWhJmsFe51_MVCCLiK7qXFV6C3BYY8c-vr9SwTogLdc0K_7xw
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 93DE 9 KB
7 KB 84ms
70ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010903&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

163e0d1a0827b138d2d6e9cf459dc2b75b0e28ec3b0089d43d74ad6c713936ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6805
x-xss-protection: 0

GET
H3-Q050 200 container.html
fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B5B8 0
0 74ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 12 Jan 2021 17:57:39 GMT
expires: Wed, 12 Jan 2022 17:57:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF9A 74 KB
28 KB 54ms
49ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DF9A 9 KB
7 KB 54ms
51ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010903&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf80e4f21ca236ecec40b47be7c3c2c74be172a8b1502c8bad8a11510cb70c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6803
x-xss-protection: 0

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 3760 180 KB
50 KB 75ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 443127
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 14:52:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:52:13 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3760 13 KB
5 KB 50ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 443890
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 14:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:39:30 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3760 90 KB
27 KB 51ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3760 3 KB
1 KB 52ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3760 41 KB
13 KB 55ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 12 Jan 2021 16:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 16:06:11 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3760 4 KB
651 B 63ms
17ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 16:49:10 GMT
server: ESF
date: Tue, 12 Jan 2021 17:57:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3760 4 KB
651 B 73ms
27ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 17:44:48 GMT
server: ESF
date: Tue, 12 Jan 2021 17:57:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3760 2 KB
2 KB 17ms
8ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 66193
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 12 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3760 295 B
320 B 20ms
10ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 72259
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Jan 2021 21:53:21 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10677082619850922448/ Frame 3760 25 KB
25 KB 20ms
11ms Image
image/jpeg 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10677082619850922448/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qnD5M4IHzNli5VCUYS96A8Y7Ttvww

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f6ce2d7c9dfacf71e711e203b5ec13ae8d4de9ca0569e159f8917f8d6e59e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 20:57:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 30 Aug 2020 07:30:51 GMT
server: sffe
age: 75583
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25971
x-xss-protection: 0
expires: Tue, 11 Jan 2022 20:57:57 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14885163783912385153/ Frame 3760 7 KB
8 KB 19ms
11ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14885163783912385153/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qkVRZxpfykvJbZkHOKQE6_l8PO9-g

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372babe9a423bc48c73277d43a1ce39e02ec0a9daa2c9ffa8a1603215d00b187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 07:00:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 18:37:29 GMT
server: sffe
age: 125850
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7653
x-xss-protection: 0
expires: Tue, 11 Jan 2022 07:00:10 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3760 0
0 100ms
91ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5F9wE-P9X5-_PNqZ-gaW6pDIC-y2ufBgr92G06sMiLqy_bMhEAEg94KBLWDRgbmC0AegAa6SwMsDyAEG4AIAqAMByAMKqgTDAk_QKIZCgo0bIuNV_Tm7sWGaI8Lg3wh2GLSdzchQv-JVhW0eEOisKyn_oBugzV1aod3X97veNMEM5rdbbLfdvw3Hvz7VJjt1K2nZqhpHGD2cp7MB7-iq2Cz3IUpCBtTVtICSRdPeUB39ftm0aQlu_o9HFIYJvSIfjcXkdK60YKhiM9uJAZNKvni6hM3G3Fs5WGnO7dF0ZQKAaYPXNTunEkU2FDIVES79fptZRxy4YG_mquPYqp253h9ahOUE_YLKL_AipAaatfBlTqr7kLzYnBlYfh5ThmVef5oEvPqyz4Z2qB9qPk5Is022vTAuQFabFboevqEq-0kf35ZTwI5QK1QIgCtpCkWhHs0EcGI0P7L6w_VOe3C-1_Q2e0_WU3kxmQDl6iXReUOhhNXRU_xhSDhq-fGyHn-vZ3hwUpo2qZvAuu7jwASr3pmslQPgBAGSBQQIBBgBkgUECAUYBKAGN4AHuu2_NKgH1ckbqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKLBFNIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tMjY0MDgwODQ0NjAwMDcxMIAKA8gLAdgTDIgUArIXGgoYCAASFHB1Yi0zOTkyMzkzMDU2MTY3NTE1&sigh=C24BdmfZqR0&template_id=492&tpd=AGWhJmvmAJHji2n1UhtZqOH2WEv34LdHm2sr0lRgO5knnhiOAw
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 3760 0
0 23ms
15ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIu8tP-4X3IV41y2tX3qMgtst07ncrd3KiBPyRhzqtTFdEFapIW1Kg8HX9VC2RdAT_KEIs
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7666 9 KB
7 KB 28ms
23ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010903&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66f806da8e75cddbf008d6322c929342b37aa1c119370d4edd45c5c2e5728226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6730
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 93DE 16 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DF9A 16 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7666 16 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:40 GMT

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 36ms
6ms XHR
application/json 2600:9000:206f:2200:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 04:36:19 GMT
Via: 1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 220881
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 19
X-Amz-Cf-Id: gwXK1BDcyxwt7DftEtds1VTsdF2uyfXzTRk3-VMj50h7cm21pl-QxA==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 707 B
752 B 201ms
53ms XHR
application/json 108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&vt=ca4e3e02-969a-4288-be44-8c5d48ff8630-176f7bf0764-e5a6f802
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1610
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 0484703e5b1d013287b2575d4a612fa4e5338ccba8ce1f215dbc0d4324784ec3

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 420
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 50ms
49ms Image
image/gif 108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t&vn=b21b8ec&tz=1&pu=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&vt=ca4e3e02-969a-4288-be44-8c5d48ff8630-176f7bf0764-e5a6f802&vi=10a39a36-b609-4a46-9584-fbec614039f2-176f7bf084f-e3618ee7&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=The%20realities%20of%20ransomware%3A%20Five%20signs%20you%E2%80%99re%20about%20to%20be%20attacked%20-%20Saudi%20Gazette&te=545&sh=1200&sw=1600
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6C4B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

58ms
58ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 344ms
110ms Other 3.85.246.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Server: 3.85.246.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-246-125.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://saudigazette.com.sa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
653 B 281ms
281ms Script
text/javascript 108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1610474260016_2

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1610

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-24-244.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

7963f27c8649ce9963bc1873cf299c4b92c965f730de752fb2ceb5898add8225

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 97
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 110ms
110ms XHR
application/json 3.85.246.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.246.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-246-125.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 12 Jan 2021 17:57:41 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 5644 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Tue, 12 Jan 2021 17:18:43 GMT
expires: Wed, 12 Jan 2022 17:18:43 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2337
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame BB68 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Tue, 12 Jan 2021 17:18:43 GMT
expires: Wed, 12 Jan 2022 17:18:43 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2337
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 7FDF 0
0 10ms
9ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Tue, 12 Jan 2021 17:18:43 GMT
expires: Wed, 12 Jan 2022 17:18:43 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2337
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3760
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Jan 2021 17:57:40 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1

200
OK

google_gid
collector.effectivemeasure.net/sync_webhook/ddp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEJd7a53-0-CUFLYnM-mwQhY&google_cver=1

35 B
288 B

113ms
48ms

Image
image/gif

108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEJd7a53-0-CUFLYnM-mwQhY&google_cver=1
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:41 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEJd7a53-0-CUFLYnM-mwQhY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

51095ffd-e314-4000-985b-997b41bd1255
collector.effectivemeasure.net/sync_webhook/mediamath/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID]
https://collector.effectivemeasure.net/sync_webhook/mediamath/51095ffd-e314-4000-985b-997b41bd1255

35 B
288 B

102ms
47ms

Image
image/gif

108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/mediamath/51095ffd-e314-4000-985b-997b41bd1255
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date: Tue, 12 Jan 2021 17:57:40 GMT
Server: MT3 3483 e916156 master cdg-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://collector.effectivemeasure.net/sync_webhook/mediamath/51095ffd-e314-4000-985b-997b41bd1255
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 12 Jan 2021 17:57:43 GMT

GET
H/1.1

200
OK

826e9f292d28b8a019f346de11579c98
collector.effectivemeasure.net/sync_webhook/lotame/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://collector.effectivemeasure.net/sync_webhook/lotame/826e9f292d28b8a019f346de11579c98

35 B
288 B

53ms
49ms

Image
image/gif

108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/lotame/826e9f292d28b8a019f346de11579c98
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:41 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:40 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://collector.effectivemeasure.net/sync_webhook/lotame/826e9f292d28b8a019f346de11579c98
cache-control: no-cache
x-server: 10.45.8.33
content-length: 0
expires: 0

GET
H/1.1

200
OK

5557376989509192270
collector.effectivemeasure.net/sync_webhook/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1181
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181
https://collector.effectivemeasure.net/sync_webhook/adform/5557376989509192270

35 B
288 B

92ms
49ms

Image
image/gif

108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/adform/5557376989509192270
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:40 GMT
server: nginx
location: https://collector.effectivemeasure.net/sync_webhook/adform/5557376989509192270
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

8767250782314601884
collector.effectivemeasure.net/sync_webhook/amobee/
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMzg2L2NpZC8xNzQ4MjE2NzY5L3QvMg/url/https://collector.effectivemeasure.net/sync_webhook/amobee/$!%7BTURN_UUID%7D
https://collector.effectivemeasure.net/sync_webhook/amobee/8767250782314601884

35 B
288 B

92ms
48ms

Image
image/gif

108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/amobee/8767250782314601884
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location: https://collector.effectivemeasure.net/sync_webhook/amobee/8767250782314601884
pragma: no-cache
date: Tue, 12 Jan 2021 17:57:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
338 B 155ms
49ms Image
text/plain 52.16.29.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=narratiive&partner_uid=ca4e3e02-969a-4288-be44-8c5d48ff8630
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.29.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-29-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:40 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1610474260
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

0c2ef85f-ade7-468f-8e4c-49a44734dd2a
collector.effectivemeasure.net/sync_webhook/ttd/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1
https://collector.effectivemeasure.net/sync_webhook/ttd/0c2ef85f-ade7-468f-8e4c-49a44734dd2a

35 B
288 B

47ms
47ms

Image
image/gif

108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ttd/0c2ef85f-ade7-468f-8e4c-49a44734dd2a
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:41 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://collector.effectivemeasure.net/sync_webhook/ttd/0c2ef85f-ade7-468f-8e4c-49a44734dd2a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1 200
OK salesforce
collector.effectivemeasure.net/sync_cbpixel/ 35 B
288 B 149ms
49ms Image
image/gif 108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_cbpixel/salesforce
Requested by: Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-24-244.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
551 B 101ms
50ms Script
text/javascript 108.128.24.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221610474260772%22%7D&callback=cb1610474260016_3

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1610

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.24.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-24-244.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

4f91c70054cc54e0f4b5927ab70db1db275cbe2cec51ea9a79aab0f4c96d3e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 95
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93DE 0
121 B 16ms
16ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010903&jk=1046352756845709&bg=!0dKl0pHNAAWEbmp2hDsAKQB2-DxauqiYb-PKaqR3ytzki-CHNftLB50UEZAeGLHibzq7pDFc0NEEAgAAAQhSAAAAGWgBBwoAvu0A62QrnyfT_MGNNNQl4697Mrxe9hxBe-B2jmXp4j2k9LKWSkVB14rDGuqSS6Crrd3675RB_nsDEAvTcvMWjFZrzLGgidn8oeMExBorGHpK5gNHzm0WjUb-W-McCh4gm7QRBL_ba55as0N-dNQKJKHrwoCAnuBSXvcQaBWqjwvnsC3Or13CSWvWRjQwltic2iN50rCkFz5cD0TG0pQ1WqQCtnJPYNaR2nYwoz5yZd9fAcqciMBEw-_NuPzLK3mZAfBHR0gfco1F423MFFGSA3I8uvfyHMbF3A2X4oAs5UN5VeSZZ685FP4Zu6al9oE3qoOqI1c91mZhPNzEW0MMTJ_gBb9G6pERK_iIcw7d7x95LQigXjK9bSypbr97a-WuyqGTXRyyTRo-D-QRl2QYSfKfZBj05Emeyi4M-2XihOHOKlvocQfE57L-bPjkZuhAhsZwUZyTwW0n-RL5xN6SjICACeGlBJH8cuyq0nO77zY9TSmTTuteNaJ3Jc9LRcghIrPXmM6G8xzg5oNZjRqwuKkwTNskf9XTJd2DYIjX_ZcCU9561-eygpQM_iuHxm8C8pEgpxQlmTxBQ9O8PY131OwHb2Gbq-XQkoBKWonpgVk78jz1wE0VNEquTnhLAip1G8OBrWce916MFHe5Bwb5vx7G38VV0YCXjNyLIb9JlnBx-ZwwNwnsHr68hbJNd7oIDMMnLsiEE89hLkbVC6u34xvh8c-Q9TdbBwtLPDy8J-D9L0jO4L0dw85Fgeox7whO1jh7oPT24QmIdtINr2HXIRllQYon9ebxTBkgSeI1JdwlpdXv6lgSFxiJwL5Cqk4Fckoh7Kj3TQE9JqJ-IANNOsEhQ5c4bOkp96pPKrO0RFRwBTlpbxYI2jVSwKM3dYq7xYMbUlGHkbQEohO4Rc8_Cxw6

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF9A 0
56 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010903&jk=2887867232663931&bg=!9fal9rXNAAWEbmp2hDsAKQB2-DxaFCkORQ6dmuMIFE51DfOf0k_CX6fFVtDViLAtbZEB3sFMrKF2AgAAANBSAAAAHWgBBwoAn0U5HwgEeS82NzgfIxxDIaYqyWaMylWIyGcYsaYAT_hXiiFfoefjIcJx2EPJ5XHBKeM97ObQ7IlUeV9mRg-r6-2Zbh0UYHOYsTuCa3MsyS_wIHmGwsHdffMd6FWnpZD0T32T5Wxqs2vOii4SLkBE5_A85zFUf1RYDuVHAqKbbQyifF8bdnG68xMdNgVcjmEwqZOx-y6CeO8TDyr9DRSRDJkB2eaKGvKGAwDr5MoclHYa7m2ExFm4nU9M2RtlRdLJ3DaWeCS9CSIpfKyq_4e9avxKSOcKYS1C5cNLczPkwY92QQGs9JH_z4tpy6ZyWbINTgedypF30P02Rh03ezE-M6-N6uW6iZrcNG88spPaGB9wkKVA3apyyUThlVz8m8TmPVZ569z-a8S4n3JSclHOnx3-taNA-1YKQH-puBLpzJ0tHZPYCQPHzaf_nqDYRVdtLSWjxNaAsHMzfHMUcGVz9o3YNzd_yQOWeAMA0FZQpP0m7nNZySxV19RhklKjFMQHeOBEwxt1cT7roqj1o0xk_rJs7G4m4-8p_A7cnxCus8DvQiQi3rkwOhE5_n0PTEc5pEUBFlLERJQR6f9TqK6jwaKRfWXRWgmhOvVPJa-SW-hPOyvs0OrvsaUqQ1zdTNPvDr4cRSgrl8Eh6vwyE7h3ILlL1jeExcBAzgi_MdUKSkWVPPckDOX6qA07g3mBqkqoL60DRctJxKv6HkF3Y8u4hFey3gv74kUvEcQWKIirV6G9TnbNHfdn17AfGKJOtFG9wlycDa7JA57cyO9DGJpNFQkygT4jvmgmho7cy-BCvx0HQZ8kGDwX_ceCqX7aFxQmthQvLtAoBKGPpV0n

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7666 0
47 B 19ms
19ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010903&jk=4124413925368160&bg=!aWqlainNAAWEbmp2hDsAKQB2-DxazuoWD9Lo8dyMpMLdJWG80z5SRnHBZCaWYNFK1upU5AJr8XcoAgAAALVSAAAAHmgBBwoAzSJI4dxMQicFYvr9HdQ6iAbvJSGLxp2NfAcSk9SZ5VWMKsM5jY-hJQCqi9bJB4qEJAdjcNxRYHlg6cRu64Gqtxs6Wn8khoM4BCgcjvQoepljfSYr0XEfgykxR2K24hrJmUcRFWXRCt-shLPQctr2LHuS6Paw6K12FJ7udKjApENGfQ6FTZSO-QLTGXdKJg4E0SUP9gFyEOnuQ1HuCW0goFQ-ouDBbuFWWKW_ILeZdPhwsEwlaOAjr6t6F-7Q2FUJZFgLJfL2Hj46Y2Fzwd6ZAdwXTVsAMwJ45Hadx9QpyutKCpbj-UqlJzP2yqIgaDTvPOCs6a7RWdROnbU9d6WO4LUACBa2p5plm1sN6nho3azkyR6mZi01JoMuEfSisixXHcr5QA_monV1zVqVC0aoGq_On3eN0aIgOAgixBRs4fdMUAX-_Q8QDv_tspY7v_V5iW2z7tRIfvhsAKzDgAsJ45ERAC4PW413T4yucL3GNdnVq8DLgL5yKl9C0RHGbSTkLe7vO0fU0aV6SKqBzJ5gvilWDShUS55-1zBMoLHGw_geMbpMgfgNjPYiWjXQmU0LMdARXv7bjZ_IdMqne2zbrRli5yBbPgBXWdMgLdHgVoy1dJFbABkSI_XpMo2EpPjWtT_3AtEtSXZ-u9a6zIZW5LsGPHCxz94sWpW6TuKqNDy51P7EqfPv-85t8wP7DqRyKLQQfBH913oOVX-R2MWzFKdf6Q50feqeBcMvNF4yJVwuZJg_P8msEAueJmDdhAkR072D5GZR8VoX7fqRFfNHcrt6ScH-NHoGQ-Is36iYju3P8BTp1VIpbQGPF-v1hGSnALhFnY9YqTkLwQBmunb9rEbhmS-l2hkVS0gsRs6vKngqxRAroNp29-1ygfm1lW6R-Fi380lkPuwWKrumOA

Requested by

Host: saudigazette.com.sa
URL: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK asyncspc.php Show response
wtf2.forkcdn.com/www/delivery/ 500 B
2 KB 814ms
347ms XHR
application/json 139.162.26.143
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://wtf2.forkcdn.com/www/delivery/asyncspc.php
Requested by: Host: wtf2.forkcdn.com
URL: https://wtf2.forkcdn.com/www/delivery/asyncjspost.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.26.143 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-139-162-26-143.singapore.nodebalancer.linode.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.19
Resource Hash: 3f1419f2525c6b7275eedd3a816adf5012baf7a75e8319b2415e277ecd894dde

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:31 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.19
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://saudigazette.com.sa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Content-Type: application/json
X-seq: 7
Expires: 0

GET
H2 200 rt=ifr
bcp.crwdcntrl.net/5/c=12596/rand=571526766/pv=y/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/ Frame 7CD4 0
0 65ms
64ms Document
text/html 34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12596/rand=571526766/pv=y/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12596/cc_af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/c=12596/rand=571526766/pv=y/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_id=826e9f292d28b8a019f346de11579c98; _cc_cc="ACZ4nGNQsDAyS7VMM7I0SjGySLJINDC0TDM2MUtJNTQ0NbdMtrRgAIL4v49FGBAAAE27Cr8%3D"; _cc_aud="ABR4nGNgYGCI%2F%2FtYhAEOAB2dAlQ%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

date: Tue, 12 Jan 2021 17:57:41 GMT
content-type: text/html;charset=UTF-8
content-length: 1498
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.19.238
set-cookie: _cc_id=826e9f292d28b8a019f346de11579c98;Path=/;Domain=crwdcntrl.net;Expires=Sat, 09-Oct-2021 17:10:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQsDAyS7VMM7I0SjGySLJINDC0TDM2MUtJNTQ0NbdMtrRgAIL4v49F%2FwMBPwMM8LVvnynBuCWJ4T8jI8M%2BJPbDL5ZMEOZ5P7DA8j%2BFqAIr1j%2FlRhW5sHgOC6rIuaOHmFFFLj%2B%2FI4sqchhD17SHn1VQRS6desSGKnLlvDqqwN%2BNU9CM%2BdBwXwDGBgB7LWKo";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 09-Oct-2021 17:10:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCI%2F%2FtYlAEGWBkYuGaAGU%2BYQRRjUwmIYt7UCaHagCQAwicHWA%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 09-Oct-2021 17:10:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15790/ 329 B
813 B 145ms
41ms XHR
application/json 13.224.94.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15790/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15790/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-34.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6764ab4d9194607e2f118691a954bc825c79c7ebb12be7bb163dd6f968c9154

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 12 Jan 2021 03:40:21 GMT
via: 1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
age: 51441
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 329
last-modified: Wed, 23 Dec 2020 17:09:23 GMT
server: AmazonS3
etag: "46d2cba2705c7834dcf7a7338e0dede3"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 8m91PwbZSn75xiK7RBlGyxPGUeMGe9gYe-TYj51WjZ8eLch4F6RgkA==

GET
H2 200 rt=ifr
bcp.crwdcntrl.net/5/c=12596/rand=674257908/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/ Frame A346 0
0 117ms
116ms Document
text/html 34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12596/rand=674257908/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12596/cc_af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/c=12596/rand=674257908/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20saudigazette.com.sa/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_id=826e9f292d28b8a019f346de11579c98; _cc_cc="ACZ4nGNQsDAyS7VMM7I0SjGySLJINDC0TDM2MUtJNTQ0NbdMtrRgAIL4v49FGBAAAE27Cr8%3D"; _cc_aud="ABR4nGNgYGCI%2F%2FtYhAEOAB2dAlQ%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

date: Tue, 12 Jan 2021 17:57:41 GMT
content-type: text/html;charset=UTF-8
content-length: 212
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.31.38
set-cookie: _cc_id=826e9f292d28b8a019f346de11579c98;Path=/;Domain=crwdcntrl.net;Expires=Sat, 09-Oct-2021 17:10:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQsDAyS7VMM7I0SjGySLJINDC0TDM2MUtJNTQ0NbdMtrRgAIL4v49F%2FwMBPwMM8LVvnynBuCWJ4T8jI8M%2BJPbDL5ZMEOZ5P7DA8j%2BFqAIr1j%2FlRhW5sHgOC6rIuaOHmFFFLj%2B%2FI4sqchhD17SHn1VQRS6desSGKnLlvDqqwN%2BNU9CM%2BdBwXwDGBgB7LWKo";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 09-Oct-2021 17:10:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCI%2F%2FtYlAEGWBkYuGaAGU%2BYQRRjUwmIYt7UCaHagCQAwicHWA%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 09-Oct-2021 17:10:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 20ms
19ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

493e20a225afd0c042ce7e72f6d2f7168c470dfa5021e3a616b440b8f5691f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6885
x-xss-protection: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5762a2ef9dee4c8c/ 166 B
324 B 55ms
53ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5762a2ef9dee4c8c/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:41 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 168ms
165ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5ffde3135b08749d&bkl=0&bl=1&pdt=415&sid=5ffde3135b08749d&pub=ra-5762a2ef9dee4c8c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=saudigazette.com.sa&fp=article%2F601690&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=saudigazette%20Newspaper%2Csaudi%20sazette%2Csaudigazette%2CSaudi%20Arabia%2Ckingdom%20of%20saudi%20arabia%2Clatest%20news%2Cworld%2Copinion%2Csports%2Cbusiness%2Ctechnology%2Clife%2Ccartoon%2Cking%20salman%2CThe%2Crealities%2Cof%2Cransomware%2CFive&colc=1610474261274&jsl=129&uvs=5ffde313a017e90a000&skipb=1&callback=addthis.cbs.jsonp__89878701925334270
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 85a30788f5588e50c4662c272b54a70385d134e8002d6271fa5da93453f9699d

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:41 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 34E2 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7F9D 0
0 78ms
77ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 12 Jan 2021 17:57:41 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:57:41 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame F275 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Tue, 12 Jan 2021 17:18:43 GMT
expires: Wed, 12 Jan 2022 17:18:43 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2338
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 115 B
928 B 85ms
85ms XHR
application/json 34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15790/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e4d95dbd77b5de1311630ddd1cf0decc261c2097366c092412e5b00160d5306c

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:41 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://saudigazette.com.sa
cache-control: no-cache
x-server: 10.45.11.21
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 115
expires: 0

GET
H2 200 lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 6342 0
0 42ms
40ms Document
text/html 13.224.94.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15790
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15790/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-34.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=15790
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_id=826e9f292d28b8a019f346de11579c98; _cc_cc="ACZ4nGNQsDAyS7VMM7I0SjGySLJINDC0TDM2MUtJNTQ0NbdMtrRgAIL4v49F%2FwMBPwMMCNz%2Fv1aDcV01w39GRoY3Jw7C2e3bZ0owbkkCs%2FchsR9%2BsWSGKIEInPcDCy%2F%2FU4hNeMX6p9zYxC8snsOCTfzc0UPM2MQvP78ji038MA5zpj38rIJN%2FNKpR2zYxK%2BcV8cm%2FHfjFKzGf2i4LwBjAwBM1YQp"; _cc_aud="ABR4nGNgYGCI%2F%2FtYlAEG2BkYuGaAGKxPmEEUY1MJiGLe1Amh2kAU9%2FsUMPVuOpAEAEC9Ckg%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Response headers

content-type: text/html
last-modified: Tue, 22 Dec 2020 14:15:11 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 12 Jan 2021 03:40:10 GMT
cache-control: max-age: 86400
etag: W/"ceadd48a9ae6ca8df88efa5984c92279"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: R_90QCMXSSAq2l8egQq1YGjvtdhSZj2U_mVGMFDh2SULw4KuXWB3sw==
age: 51452

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
135 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=130653929432493&bg=!3d6l3p3NAAWEbmp2hDsAKQB2-Dxa1KLzqomaHLPZI7bU0UTpPTkXg9Q7zNk3GV2s6dcXCaqgzGHzAgAAAHxSAAAAE2gBBwoBg0hABNQHhH2BX1TYh8cRaLNJPZI-std9Ypzz3cSgcYtg01fZIsHNnxt4OqWd6DmpsFguLym4a_Z_PXCsMBn0lWCntZYRTuusXz6BJmg3bXjkyiQNDrHffIt5tmko_DWLZrywpXqbrGIcIWgx0dtxvbtKHoZAlfvS03QujlUI8lZXZgh0u2F6-709slBsHgf7DIcHq2Ym7FlTDqOGRgaPdkpWK75BMr1w5hj4WNu4Sfi_uTZQnMCNixwF_gg5b853A-S1SXN-Q2buemUriHxnbsKYXUZLd34MTB1LOfrIsNSXaM2Wyo06w9VrJbNf4VD6feTj9g6S3yV4eOeI8ay_Q6g6qoz2HwUAeeyQh8vC4ibKcu64nGC5MvxlahgxVHa43GAAxDw1R7JpUO0V8bMI31f0gaTdkPH5kZSAHCK0jZwPVECsF7cFo_0h3zKjwCNrxfrKAVeeCjgITjlpNLAE0qtqx80buV1sh6JXQRMc6VfxNVnp7dD4_Ea7hRf7v57ZUkaf-pkB2ArWsDC1zTQmv--0XjA6gnlu6ta4fiw6d-XdULVlFfXTCm2i3rGCnk7T49LoXrHPuFzNBMsHJmI5ArHOpxTXuYvsPgrySSBjMvir9EFpfaYDwRFgjiKfls1uP205JHqpj6xskOGw_ZI6KVZBEIzn_6SRpz_zf8_28vaiu5MGnofLhL2p6BUtYQdGPu9YEfDZMPmxhq_rA4eUMNwE4a4eGFbcvNytme76KHY19TQ-N2hS0wTFdswLp8H-uU3to96rYEshO-D8zKp-QQOiDlG7ob038Bb9iNOyzNd2GGSvGM3uvkeJ5C0M53Nf0SpFMGR2pi2TGiGU5QcOh8EiDnQfBCgmHrG3VLwV_aYR-6bX_qRpE39gHt8TutwQ0T1RzW2kdRyHLktjBOnnHdZGG-b3vHocTtHJQyirx5idHKon1_UnSoZ5TxvIC1y36562lGRrjvfDX9gVypeFIUehLwc20n3SpDaMZto54Hs3WiBewcxyca7YObpDGVSFzuHa4ViLVX91qqdCw5fyRvzGJpzKbWzKxpEelyINKg5WDIy1tjGg0cb6M9w_sTXSAmWa3h4lbcDQn4rtI2FJSyNYYWltJvFtJLaTdBQ6g-NT_mGNhnO9IiPrJaiI4gM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 93DE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985a318ad180f54c0c6c5b2b950d8d4486ff8eb165648e576b28f7af14c8da53

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6C4B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62b50eb1dd93bc31fa39cbe7b25caaecb28cf372b7925306a5ed520a47f3152

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF9A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62519f1b9fa81dc1f90fa8ea7af8f0c12749266547730e309daf7e1982c7eb9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7666 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cfc9c2f77667169b71cccd92a356fd0a40b7e4a273df8d29d3933e649808916

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3760 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae7176987f616dec823a2bd780db5b36d9a841a647ff406d83c5a6907a61b6fe

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3760 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://saudigazette.com.sa
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 438336
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 07 Jan 2022 16:12:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3760 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://saudigazette.com.sa
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 22:21:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 70581
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 11 Jan 2022 22:21:20 GMT

GET
H/1.1 200
OK lg.php
wtf2.forkcdn.com/www/delivery/ 43 B
1 KB 610ms
209ms Image
image/gif 139.162.26.143
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wtf2.forkcdn.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=491&loc=https%3A%2F%2Fsaudigazette.com.sa%2Farticle%2F601690%2FBUSINESS%2FThe-realities-of-ransomware-Five-signs-youre-about-to-be-attacked&cb=a6a9d38002
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.26.143 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-139-162-26-143.singapore.nodebalancer.linode.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.29
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 17:57:38 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/gif
X-seq: 8
Expires: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7666 42 B
89 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw8sGixr8Jo9rparP7Vk22leXK-118WBXffbOD6VgHojVC1R98CIZNZITUkk6LKSfPx5hcevCVUUBH-nRpDN9QPVWE4mQBxo1WO8QQQ-s&sig=Cg0ArKJSzIVlODpEgMu9EAE&id=osdim&mcvt=1000&p=555,1085,805,1385&mtos=1000,1000,1000,1000,2813&tos=1000,0,0,0,1813&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2920076825&rs=4&met=ce&la=0&cr=0&osd=1&rst=1610474259457&dlt=0&rpt=653&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF9A 42 B
66 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXRhtB0-FPv0aAUkklWCnlpg4oZYgjfva5Ui2aN58w_AXlQgbRYKS-3FMLWnxMVsYfxX3siUJVo-rUTMwfRjwjexWdafPv7cmedE8fX10&sig=Cg0ArKJSzNRa0bsx0uDmEAE&id=osdim&mcvt=1001&p=198,225,448,1195&mtos=1001,1001,1001,1001,2933&tos=1001,0,0,0,1932&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=956449708&rs=4&met=ce&la=1&cr=0&osd=1&rst=1610474259456&dlt=0&rpt=645&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93DE 42 B
66 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPoE-W-bPgGQOasVk9tOJI7ary6PeKycPzk0chGaYzzIUjwBduS_OZoz5m7-kkkrEN3SartG973PwI9R6nlmTyEaeOdd2HxdsLfStQy8k&sig=Cg0ArKJSzDaGTW_rVoeXEAE&id=osdim&mcvt=1001&p=42,647,132,1375&mtos=1001,1001,1001,1001,2848&tos=1001,0,0,0,1847&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1104727823&rs=4&met=ce&la=0&cr=0&osd=1&rst=1610474259457&dlt=0&rpt=650&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3760 42 B
89 B 21ms
20ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjnw6olAJwxhorI3fEfWY7KHo1o-pysyH_ipWDRfbSX-OfXfAkY0onL9v0mYDfXx3C4_D6ogDO7GyBDlx4yIKVdP8XNwZv5ZH8Icde_2kX9JDm2Y2uDwnOgl2AghHP2ZYIMdhDEW5I43fn-zalgmdcsQ&sai=AMfl-YSP_QA8uTZ-H9hN0eWeLvCx089R3-jGD1o_AZFLWBRWqzphjO6DO3QG1ShwmWAWpwyNRy7cs3Rbf2r5ffI4J5qIZr5E4DVmHPV4_rxwuSeAIkZ42dWfH8doncKozg5t&sig=Cg0ArKJSzEYZev4dIo7gEAE&cid=CAASPeRoPOfa3wpRjzUwgWu8sMNIM0INdvp6PRLfdqwSWIs75zWd0EVtPvY3Im6S0y0HgKLd6FgtUie5ZhUGFsU&id=ampim&o=0,0&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=1147&tls=2151&g=100&h=100&tt=2151&r=v&avms=ampa&adk=2884593256

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6C4B 42 B
66 B 17ms
17ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYjvI1hTXDN9J5VdeZaz0DBDy_x0TzI1C6XNuaP2vY7wjmCBNICYut29p5732OfrkBq9drdMF0BSLaCf_y9eRucpCky2G-zM20Fxm4H2zPENGbq7bcR7jlN8SA4w&sai=AMfl-YQyXGUQ8WoI0zcRXdv_vzk6EHOp9m-TPPQ3UI4FaUcwDl9DsHCXoazdfGR9SWOkUh3nxg2UyaE7QUmRuecmKS4T6WS5I9bZ_UkRx6oyRsudthu-8llncxYocEktbCFk&sig=Cg0ArKJSzN-9-8x_xOaEEAE&cid=CAASPeRo8xOCUwDwULRKCUbgJGpVdYKtqiZ5oet-A9pb5GI2JP7p-JY4rQMlV2KGGuSZUIzJL3c9Trqm4lVfcyk&id=ampim&o=0,0&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=1190&tls=2202&g=100&h=100&tt=2202&r=v&avms=ampa&adk=2521754550

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saudigazette.com.sa/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

312 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.contextads.live/	1970-01-19 16:46:33	Name: fmgctxuid Value: {"id":"1mymZWEqoeeRlgiid7TVZ5xmIph"}
.doubleclick.net/	1970-01-19 15:21:15	Name: test_cookie Value: CheckForPermission
saudigazette.com.sa/	1970-01-19 15:21:16	Name: __atuvs Value: 5ffde313a017e90a000
saudigazette.com.sa/	1970-01-20 00:51:28	Name: __atuvc Value: 1%7C2
.saudigazette.com.sa/	1970-01-19 15:21:16	Name: _em_scf Value: []
saudigazette.com.sa/	1970-01-19 16:46:33	Name: fmgctxuid Value: {"id":"1mymZWEqoeeRlgiid7TVZ5xmIph"}

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://vibecdn.forkcdn.com/Inarticle/iav.js?publisher=saudigazette(Line 1) Message: https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://saudigazette.com.sa/article/601690/BUSINESS/The-realities-of-ransomware-Five-signs-youre-about-to-be-attacked

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2735169f0b5b866f5a041c19ff9eae6d.safeframe.googlesyndication.com
a.teads.tv
adservice.google.com
adservice.google.de
adservice.google.dk
analytics-vibe.forkmantra.com
api-cengine.forkcdn.com
b1a0f1f95b52943f18c1eba80ad310f8.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn.ampproject.org
cdn.speakol.com
cdn.wickplayer.pro
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
code.jquery.com
collector.effectivemeasure.net
connect.facebook.net
d.turn.com
d35413cda0b33218ba9420f58ef204e9.safeframe.googlesyndication.com
dac.contextads.live
dac.forkcdn.com
detect-survey.effectivemeasure.net
dmp.adform.net
europe-west2-mmpww-vendo.cloudfunctions.net
fead12a879192af611280e6242e46a2a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
m.addthis.com
match.adsrvr.org
me-ssl.effectivemeasure.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
rd.speakol.com
recommendation.speakol.com
s7.addthis.com
s8t.teads.tv
saudigazette.com.sa
securepubads.g.doubleclick.net
serving.stat-rock.com
stats.g.doubleclick.net
storage.googleapis.com
survey.effectivemeasure.net
sync.teads.tv
t.effectivemeasure.net
t.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
v1.addthisedge.com
vendo.mmpww.com
vibecdn.forkcdn.com
wtf2.forkcdn.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
s7.addthis.com
104.108.145.75
104.75.88.112
108.128.24.244
13.224.94.113
13.224.94.34
139.162.26.143
143.204.93.55
172.217.16.130
172.217.22.34
184.31.88.106
192.124.249.107
2.18.232.7
2.18.233.201
2.18.235.40
2001:4860:4802:36::36
2001:4de0:ac19::1:b:2b
2600:9000:206f:2200:1f:612c:5a80:93a1
2600:9000:206f:400:f:b7c0:a340:93a1
2600:9000:20e8:5a00:1e:a814:d680:93a1
2600:9000:20e8:ca00:1d:6b27:c980:93a1
2600:9000:2156:ae00:18:757a:bc40:93a1
2600:9000:2190:b800:3:3133:8480:93a1
2600:9000:21f3:6e00:b:3c99:a880:93a1
2606:4700:3030::681f:599c
2606:4700:3033::681b:a611
2606:4700::6811:a755
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:816::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::2001
2a00:1450:4001:821::200a
2a00:1450:4001:824::2010
2a00:1450:400c:c0c::9c
2a02:26f0:10:4b8::26e5
2a03:2880:f01c:8012:face:b00c:0:3
3.85.246.125
34.249.135.160
34.253.109.165
37.157.3.29
46.228.164.13
52.16.29.86
65.9.7.113
78.140.185.32
01805fdfdd37b6640a0c30cdfdb620b707eca4407a8b4ab3c587579be0d1c4d2
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0484703e5b1d013287b2575d4a612fa4e5338ccba8ce1f215dbc0d4324784ec3
0495b786daa29a55066f7f06d3cbe09fd5fa0fd027748fb64e5343f80225f3e3
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
0cfc9c2f77667169b71cccd92a356fd0a40b7e4a273df8d29d3933e649808916
0e3e251601f7a939e140f3c611f38750f7cae5e0c0d8ea945449238886e55274
0f55bd35e0ed8077e232d49e49b8e233f84a8806011f6df376c38cb023fd25f3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
163e0d1a0827b138d2d6e9cf459dc2b75b0e28ec3b0089d43d74ad6c713936ad
1937afc87be16a054fdec63d2e35d89cb1e08efa3fc4b6fe35317f0a5914676a
1c73fd2454168b9d3ba915aeac08bbccd7aff3dcb4b08a29df4916abdd1c5331
1d909dc082ed1458000f25d33667a6d0dbe76388a93dc06f1dbf4d494ac9405d
1f16a49a97bd2d99796d60bfcede2ba87fe7b3dcb769abd22f5b4a5f64d4d4c9
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
2400e55cf3800c3d9791c8b79f3c88263dfc38c0886eb291824b981894e0da74
25f564b484cde5bdc6c01c1d49d6849ebb0ee65854d6250086ca5a0a3e4626bd
2e5dc65356453deba9f807ef430f2d85c724d0030b8814adaf7651043cde72e8
32737b1bce66d2183d49ae0c71feb1b9d268f49fdb40612b1cebdb119c1502ef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378598a269e339d5d77453f970369d71f7bc6403c84f83dee2d475b8bfe958f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
372babe9a423bc48c73277d43a1ce39e02ec0a9daa2c9ffa8a1603215d00b187
3a44aeae2ed87d0d988bafeaa85acc15aa7456448859e41c338b13cc92995b17
3f1419f2525c6b7275eedd3a816adf5012baf7a75e8319b2415e277ecd894dde
3fa09f4cdbdbfb76efd1e5d6b981c1747f8a15826f034292801d1a0d83b3cb56
406d59d0b5c900ec537c56d673eb4698d03f92dce4c515cc07628d00e073d59f
438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34
45b2fe7bd706ab0371812b1013247a4b85e054cfa58154905ccd3bd62af7f592
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
493e20a225afd0c042ce7e72f6d2f7168c470dfa5021e3a616b440b8f5691f88
4a357b7145cf9cb6702a0045e07c898860e18baa0989ca9c5f7460733fe1b1b2
4bed3489cb87663b844517fa77aa2011854222533ba8eb716d31515a723cb619
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f91c70054cc54e0f4b5927ab70db1db275cbe2cec51ea9a79aab0f4c96d3e51
4fe5d7cfb1736c0624169730e0a1430446010b9228f29866dadaf49874d512b7
5919e3039230bcae76ca744c68ab8ed4fb771c6327e1a780113db30306b1d4c0
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5
66f806da8e75cddbf008d6322c929342b37aa1c119370d4edd45c5c2e5728226
68b460bc8b09c1efa570617facdcaee200a87ee9d42bc8d52793f3cc2bf3eab8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71b1a56375c21cf2035ae9747530b59d283bcb6e96f56696df5600f31e64aae7
7350d27f0fdd07b80b79cd8088aac0876797a6dcc0fc5631854762149240f099
7546573935094a263d1cd3b3d2c0709eaa9288debd2b01c07f34fd62881e8743
75cd08b2afcdbfab5b65768fcf8bf8de863b5e53100c86da07989160a3a8075a
78dafd59eecc29afae08db19af418d2dc63be0cb57ca28670bd8aea964dc97d7
7963f27c8649ce9963bc1873cf299c4b92c965f730de752fb2ceb5898add8225
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7a2f959a6483f4dce21caad6e53893b355df42f3c11870b00ce5bf80f9221d7c
7b4637ffaacba2e0aeffb02920c36eab7637bca44cc92e9958993f1f84d96df7
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80efdd910d7eaa64503599b88eff5a652f187000a277e831e346d97dcfa2a079
82afe71a7c1ff5337b021b707348455bdb99418a243ae1e43a972023707454b6
85a30788f5588e50c4662c272b54a70385d134e8002d6271fa5da93453f9699d
87f116b1dfa880b849490966cdfe4716bf9c2b7a04f5b7671fa9840f736bc370
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd3e0361ddd57c944db177aaf940f099421cfa88abf2a91526330a2ade41895
8fb6c27208546bd87cbaa0769365f4aa356000a1650b6ce179120b7458e7d3c6
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9256cecc880b22ae6b325110e8b24d5cc43ad6078e473f06a24aa53f6019b040
9256fc0d41d49dcb3c54049b08652df5ccd95dc7ee3654abba48ab997142df92
9393b934cac9289f016f73e2261e414c65d635b4304cd0ffffb64169189143e6
9634ddc2af07d7a7e0f40feb3a95fc8ad13dcb7f4c76d62ee5b904b3c785ac5e
97455a649402b636fdd112458b908305d64ed9af2701f257442d19876aa54707
981300b3deb6d7fd5e0ef117e8519b649385979c094423dae314e874c6ef9ebf
985a318ad180f54c0c6c5b2b950d8d4486ff8eb165648e576b28f7af14c8da53
98cc52313cb0a503cb05e2b0afa816efd9d389f87553dc5a9d4487fe7ee1c7b3
9d9a56aaee81ad500cc58757aa6e5e7d59c295b94107b39ff9e7975da66796f4
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
9f6ce2d7c9dfacf71e711e203b5ec13ae8d4de9ca0569e159f8917f8d6e59e3a
a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62519f1b9fa81dc1f90fa8ea7af8f0c12749266547730e309daf7e1982c7eb9
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a9b9aad0d9c47057e7dc0b31bde7ab21ff3bac6742727cfc4de4fcc74febfadd
aa3c028a3b46161b978a152d706336da8f0a5eab56aa850b34d348abb39e472f
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae7176987f616dec823a2bd780db5b36d9a841a647ff406d83c5a6907a61b6fe
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e65b8c1dfddc24a85dd204338613a95cb9bd998bcfeea932f8d9e5859a151b
b286af0ddce1e63d4799155d92c4b1a6f73111c75cedff449e503506845d33f6
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7
bf5b56086f66e68940f389d1d4e891aed58df556648dd64f83d51393075263b3
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
c6764ab4d9194607e2f118691a954bc825c79c7ebb12be7bb163dd6f968c9154
cd17ba9120d64bdc8b6bd355e1e3942e54f8e585027b2415d7b4f9d2c0539bb0
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf80e4f21ca236ecec40b47be7c3c2c74be172a8b1502c8bad8a11510cb70c90
d2933a74c2cead9b5ebc22ffeb1e47dbba0dcfb064518f32a1af00d4f24c9152
d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba
e316e21e94db093c25e74a8e510e124fb7f805943fa2f2e5f3738636d70fb191
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4584668cc75dc96ae15443837984efed324e55ecf14eb1965a6a6e6ddaeb923
e4d95dbd77b5de1311630ddd1cf0decc261c2097366c092412e5b00160d5306c
e62b50eb1dd93bc31fa39cbe7b25caaecb28cf372b7925306a5ed520a47f3152
e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ebb0d291ab54b8d639867a97a05e212ed1b4b10ea4f45591720cd65971e4d3e8
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
ee6d03ecd8b721a9804143ace1344f549acfcdb83f3702fe86b2ecea6e1364b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef54049620e6f5c6510cd7d3996a23daa2d5907a6413d398967a1c81659d1b55
efca8d23ba9c7eee9bd178fb58c534d9932879020bcc9725fc1f0c1c586619c8
efd9264760b8efd2eb85c4df77ac6d1d80acb75a0c48acd3248dfa08ae95e697
f08d23afd10a2bc1acf528485e89fbae9c6c48d774287c592f1bcbfcac13cacb
f447ee6a813e5436967120793f69424c882828239af43be217b497667021bc54
f5da43795f729af11cefc529667f1f48264a4b0399bb92669ab7a622fab57976
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
fbeed654f195bb1da904b37b2205d7651b40a90d1a39969dd4d025919d876a73
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
fffacdc62dcfc89db55fd30159d36d65bd7dec9d73871136df6ed8d77cc8148e

saudigazette.com.sa Open in urlscan Pro 192.124.249.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

217 Requests

97 %HTTPS

57 %IPv6

34 Domains

61 Subdomains

47 IPs

9 Countries

4157 kBTransfer

8455 kBSize

6 Cookies

29 Outgoing links

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

saudigazette.com.sa Open in urlscan Pro
192.124.249.107 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

97 %
HTTPS

57 %
IPv6

34
Domains

61
Subdomains

47
IPs

9
Countries

4157 kB
Transfer

8455 kB
Size

6
Cookies

217 HTTP transactions
2 data transactions