www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/%22%20target=%22_blank%22%20title=%22ht...
Effective URL:
https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Submission: On January 11 via api (January 11th 2022, 9:48:22 pm UTC) from US — Scanned from DE

Summary HTTP 150 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 35 domains to perform 150 HTTP transactions. The main IP is 104.20.60.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 56429.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2020. Valid for: 2 years.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	104.20.60.209 104.20.60.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.75.139 172.67.75.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:401... 2a00:1450:4019:80a::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::ac43:dbb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.112 18.66.122.112	16509 (AMAZON-02) (AMAZON-02)
1 15	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	92.122.252.43 92.122.252.43	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:9000:215... 2600:9000:2156:3800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.201.71.192 35.201.71.192	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:231... 2600:9000:2315:7200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.78.253.158 54.78.253.158	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:401... 2a00:1450:4019:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:fa00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1 3	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	34.243.159.23 34.243.159.23	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.68 18.66.97.68	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:2240:4e00:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:401... 2a00:1450:4019:80c::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	3.123.168.197 3.123.168.197	16509 (AMAZON-02) (AMAZON-02)
1	108.128.226.193 108.128.226.193	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
4	54.93.147.121 54.93.147.121	16509 (AMAZON-02) (AMAZON-02)
2	2.21.143.57 2.21.143.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.17.74.22 52.17.74.22	16509 (AMAZON-02) (AMAZON-02)
1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	54.229.115.186 54.229.115.186	16509 (AMAZON-02) (AMAZON-02)
150	49

44 104.20.60.209 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.75.139 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:dbb1 (United States)

ASN13335 (CLOUDFLARENET, US)

id-ransomware.malwarehunterteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-112.fra60.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.252.43 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-43.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:3800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:fa00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.159.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-159-23.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-68.fra56.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:4e00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4019:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.168.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-168-197.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.226.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-226-193.eu-west-1.compute.amazonaws.com

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.93.147.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-147-121.eu-central-1.compute.amazonaws.com

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.74.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-74-22.eu-west-1.compute.amazonaws.com

bc-ssb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.115.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-115-186.eu-west-1.compute.amazonaws.com

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	bleepingcomputer.com 1 redirects www.bleepingcomputer.com — Cisco Umbrella Rank: 56429	182 KB
15	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 2965 cds.connatix.com — Cisco Umbrella Rank: 3049 capi.connatix.com — Cisco Umbrella Rank: 2534 vid.connatix.com — Cisco Umbrella Rank: 3514 img.connatix.com — Cisco Umbrella Rank: 3559	360 KB
8	google.com apis.google.com — Cisco Umbrella Rank: 122 accounts.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 8	134 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2130 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 6184 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10067	269 KB
6	vidible.tv acds.prod.vidible.tv — Cisco Umbrella Rank: 3756 cdn-ssl.vidible.tv — Cisco Umbrella Rank: 4417 trk.vidible.tv — Cisco Umbrella Rank: 2196	111 KB
6	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2701 r.skimresources.com — Cisco Umbrella Rank: 2562 t.skimresources.com — Cisco Umbrella Rank: 2691 p.skimresources.com — Cisco Umbrella Rank: 3521	17 KB
5	springserve.com vid.springserve.com — Cisco Umbrella Rank: 5710 vpaid.springserve.com — Cisco Umbrella Rank: 7671 bc-ssb-dub.springserve.com — Cisco Umbrella Rank: 98772 vid-io-dub.springserve.com — Cisco Umbrella Rank: 39012	91 KB
5	bleepstatic.com www.bleepstatic.com — Cisco Umbrella Rank: 95753	16 KB
4	advertising.com ads.adaptv.advertising.com — Cisco Umbrella Rank: 1034	2 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 427	710 KB
4	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 187 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175	146 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	38 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 124	2 KB
3	malwarehunterteam.com id-ransomware.malwarehunterteam.com	6 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 348 px.moatads.com — Cisco Umbrella Rank: 393	44 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 658	137 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 52317	43 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	84 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 17341 cdn.firstimpression.io — Cisco Umbrella Rank: 17742	100 KB
2	pub.network a.pub.network — Cisco Umbrella Rank: 5832 d.pub.network — Cisco Umbrella Rank: 6080	51 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1693	680 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 448	122 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210	845 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 245	17 KB
1	pghub.io pghub.io — Cisco Umbrella Rank: 1495	4 KB
1	gstatic.com ssl.gstatic.com	5 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 822	345 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 864	10 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1153	3 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 20681	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1229	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	36 KB
150	35

	Domain	Requested by
44	www.bleepingcomputer.com	1 redirects www.bleepingcomputer.com static.cloudflareinsights.com
7	img.connatix.com	www.bleepingcomputer.com
6	apis.google.com	www.bleepingcomputer.com apis.google.com accounts.google.com
5	quantcast.mgr.consensu.org	www.bleepstatic.com quantcast.mgr.consensu.org
5	www.bleepstatic.com	www.bleepingcomputer.com
4	trk.vidible.tv
4	ads.adaptv.advertising.com	vpaid.springserve.com cdn-ssl.vidible.tv
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	capi.connatix.com	cd.connatix.com
3	pagead2.googlesyndication.com	srcdoc
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects a.pub.network www.bleepingcomputer.com
3	id-ransomware.malwarehunterteam.com	www.bleepingcomputer.com
2	static.xx.fbcdn.net	www.facebook.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	vid.springserve.com	cd.connatix.com vpaid.springserve.com
2	tag.escalated.io	ecdn.firstimpression.io tag.escalated.io
2	www.facebook.com	connect.facebook.net
2	p.skimresources.com	www.bleepingcomputer.com
2	t.skimresources.com	www.bleepingcomputer.com s.skimresources.com
2	connect.facebook.net	www.bleepingcomputer.com connect.facebook.net
2	cds.connatix.com	www.bleepingcomputer.com cd.connatix.com
1	vid-io-dub.springserve.com	vpaid.springserve.com
1	match.adsrvr.org	pandg.tapad.com
1	pandg.tapad.com	pghub.io
1	bc-ssb-dub.springserve.com	vpaid.springserve.com
1	px.moatads.com
1	z.moatads.com	cdn-ssl.vidible.tv
1	cdn-ssl.vidible.tv	acds.prod.vidible.tv
1	acds.prod.vidible.tv	www.bleepingcomputer.com
1	hbopenbid.pubmatic.com	vpaid.springserve.com
1	ib.adnxs.com	vpaid.springserve.com
1	vpaid.springserve.com	cd.connatix.com
1	s0.2mdn.net	imasdk.googleapis.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	vid.connatix.com	cd.connatix.com
1	pghub.io	a.pub.network
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	ssl.gstatic.com	accounts.google.com
1	rules.quantcount.com	secure.quantserve.com
1	www.google.com	apis.google.com
1	accounts.google.com	apis.google.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	d.pub.network	a.pub.network
1	widgets.outbrain.com	www.bleepingcomputer.com
1	ad.doubleclick.net	www.bleepingcomputer.com
1	r.skimresources.com	s.skimresources.com
1	cd.connatix.com	1 redirects
1	ecdn.firstimpression.io	www.bleepingcomputer.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	a.pub.network	www.bleepingcomputer.com
1	static.cloudflareinsights.com	www.bleepingcomputer.com
1	s.skimresources.com	www.bleepingcomputer.com
1	www.googletagmanager.com	www.bleepingcomputer.com
150	55

This site contains links to these domains. Also see Links.

Domain
avos2fuj6olp6x36.onion
www.torproject.org
id-ransomware.malwarehunterteam.com
www.patreon.com
id-ransomware.blogspot.com
malwarefixes.com
www.virustotal.com
www.invisionpower.com

Subject Issuer	Validity	Valid
bleepingcomputer.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-16` - `2022-05-15`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
analysis.fi Amazon	`2021-12-04` - `2023-01-01`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2021-03-17` - `2022-04-18`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.escalated.io Go Daddy Secure Certificate Authority - G2	`2021-01-03` - `2022-02-04`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.springserve.com Amazon	`2021-09-27` - `2022-10-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-11-16` - `2022-05-11`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-06`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-12-28` - `2022-06-22`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Frame ID: B8E0A873E49C5F12996CBAEC515DA435
Requests: 100 HTTP requests in this frame

Frame: https://cds.connatix.com/p/144775/connatix.playspace.dc.js
Frame ID: 6A9D1B880BF0EBC97EE2A89B662CDA15
Requests: 10 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5324486003200826
Frame ID: 573282945521091C98BA6067B3D39664
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Frame ID: 31A07485C64BA9978C01F9C6DADAAA16
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Frame ID: E451057E0A431BD3D951CE888D6B6CC1
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 6CD072E499F946DA12C126ED3337F5F2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: E8C3F018B3D471E979D98BF7FF7A19D4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: AD6EC806CEEF931FE218CB4A3C4F937C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: BEA4900ABE6B35A1E072055F2236D3EB
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9C03DC0A16C2B6A247C5697E0328FE78
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9D1C77EE059699201D7AC00CA9181F45
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 04DB69C16551926337E20F60C089088B
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=16329b3f-122b-4320-92d7-1e8a094d87c2&pblob=
Frame ID: 382971DA9E95C7E2625D8EF5962D15E5
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=942111685863795&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2daa739b22b4fc%26domain%3Dwww.bleepingcomputer.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bleepingcomputer.com%252Ffa911becc7f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=150
Frame ID: A5B7DAD5542E027FA550D7F2D9E676DF
Requests: 3 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&owner=P%26G&bp_id=freestar
Frame ID: 8A15599C70CF969BE6586079491F595C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AvosLocker Ransomware (.avos) Support Topic - Ransomware Help & Tech Support

Page URL History Show full URLs

https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/%22%20target=%22_bl... HTTP 301
https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/ Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

script.aculo.us (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

150
Requests

94 %
HTTPS

42 %
IPv6

35
Domains

55
Subdomains

49
IPs

6
Countries

2662 kB
Transfer

9122 kB
Size

11
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://avos2fuj6olp6x36.onion/
Title: http://avos2fuj6olp6x36.onion

Search URL Search Domain Scan URL

URL: https://www.torproject.org/download/
Title: https://www.torproject.org/download/

Search URL Search Domain Scan URL

URL: https://id-ransomware.malwarehunterteam.com/
Title: ID Ransomware

Search URL Search Domain Scan URL

URL: https://www.patreon.com/demonslay335
Title: here

Search URL Search Domain Scan URL

URL: https://id-ransomware.blogspot.com/2016/07/ransomware-list.html
Title: The Digest "Crypto-Ransomware"

Search URL Search Domain Scan URL

URL: https://malwarefixes.com/remove-avoslocker/
Title: https://malwarefixes.com/remove-avoslocker/

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/home/upload
Title: VT

Search URL Search Domain Scan URL

URL: https://id-ransomware.blogspot.com/2021/07/avoslocker-ransomware.html
Title: AvosLocker Ransomware

Search URL Search Domain Scan URL

URL: http://www.invisionpower.com/apps/board/
Title: Community Forum Software by IP.Board

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/%22%20target=%22_blank%22%20title=%22https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/%22%3Ehttps://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/ HTTP 301
https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/144775/connatix.playspace.dc.js

Request Chain 93

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1641937697180&ns_c=windows-1252&cv=3.5&c8=AvosLocker%20Ransomware%20(.avos)%20Support%20Topic%20-%20Ransomware%20Help%20%26%20Tech%20Support&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1641937697180&ns_c=windows-1252&cv=3.5&c8=AvosLocker%20Ransomware%20(.avos)%20Support%20Topic%20-%20Ransomware%20Help%20%26%20Tech%20Support&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&c9=

150 HTTP transactions
-4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Redirect Chain

https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/%22%20target=%22_blank%22%20title=%22https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware...
https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

197 KB
38 KB

717ms
717ms

Document
text/html

104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eeb3829a89d21a2c0e9b954799f235f75241ca089137b88602721a259d4b616

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-type: text/html;charset=ISO-8859-1
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Mon, 10 Jan 2022 21:48:16 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cc159261b2e54b8-MAN
content-encoding: br

Redirect headers

date: Tue, 11 Jan 2022 21:48:15 GMT
content-type: text/html;charset=ISO-8859-1
location: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Mon, 10 Jan 2022 21:48:15 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cc159232e9a54b8-MAN

GET
H2 200 prettify.css
www.bleepingcomputer.com/forums/public/style_css/ 1 KB
601 B 39ms
39ms Stylesheet
text/css 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/style_css/prettify.css?ipbv=69e371100a4862c80dab2ec4c9612358

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd753d445592a633d4e3b8f74fe6e4ca85ab95a1f0b2fc00f11afeaaeed8194

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 981
cf-polished: origSize=2207
last-modified: Wed, 29 May 2013 16:10:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"89f-4dddda0323b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592aab5a54b8-MAN
cf-bgj: minify

GET
H2 200 prototype.js Show response
www.bleepingcomputer.com/forums/public/js/3rd_party/ 134 KB
36 KB 40ms
40ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/3rd_party/prototype.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a0ed3ea5aebdf80781e96b0e677656f9db72ea592b679299953852fef84b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2625
cf-polished: origSize=180829
last-modified: Wed, 29 May 2013 16:10:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2c25d-4dddd9fb82900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592aab5b54b8-MAN
cf-bgj: minify

GET
H2 200 ipb.js Show response
www.bleepingcomputer.com/forums/public/js/ 81 KB
21 KB 45ms
45ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=69e371100a4862c80dab2ec4c9612358&load=quickpm,hovercard,sharelinks,topic,like

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d813e6becda7ebe8b6bf1a54e7b83aa2a2551dc41bf4f07877834984a293958e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 981
cf-polished: origSize=128896
last-modified: Sun, 15 Nov 2020 20:33:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1f780-5b42b2d2db890-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592aab5e54b8-MAN
cf-bgj: minify

GET
H2 200 scriptaculous-cache.js Show response
www.bleepingcomputer.com/forums/public/js/3rd_party/scriptaculous/ 55 KB
14 KB 44ms
44ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/3rd_party/scriptaculous/scriptaculous-cache.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a10fb2699752353ba3f55bdb022589d690843ebbbf9f3b80789f2a57010475e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 981
cf-polished: origSize=79650
last-modified: Mon, 16 Nov 2020 16:14:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"13722-5b43baa8f0d38-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592aab6054b8-MAN
cf-bgj: minify

GET
H2 200 ipb.lang.js Show response
www.bleepingcomputer.com/forums/cache/lang_cache/1/ 28 KB
8 KB 68ms
68ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/cache/lang_cache/1/ipb.lang.js?nck=4b93cd7f1f76df9c2c1783aae5cc39b1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebbdc09f56e8b9cba9117f0d84b4903fdc89508496a9b5d5b8d6bf59ff13ebbf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 981
cf-polished: origSize=30126
last-modified: Sun, 15 Nov 2020 20:48:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"75ae-5b42b61fceb0a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592aab6154b8-MAN
cf-bgj: minify

GET
H2 200 qc-consent.js Show response
www.bleepstatic.com/js/qc-consent/ 2 KB
1 KB 111ms
38ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d4e8c1043164607dcdeb358e2a08c9565fe286ceeeabea79e67f8c680187e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 913
cf-polished: origSize=3904
last-modified: Mon, 05 Oct 2020 20:38:13 GMT
server: cloudflare
etag: W/"2345400546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg9fqnqgPrs8rQkc%2FBR56cMdPG3m3qxU3s9Y7%2BEaLtUJz4h1R%2FMAIIkAPAZBUCpLf9YC0oVvpWpN8mkBO6nVbnwUMWrgy1t0QfdpqMEz%2Bu%2F3Q3nvSHV%2Buwy%2FLOZaW6RnGcCxpug%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 28 May 2021 05:33:31 GMT
cache-control: max-age=3024000
cf-ray: 6cc1592bec60e597-MAN
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 604ms
249ms Script
application/javascript 2a00:1450:4019:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40aee4def6f2c1c3e46ddf1637b4132ddf7aed7394bed07ced7151481cb8ff60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36672
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jan 2022 21:48:17 GMT

GET
H2 200 twitter.png
www.bleepingcomputer.com/forums/public/style_images/master/loginmethods/ 575 B
705 B 46ms
40ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/loginmethods/twitter.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe9d30276e3d66a71219ad2b0ed5a9663020a5c534557dd0f5c8ba71da4ebd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 47898
cf-polished: status=not_needed
content-length: 575
last-modified: Mon, 03 May 2010 23:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "23f-485b90722ae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Thu, 10 Feb 2022 08:29:58 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d5c54b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 forum-logo.png
www.bleepstatic.com/logo/ 5 KB
5 KB 107ms
35ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/logo/forum-logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e5a1148e6ba00dec0218671857bc04820e1a4628a6de00a659ece715a6ed2f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061
cf-polished: origFmt=png, origSize=9361
content-disposition: inline; filename="forum-logo.webp"
content-length: 4656
last-modified: Fri, 26 Nov 2010 18:53:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaFcUgs%2FHgqS%2BWbmLRavOCEn%2BzdKqwERE9qYHJ21ELI3xjDRQMisyM3bIWxF9Fm2Y3F8mqUOLGj7skLTcU3N5TRg4hvTslzDcKh19j8U2rMbJQ5ZGpuORl%2FUZTqTo65TDWjlVyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 Jan 2022 21:48:41 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cc1592bec5de597-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 useropts_arrow.png
www.bleepingcomputer.com/forums/public/style_images/master/ 81 B
222 B 46ms
40ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/useropts_arrow.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7451690fed2a104bf6ff86e5ab0b3a7d8393d26a859a4bad6ba81b1d7aa339d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2036675
cf-polished: origSize=129, status=vary_header_present
content-length: 81
last-modified: Mon, 03 May 2010 23:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "81-485b90722ae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:03:41 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d5f54b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 default_large.png
www.bleepingcomputer.com/forums/public/style_images/master/profile/ 2 KB
3 KB 43ms
37ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/profile/default_large.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f7ad438c88cd0653af6066d4c148e00824961112a865f9611e258b9f3cc0981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2039635
cf-polished: origSize=2589, status=vary_header_present
content-length: 2456
last-modified: Wed, 09 Mar 2011 20:59:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a1d-49e13027a9d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 07:14:21 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d6154b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 icon_share.png
www.bleepingcomputer.com/forums/public/style_images/master/ 188 B
551 B 43ms
36ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/icon_share.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1832b7da0292ab076dfe046f8b1c2d5fcfd1bfb5628b7e21a3754a20308aa57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 579548
cf-polished: origSize=1201, status=vary_header_present
content-length: 188
last-modified: Fri, 12 Oct 2012 09:31:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "4b1-4cbd95ac45280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 04:49:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d6254b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 post_top.png
www.bleepstatic.com/skin_images/bc/ 226 B
608 B 109ms
37ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/skin_images/bc/post_top.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efc6361ebe5a559578c83bf197d5407b7f6bf44f74d35c4ee8eb22c810fb34a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 531705
cf-polished: origFmt=png, origSize=3076
content-disposition: inline; filename="post_top.webp"
content-length: 226
last-modified: Wed, 09 Jun 2010 03:08:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gdoKhZmT3eUEHX58dkQomJ5AHGo69cMHqLgZ4NMYcTbqA4%2FfFBbPmHmG7u%2BA9QSaKm5gGNPsIw7XMdD36pqod3LnMTfqwSpND38mcQgkvqRgFO%2FWJKcLPhIFN74fVRnC%2BrN5P8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 04 Feb 2022 18:06:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cc1592bec5fe597-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 bot.jpg
www.bleepstatic.com/images/site/forum/bots/ 934 B
1 KB 107ms
36ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/forum/bots/bot.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e2dfceaeeb7e8b933fa7fe96048fac66ad3fab6ab270b8e4a28ce02c1b73ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061
cf-polished: qual=85, origFmt=jpeg, origSize=1566
content-disposition: inline; filename="bot.webp"
content-length: 934
last-modified: Tue, 20 Oct 2009 04:08:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPcKD0kbm3UrYdUdbI2tlFm2c%2BucE7Ixx2Imugkj9ix9fza9Cg9sBzn77%2BEHisFzZcEAOK20ruq4LVH4nvZYeyqGZ%2BMB94rHUvGPLFBfK27XmHT9qGte%2BgJODjwW6aBWVeLGCwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 18:56:15 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cc1592bec61e597-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 photo-thumb-726225.jpg
www.bleepingcomputer.com/forums/uploads/profile/ 3 KB
3 KB 45ms
40ms Image
image/jpeg 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/uploads/profile/photo-thumb-726225.jpg?_r=1415840014

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f3bcb19c0bd5c65610479456e6725269fff54283881bdee75052d68e6c8def

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 130080
cf-polished: degrade=85, origSize=3431, status=vary_header_present
content-length: 3212
last-modified: Thu, 13 Nov 2014 00:53:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d67-507b2f117df80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
expires: Wed, 09 Feb 2022 09:40:16 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d6554b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 logo-25.png
id-ransomware.malwarehunterteam.com/assets/images/ 1 KB
2 KB 102ms
31ms Image
image/png 2606:4700:3036::ac43:dbb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id-ransomware.malwarehunterteam.com/assets/images/logo-25.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:dbb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11e31e4a1d2b7528c066ca3c849a95e53a53538440a5d72c18bf9f9ee84ce9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1372
last-modified: Fri, 08 Apr 2016 23:33:13 GMT
server: cloudflare
etag: "57083fb9-55c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtDSvlmmz5BttHASfdAnWy1eY%2FxEM3c8No3TKs6pjGT8NHWiy0F%2F%2BxBjRmvhD1%2FDiLSgRj08o3A9sca3tGLyVBOCBVuAK4tqD%2FcnCAKvYxdgB317bw9NP0aiOvGgitRW6MR0XNPpHXg6Nomq7UfAX04SR8UhLrBciMlp%2Fe9PrH94Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 6cc1592bea280f72-MXP

GET
H2 200 ransomnotecleaner-25.png
id-ransomware.malwarehunterteam.com/assets/images/ 2 KB
2 KB 377ms
306ms Image
image/png 2606:4700:3036::ac43:dbb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id-ransomware.malwarehunterteam.com/assets/images/ransomnotecleaner-25.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:dbb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40af293c9cbabf1f038c524c4270a81353bba3a28854475d9002ce14a2f9abc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: MISS
last-modified: Thu, 12 May 2016 22:51:24 GMT
server: cloudflare
etag: "573508ec-728"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDo4HtxOvVxVxYCBbZtkGdR5BZ3F7BgRuWIpQ4oSjsPoq3f5jDnWwfU5i6SBLKxADA5Xqbv5KSOtvg72pnY1C5OOIlyvMjHLBxBVJkOp2GOdNjxsi%2BbWqMgdmC%2B5GAcw05HKp2diMPSoP%2FDK7irYIZupoStbV8k9SYHfnDKdooKLLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc1592bea2b0f72-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1832

GET
H2 200 cryptosearch-25.png
id-ransomware.malwarehunterteam.com/assets/images/ 1 KB
2 KB 389ms
317ms Image
image/png 2606:4700:3036::ac43:dbb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id-ransomware.malwarehunterteam.com/assets/images/cryptosearch-25.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:dbb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c7b602cdbc698beb37421e105d80875a420901cb423183e52af8d1a92f4df85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Jan 2017 01:23:43 GMT
server: cloudflare
etag: "587acf1f-4d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28UZNPupiY8yfH6i1hhe2ZGh%2BXCbLW3XZy%2B%2BcZQ26vUV9wMyYhLfabs24nva0GIrPG45ulrkU52LTxLw%2FK66cZBTGobv4QfLiqdyjuZVZhcniCqE7cbykjgB6yeYEVX6jaSXQaxOoYitGyPoytCFiMLIDhALcshTQ63TWc6qyKGaXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc1592bea2c0f72-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1235

GET
H2 200 photo-thumb-998576.png
www.bleepingcomputer.com/forums/uploads/profile/ 20 KB
21 KB 47ms
42ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/uploads/profile/photo-thumb-998576.png?_r=1608916358

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05be6df055c8b5772076297b0505b0a6f10463bec1c3482892bb6bb1c8326f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 92589
cf-polished: origSize=20876, status=vary_header_present
content-length: 20843
last-modified: Fri, 25 Dec 2020 17:12:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "518c-5b74d080a99fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Wed, 09 Feb 2022 20:05:07 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d6854b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 txt.gif
www.bleepingcomputer.com/forums/public/style_extra/mime_types/ 203 B
331 B 48ms
43ms Image
image/gif 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/mime_types/txt.gif

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e6b6895ab9c1fab302d73906ec3259ac826ffc4a3ae743412bf8a096a33054

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2028009
cf-polished: status=not_needed
content-length: 203
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "cb-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
expires: Tue, 18 Jan 2022 10:28:07 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d6a54b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 zip.gif
www.bleepingcomputer.com/forums/public/style_extra/mime_types/ 203 B
499 B 47ms
42ms Image
image/gif 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/mime_types/zip.gif

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e117519c37cdc87cdba16b48751246d55d422b79e368c6a546f493fee3d7df82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 1998535
cf-polished: status=not_needed
content-length: 203
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "cb-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
expires: Tue, 18 Jan 2022 18:39:21 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d6c54b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 twitter.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 575 B
739 B 43ms
39ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/twitter.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe9d30276e3d66a71219ad2b0ed5a9663020a5c534557dd0f5c8ba71da4ebd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 586277
cf-polished: status=not_needed
content-length: 575
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "23f-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 02:56:59 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d6e54b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 56ms
35ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcead9ad6bdb0547253732ff49bfebe4439e39f9eab3e0ffe5c0fc251afc2779

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FmcdVkmKbCz3M+UgD4svmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "c869e4d8638f95e82d40623cd1a12ee3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-FmcdVkmKbCz3M+UgD4svmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 11 Jan 2022 21:48:16 GMT

GET
H2 200 digg.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 357 B
471 B 45ms
40ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/digg.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f33585b10bb5487bd6c92f53018de62cb147ab48b829334b7f97437015aae557

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2036675
cf-polished: origSize=431, status=vary_header_present
content-length: 357
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1af-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:03:41 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592b8d7254b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 delicious.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 305 B
470 B 71ms
67ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/delicious.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b9f912b0e7a50c12745f52ec2848dce5b779369999c6d35e6c297c713ce53d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 579548
cf-polished: origSize=308, status=vary_header_present
content-length: 305
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "134-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 04:49:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe0254b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 reddit.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 611 B
747 B 77ms
73ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/reddit.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9019adc6ec44d2cd4f38c97b8319b0ae8da8f03b3bd646d4f86707f23f8935a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 579548
cf-polished: origSize=614, status=vary_header_present
content-length: 611
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "266-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 04:49:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe0754b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 stumble.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 458 B
586 B 78ms
74ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/stumble.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e2a136c594c939d55752e9abb70e6cc550b10bc3bc350c0d46d23d5947c20d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2036675
cf-polished: origSize=519, status=vary_header_present
content-length: 458
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "207-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:03:41 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe0854b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 email.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 481 B
633 B 91ms
87ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/email.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

453d30f69cc2a6f3013254a0faed039d49cf9c5b004d5482fb5365e99702c149

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2036675
cf-polished: origSize=530, status=vary_header_present
content-length: 481
last-modified: Thu, 04 Feb 2010 11:47:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "212-47ec4e74b3c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:03:41 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe0a54b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 print.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 268 B
588 B 77ms
73ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/print.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aeb9f7542993c71c548ac254766824ef86c68f0d6fa13f293bd016b9cfc9dc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2176806
cf-polished: origSize=409, status=vary_header_present
content-length: 268
last-modified: Fri, 30 Apr 2010 22:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "199-4857b96a96c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Sun, 16 Jan 2022 17:08:10 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe0c54b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 download.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 646 B
781 B 77ms
73ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/download.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386f87a6e6fcb89c6b046f988d18def949d1cc1f6a9fa4177858aa11da7a5bda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2036675
cf-polished: status=not_needed
content-length: 646
last-modified: Fri, 12 Feb 2010 14:33:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "286-47f6828485d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:03:41 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe0d54b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 prettify.js Show response
www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/ 14 KB
7 KB 39ms
39ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/prettify.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b937537ed7f13e70dc6a69b6e9b308237cd369e11fa2a2b97a24d97d8487673e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=14551
last-modified: Wed, 29 May 2013 16:10:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"38d7-4dddda0323b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b2c3454b8-MAN
cf-bgj: minify

GET
H2 200 lang-sql.js Show response
www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/ 2 KB
1 KB 45ms
45ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/lang-sql.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770cb6f8747e90dad261e049dfa5cf42e622dac61bcbc86ecb0a8c134228eb91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=1802
last-modified: Wed, 29 May 2013 16:10:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"70a-4dddda0323b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b7d3454b8-MAN
cf-bgj: minify

GET
H2 200 top.png
www.bleepingcomputer.com/forums/public/style_images/master/ 145 B
281 B 76ms
72ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/top.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db311c11353d5628e6e28d260bca9b8935b23440964d7c6bc4914edcda08472a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 579548
cf-polished: origSize=207, status=vary_header_present
content-length: 145
last-modified: Thu, 09 Jun 2011 17:25:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "cf-4a54abe32b600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 04:49:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe0f54b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 feed.png
www.bleepingcomputer.com/forums/public/style_images/master/ 680 B
786 B 72ms
69ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/feed.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9320021507b35e189d2190eea673cbc21f7d368f6ecbfb5dc89d773a28cd015d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2036675
cf-polished: status=not_needed
content-length: 680
last-modified: Mon, 03 May 2010 23:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2a8-485b90722ae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:03:41 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe1154b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 lightbox.js Show response
www.bleepingcomputer.com/forums/public/js/3rd_party/ 9 KB
3 KB 48ms
43ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/3rd_party/lightbox.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9faebe5bdb9528f36d1ec5713865681bf10c7c0d1fa1b8224fc57982f45ed788

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=10227
last-modified: Sun, 15 Nov 2020 22:30:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"27f3-5b42ccd71fd03-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b7d5254b8-MAN
cf-bgj: minify

GET
H2 200 3687X620620.skimlinks.js Show response
s.skimresources.com/js/ 41 KB
15 KB 66ms
10ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/3687X620620.skimlinks.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89a09b60a60ec0e04208b6170ab7d45606ec43b2229747a04ec7976c07173785

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:36:33 GMT
server: AmazonS3
x-amz-request-id: V6YF3TGNZVSJFMZ7
etag: "e936df7b4254e4cc3c977a9a690a5e41"
x-hw: 1641937696.cds144.fr8.hn,1641937696.cds284.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 15470
x-amz-id-2: IbcVBKNEFvlnHek6zpyYFpc7CXf3/TM/gxa0S9tpZ6Ss7Ml9JMOdWpIjdnEUDaReOlrrSq/knII=

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 126ms
73ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6cc1592bcc4a83a9-MXP

GET
H2 200 ips.quickpm.js Show response
www.bleepingcomputer.com/forums/public/js/ 5 KB
2 KB 41ms
41ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/ips.quickpm.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=69e371100a4862c80dab2ec4c9612358&load=quickpm,hovercard,sharelinks,topic,like

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f34544ddb27241b3eccb8e06d7447230005e8718b463a30d9dd83d1e8bada1a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=7306
last-modified: Wed, 29 May 2013 16:10:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1c8a-4dddda0323b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b2c3754b8-MAN
cf-bgj: minify

GET
H2 200 ips.hovercard.js Show response
www.bleepingcomputer.com/forums/public/js/ 7 KB
2 KB 42ms
42ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/ips.hovercard.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=69e371100a4862c80dab2ec4c9612358&load=quickpm,hovercard,sharelinks,topic,like

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e3b8f6c06d2d74cc294ee6439e67b08890587be0081249a158469ace2eaeaaf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=12576
last-modified: Wed, 29 May 2013 16:10:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3120-4dddda0323b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b2c3954b8-MAN
cf-bgj: minify

GET
H2 200 ips.sharelinks.js Show response
www.bleepingcomputer.com/forums/public/js/ 4 KB
1 KB 36ms
36ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/ips.sharelinks.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=69e371100a4862c80dab2ec4c9612358&load=quickpm,hovercard,sharelinks,topic,like

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f1e90548e911e24dedcb2ca0ffee6847a49a8648e9c615bcd0582bb7c7993fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=5869
last-modified: Wed, 29 May 2013 16:10:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"16ed-4dddd9fb82900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b2c3a54b8-MAN
cf-bgj: minify

GET
H2 200 ips.topic.js Show response
www.bleepingcomputer.com/forums/public/js/ 28 KB
7 KB 40ms
40ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/ips.topic.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=69e371100a4862c80dab2ec4c9612358&load=quickpm,hovercard,sharelinks,topic,like

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51f645170637f10f3eba218020318af3fff3ad8e7087db87ef607896f19a940

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=45653
last-modified: Tue, 29 Dec 2015 18:39:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b255-5280dbeb879c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b2c3b54b8-MAN
cf-bgj: minify

GET
H2 200 ips.like.js Show response
www.bleepingcomputer.com/forums/public/js/ 4 KB
1 KB 37ms
36ms Script
application/javascript 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/js/ips.like.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=69e371100a4862c80dab2ec4c9612358&load=quickpm,hovercard,sharelinks,topic,like

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf50c94253085740a5cce42e9c14f7b897cfc384303b38a5d9d7a0ab8ea5160f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=6287
last-modified: Wed, 29 May 2013 16:10:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"188f-4dddd9fb82900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592b2c3c54b8-MAN
cf-bgj: minify

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 118 KB
45 KB 83ms
32ms Script
application/javascript 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f8fa6db9c3c995edd6a33d7fd77f9dbebd342b41650d61a51c5ceae1c712b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=BzUlGg==, md5=g+w49DO2JUlgqm/GY90NGQ==
date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1053816
x-guploader-uploadid: ADPycds3KAkGTLn99roST2cJdDmpTqKX3s6X-_E9gLU2DGU3d78K-KKkf4ZVBmESz99WHmA3IMMlDggZqTDhPKHynA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 30 Dec 2021 17:04:11 GMT
server: cloudflare
etag: W/"83ec38f433b6254960aa6fc663dd0d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3o%2BYQBOheV6MRgcxmf6Met6JvPrD1r0Aja%2FVKSa%2B%2F7%2Fd%2FagVYPa09qmYt9nqfHPgNep2BCRyT6S3AOlHQWXoKDlkoXfXEys26NPF4mf7yufHoKF6J6Ac8jpJ3zAj0HmCCk7qIvGEjdd5PVQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1640883851137196
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 120881
cf-ray: 6cc1592c1bbb375c-MXP
expires: Thu, 30 Dec 2021 17:05:40 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 31ms
9ms Script
application/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:37:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 20:35:49 GMT
server: nginx/1.18.0
age: 673
etag: W/"61ddea25-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9DPcNWHAhSuvKMVHfQxw_jNuJVoVzJ7DuOP8wxvy8afYo39ABJ3zdQ==
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
expires: Tue, 11 Jan 2022 22:37:03 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 26ms
8ms Script
application/javascript 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-112.fra60.r.cloudfront.net

Software

nginx/1.18.0 / PHP/7.3.23

Resource Hash

586803c80f33b0b6660ddeaece4354cfb8bb4bb4bd53f44eae03fb25cbee870d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:36:46 GMT
content-encoding: br
age: 690
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
x-xss-protection: 0
access-control-allow-origin: *
last-modified: Tue, 11 Jan 2022 21:36:46 UTC
server: nginx/1.18.0
etag: W/"17c55d55f9facb07d9815b91fd22b5f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 8wVJd17OzjZFd298ObBJe32blPV0pwmPo-CuCqr1ItyUKRcrbdys4Q==
expires: Tue, 11 Jan 2022 22:36:46 GMT

GET
H2 200 ipb_print.css
www.bleepingcomputer.com/forums/public/style_css/css_7/ 3 KB
1 KB 72ms
69ms Stylesheet
text/css 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/forums/public/style_css/css_7/ipb_print.css

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd8236978dd3f165bc49566f78c460e3937e552df38787439c1ef2797c4c709

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 980
cf-polished: origSize=3158
last-modified: Mon, 16 Nov 2020 21:40:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c56-5b4403b241acc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=18000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6cc1592bbe1454b8-MAN
cf-bgj: minify

GET
H2 200 user_navigation.png
www.bleepingcomputer.com/forums/public/style_images/master/ 189 B
302 B 75ms
72ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/user_navigation.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6274abac1820c8bd99f826cf35a60aeaa56b962500486acc5665f98005031e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 586279
cf-polished: origSize=282, status=vary_header_present
content-length: 189
last-modified: Tue, 01 Mar 2011 13:54:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11a-49d6c2153a000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 02:56:57 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe1354b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 advanced_search.png
www.bleepingcomputer.com/forums/public/style_images/master/ 261 B
376 B 75ms
73ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/advanced_search.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14dcce7abfc690cecd57a737a8af6fd712c2b7fec668b772d9f014f6ded77ef8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 579548
cf-polished: origSize=293, status=vary_header_present
content-length: 261
last-modified: Mon, 03 May 2010 23:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "125-485b90722ae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 04:49:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe1554b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 search_icon.png
www.bleepingcomputer.com/forums/public/style_images/master/ 202 B
391 B 75ms
74ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/search_icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51f20d95dad9ea1473e4f877b5f7a7d8bcd589f1f989b8875ffddd83ae716a21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2407808
cf-polished: origSize=223, status=vary_header_present
content-length: 202
last-modified: Mon, 03 May 2010 23:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "df-485b90722ae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 14 Jan 2022 00:58:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe1654b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 icon_quicknav.png
www.bleepingcomputer.com/forums/public/style_images/master/ 489 B
653 B 68ms
67ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/icon_quicknav.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1731db9016f326daff11d0045c86fd068ec9e72cc4c6ec56a7c856a3a3d28c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 586279
cf-polished: status=not_needed
content-length: 489
last-modified: Fri, 01 Jul 2011 10:17:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1e9-4a6ff53f0bd80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 02:56:57 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe1754b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 maintitle.png
www.bleepingcomputer.com/forums/public/style_images/master/ 192 B
328 B 40ms
40ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/maintitle.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a2c5bd701224851deca6029998517a35d091922217a90241fd0c7f244e8f11

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 579548
cf-polished: origSize=295, status=vary_header_present
content-length: 192
last-modified: Tue, 01 Mar 2011 13:54:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "127-49d6c2153a000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Fri, 04 Feb 2022 04:49:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bbe1854b8-MAN
cf-bgj: imgq:85,h2pri

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/144775/ Frame 6A9D
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/144775/connatix.playspace.dc.js

1 MB
245 KB

19ms
18ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/144775/connatix.playspace.dc.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7289709ae46707bed0ee806280f219e63afaa5602ca8f1d5dd88a5b22b9c9010

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 10:54:35 GMT
age: 125489
etag: "65b40917a9105557c00c3b02f0539e01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 250323

Redirect headers

location: https://cds.connatix.com/p/144775/connatix.playspace.dc.js
date: Tue, 11 Jan 2022 21:48:16 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 29ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fb8da6b88a38c8151e5490d19f7de0ea26fd5b787f51822d153eacc109d5ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TFT4G+lAemRVbc+A3xzd9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: r7QzvKZ0J3aBG6xXtXPgYDxEOAzaCoDjsX/D1GpDgq9XxIOcbPpnKmzBBmkbXYX9kY/TmgW1zV41dK7DB0Gcfw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 06991519b6f9bb063eabf4114f4e7fce
x-frame-options: DENY
date: Tue, 11 Jan 2022 21:48:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b0923a06a28342b3659c268022faa07a"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 11 Jan 2022 21:58:05 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 148 KB
51 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587bbca8ef040bd81781b196ab4f32e75b2d88200c76caa1cebd1d71841708bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51840
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 19:28:27 GMT

GET
H2 200 icon_warning.png
www.bleepingcomputer.com/forums/public/style_images/master/ 268 B
430 B 40ms
40ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/icon_warning.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5028e223096a25034d4d95863f89374a4b205e86354c5e4461e00272e7fab4d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2035935
cf-polished: origSize=408, status=vary_header_present
content-length: 268
last-modified: Wed, 20 Apr 2011 21:00:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "198-4a15fea6fc080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:16:01 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592bfe9554b8-MAN
cf-bgj: imgq:100,h2pri

POST
H2 200 / Show response
r.skimresources.com/api/ 177 B
359 B 57ms
15ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/3687X620620.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

2f3a385e75367a3874df952922b3af528bca486eba047ee441ca037f1c9f685a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 5732 0
102 B 58ms
18ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5324486003200826
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 78ms
14ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=9.072789495195593
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 72ms
14ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=9.072789495195593
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 29ms
6ms Image
image/x-icon 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 10:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Jan 2022 10:57:11 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 57ms
14ms Image
image/svg+xml 92.122.252.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.43 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 10 Feb 2022 21:48:16 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/ 5 KB
2 KB 31ms
9ms Script
application/javascript 2600:9000:2156:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/choice.js
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5ad4fb0d40625889969083053d32ab1191e66c11bb4aebfde2643954c0f5673

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 11 Jan 2022 21:47:24 GMT
content-encoding: br
last-modified: Wed, 10 Feb 2021 21:51:23 GMT
server: AmazonS3
age: 95
etag: W/"2a272bfedaf02360b78846550b427698"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RKrWHPpaFgAxfL4bkXqZIP83r0vH49zyHCtFktxq4fP88ARejT1zyg==

GET
H2 200 snapback.png
www.bleepingcomputer.com/forums/public/style_images/master/ 221 B
386 B 35ms
34ms Image
image/png 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/snapback.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91fde7db8e3812710dc53a9112678498279bbe017ae00b73f057e73e90189c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2033600
cf-polished: origSize=320, status=vary_header_present
content-length: 221
last-modified: Mon, 03 May 2010 23:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "140-485b90722ae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Tue, 18 Jan 2022 08:54:56 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592c8f9354b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 loading.gif
www.bleepingcomputer.com/forums/public/style_images/master/lightbox/ 2 KB
2 KB 42ms
41ms Image
image/gif 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/lightbox/loading.gif

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61da0a4638505960ec52709b7df80d92683c56e13042079daf5f082fc9548d5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2036673
cf-polished: origSize=2767, status=vary_header_present
content-length: 1588
last-modified: Thu, 18 Dec 2008 14:27:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "acf-45e52fc88de00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
expires: Tue, 18 Jan 2022 08:03:43 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592c8f9554b8-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 closelabel.gif
www.bleepingcomputer.com/forums/public/style_images/master/lightbox/ 471 B
599 B 34ms
34ms Image
image/gif 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bleepingcomputer.com/forums/public/style_images/master/lightbox/closelabel.gif

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e89beb7d66ef7d5e58dfcefd22a51e1a8ae452a49bc20d020418cf2b6c666d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
cf-cache-status: HIT
age: 2407807
cf-polished: origSize=483, status=vary_header_present
content-length: 471
last-modified: Mon, 03 May 2010 23:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1e3-485b90722ae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
expires: Fri, 14 Jan 2022 00:58:08 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6cc1592c8f9654b8-MAN
cf-bgj: imgq:85,h2pri

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 96 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b658ea546cb870312fdae60b81aad7b6497e19340962b104a86990f2a62b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33920
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 19:55:44 GMT

GET
H3 404 fastbutton Show response
apis.google.com/u/0/se/0/_/+1/ Frame 31A0 2 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Requested by: Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1585
date: Tue, 11 Jan 2022 21:48:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=3fd9674c71de0874c24bc05169d5f9a7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfeeb6ccbb4ed22616faa7a705e8ee45cc4942feaee699ccd2ad421f7e4a8b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tBsIxL2Ms+XsVSijThCilA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83526
x-fb-rlafr: 0
x-fb-debug: Cy0LQ4V6dfu0Tlw/QLKEL2WjKIloqjPGeZDKWSf5+TXSnjowcprfeX7CG5VegzvkXJHrP97+aOZxlumC2tTI1g==
x-fb-content-md5: 2740a5f4e7163f47eaa22fe84627048c
x-frame-options: DENY
date: Tue, 11 Jan 2022 21:48:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6a6b7ce7006de21e27780baee816d9ac"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 20:07:38 GMT

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
346 B 16ms
16ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/3687X620620.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 21:48:16 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H2 200 init Show response
d.pub.network/v2/ 63 KB
6 KB 139ms
122ms XHR
application/json 35.201.71.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/init?siteId=535&env=PROD
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.71.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 153b32597d4a71920b51fcb362e0e3df7cb2a4426ae5b3f5f3ed8432004aefe1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 39 KB
8 KB 55ms
49ms XHR
application/json 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&charset=windows-1252&ch=21&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=60109035
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-112.fra60.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 3afbbf882bdecc90b8dc8f0d0549daf6f1558c9efcd8b93bfa40d90c0c29d995

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P2
x-powered-by: PHP/7.3.23
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://www.bleepingcomputer.com
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/json; charset=windows-1252
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 3Tzs4LvmqZsXWhzizrDotnu3AM5TevdzArynfCTizO3n2IEtxHAfJA==
expires: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 28ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 18 Jan 2022 21:48:16 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 10ms
9ms Script
text/javascript 2600:9000:2156:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:47:46 GMT
content-encoding: br
age: 58
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:37 GMT
server: AmazonS3
etag: W/"1d55b13d85c9837da884d1e8594cc025"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LDEYwOB15Johuzi7RSYiNzsP7a27QCpdYf5kTvbxcjKckKWj97EWaA==

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame E451 566 B
858 B 43ms
19ms Document
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20f3f071ba5d3d01fbde346d00b98b0f1a0b6efc65c1e560eb1dc97c2d57fcae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KcOUCtuTZAlZUc6ORhOR2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Jan 2022 21:48:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-KcOUCtuTZAlZUc6ORhOR2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 31A0 3 KB
4 KB 38ms
15ms Image
image/png 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 11 Jan 2022 21:48:16 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 115ms
101ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=942111685863795&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3fd9674c71de0874c24bc05169d5f9a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: roHKKD2AOmKM+ji3BARE+JsnbpoiXrfTKuFXbPpX1kFE8k05dVAk8R+z5MNt+vNyn6a1hefw3jZkpUMk9CbkIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 11 Jan 2022 21:48:16 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
37 KB 26ms
9ms XHR
application/json 2600:9000:2156:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 027676eca49ffe2ee0b1e8181e64d4845cb710d6f88d345ebe581e613a8634cb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 03:01:39 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 67598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 11 Jan 2022 03:01:37 GMT
server: AmazonS3
etag: W/"966c89f030adf695e8e9e0c5554977f6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lZySzrtbvbFDkZ4jUIFt5MZyWJMxxEGcCU4FlWJ0EhDP5nd99GRC4g==

GET
H2 200 rules-p-sktb670LZWvFX.js Show response
rules.quantcount.com/ 2 B
345 B 33ms
10ms Script
application/javascript 2600:9000:2315:7200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-sktb670LZWvFX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:21:06 GMT
via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
server: AmazonS3
age: 1630
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P2
content-length: 2
x-amz-cf-id: 4OcnzEyGFAyq2J4U9BDNZYrUiL_tpIRt1McjY048FabQTydAywab7A==

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 112 KB
43 KB 263ms
39ms Script
text/javascript 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5f21621d88466412dcfaede8f939764baeefc127da15b1f9c26875645fb779ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 21:48:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Jan 2022 21:56:41 GMT
Server: Apache
ETag: "1be2f-5d541695f5840"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache, max-age=0
Connection: close
Accept-Ranges: bytes
Content-Length: 43649
X-XSS-Protection: 1; mode=block

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/144775/ 96 KB
13 KB 17ms
17ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/144775/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 10:54:35 GMT
age: 125489
etag: "9c60cef97473b19be4f331527d232d62"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13487

GET
H2 200 3087399934-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame E451 10 KB
5 KB 487ms
118ms Script
text/javascript 2a00:1450:4019:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3087399934-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f95544529bf5a220675a5144deef8a36863d63b94d13b5408341bbd3229691f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4296
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:07:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 06:51:32 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame E451 13 KB
5 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aa29d1df34f28ec237bf79348805f48a266b64ffbd8f335f48b69bfd9366614

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z7E76SBfGfntWbSq8aTaXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: "5f192fb73491a82f56e9fa48938a34cf"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-z7E76SBfGfntWbSq8aTaXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 11 Jan 2022 21:48:16 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 143ms
6ms XHR
application/json 2600:9000:225e:fa00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:fa00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be3e6ce4107dfe75c6ed8d87f06761d7b4c19db8ecab97a36a5b67c4eb4f8fb5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 03:00:34 GMT
content-encoding: br
age: 67664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 19:52:29 GMT
server: AmazonS3
etag: W/"fe8c8b5e209e644733d0f8409ab6b3e6"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: zCrQHiuNw31hrghkNyGCtDjPASEg7Q_.
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: y4KAs8txKyCv-k3kSoq9JLGHFpviz5JHpP4HxPKExZcGytAuVejj_A==

POST
H2 200 story Show response
capi.connatix.com/core/ Frame 6A9D 1 KB
1 KB 137ms
136ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=144775
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 88cce58d273e66b4fe3ef3dc9fcc45ef979b751e4ed389094b74c8e89c7e6216

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1641937697.982959,VS0,VE117
x-served-by: cache-mxp6960-MXP
vary: Accept-Encoding
x-cache: MISS
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 974
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 300 KB
35 KB 9ms
8ms XHR
application/json 2600:9000:2156:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8845dfbc0e20f22fc59d875d267c2d1bdb41b59c7e0f04807ea7ca4c44f7880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 03:00:35 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 67663
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 11 Jan 2022 03:00:32 GMT
server: AmazonS3
etag: W/"5cadc9e0e7cb78fa03d2d312211c7243"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: X3V8fFLQ_GZ-3ZpvK_pDOqQIs6AiqgtljHDq7t63e6ORHgLNZQOVMQ==

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 42ms
7ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 20:58:17 GMT
content-encoding: gzip
age: 3000
x-guploader-uploadid: ADPycdvKWCEzQNGxYXcWz-xky12V4041XCunQNfTD6fqtKkJyPSb2NDqzLaPVk5zR3gdqyfHbnmpLoWV7D4SrRBtCAs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 42ms
8ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 04:58:06 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 60612
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 3OnS9TOK2-R5Y2in4qXvlL8bOFzx4geKmXcF0C0TcHgqOTC3SxXMhw==

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 469 KB
124 KB 19ms
19ms Script
text/javascript 2600:9000:2156:3800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 10:41:50 GMT
content-encoding: br
age: 126387
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
server: AmazonS3
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ykxPZQeSny_5rJZ-tob3UMI-gOzM0GnZ7A0WvLjrKk6gVQkh2JnA5g==

POST
H2 200 sr Show response
capi.connatix.com/tr/ Frame 6A9D 0
81 B 123ms
123ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=144775
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1641937697.132685,VS0,VE108
x-served-by: cache-mxp6960-MXP
vary: Accept-Encoding
x-cache: MISS
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 48ms
22ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

6289566050a86a1ddb8cbf100a78ea80f2853599204f5f2882e9bc1d8d00ccc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27087
x-xss-protection: 0
server: sffe
etag: "1099 / 14 of 1000 / last-modified: 1641921726"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Jan 2022 21:48:17 GMT

GET
H2 200 a63ed9e9-8fb4-45a0-bdbc-4ccc8efabf02.bin Show response
vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 6A9D 2 KB
1 KB 55ms
16ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/a63ed9e9-8fb4-45a0-bdbc-4ccc8efabf02.bin?playerId=067e5169-ece3-4ce8-87ad-c7961b8bb396
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee8f7905092bf6469b0c386a948e74e4d3e3c71e4742d6d841295312766d4afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 20:26:54 GMT
age: 4766
etag: "e091824e4b458748f755155316af0813"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 790

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6A9D 377 KB
125 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127290
x-xss-protection: 0
expires: Tue, 11 Jan 2022 21:48:17 GMT

GET
H2 200 1.png
img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/ 10 KB
10 KB 20ms
20ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
age: 483965
etag: "o7hSHwAUmCBIixIgiGzuW02nJNU8oGEvPnjWp++AQj4"
access-control-max-age: 86400
fastly-io-info: ifsz=11996 idim=794x206 ifmt=png ofsz=9784 odim=794x206 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 9610

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1641937697180&ns_c=windows-1252&cv=3.5&c8=AvosLocker%20Ransomware%20(.avos)%20Support%20Topic%20-%20Ransomware%20Help%20%26%20Tech%20Suppor...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1641937697180&ns_c=windows-1252&cv=3.5&c8=AvosLocker%20Ransomware%20(.avos)%20Support%20Topic%20-%20Ransomware%20Help%20%26%20Tech%20Suppo...

0
224 B

9ms
8ms

Image
text/plain

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1641937697180&ns_c=windows-1252&cv=3.5&c8=AvosLocker%20Ransomware%20(.avos)%20Support%20Topic%20-%20Ransomware%20Help%20%26%20Tech%20Support&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&c9=
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: gk0w5ciU9xOwzjWSH7AWClqeRUFJJm1RPrRIxrWOECSCL8OdAo1pEg==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 11 Jan 2022 21:48:17 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1641937697180&ns_c=windows-1252&cv=3.5&c8=AvosLocker%20Ransomware%20(.avos)%20Support%20Topic%20-%20Ransomware%20Help%20%26%20Tech%20Support&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&c9=
content-length: 335
x-amz-cf-id: XWE6sIi5lWOQf5Hi9dqTFFFxrFC60UgvmQAqjKWvL1nbrfQrpSvvrQ==

GET
H3 200 pubads_impl_2022010407.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 31ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120967
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:13:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Jan 2022 21:48:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 213 B
150 B 41ms
27ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3fef19e536824cf94f0a91aa3c591c5cce3a2324b0cb39b2a848ec4ea8ff642c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125
x-xss-protection: 0
expires: Tue, 11 Jan 2022 21:48:17 GMT

POST
H2 200 ao Show response
capi.connatix.com/tr/ Frame 6A9D 0
249 B 128ms
128ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=144775
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1641937697.236213,VS0,VE111
x-served-by: cache-mxp6960-MXP
vary: Accept-Encoding
x-cache: MISS
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 514171 Show response
vid.springserve.com/vast/ Frame 6A9D 2 KB
2 KB 112ms
39ms XHR
application/xml 34.243.159.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.159.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-159-23.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5a82306a04a7272ebb873bdbaa91eae19c0362734f668d0bd962a4cd30d564eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Tue, 11 Jan 2022 21:48:17 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

POST
H2 200 ps Show response
capi.connatix.com/tr/ Frame 6A9D 0
81 B 448ms
447ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=144775
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1641937697.240785,VS0,VE430
x-served-by: cache-mxp6960-MXP
vary: Accept-Encoding
x-cache: MISS
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 c75453aa-70df-4aa9-9041-1986cd2c74d8.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 7 KB
6 KB 19ms
18ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/c75453aa-70df-4aa9-9041-1986cd2c74d8.jpg?crop=700:466,smart&width=700&height=466&format=jpeg&quality=60&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 63fd88f718ac0fb21b49ca1ebecb0afe5b3429c38036238a8b8a86b41b40727d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
age: 4793
etag: "vaBf1Yge/QTXaKFy16MJ9hPY/C1ONlpRgJDFumxSVDo"
access-control-max-age: 86400
fastly-io-info: ifsz=26652 idim=1600x802 ifmt=jpeg ofsz=6815 odim=700x466 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 5769

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
505 B 24ms
6ms XHR
text/html 18.66.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22sktb670LZWvFX%22%2C%22domain%22%3A%22www.bleepingcomputer.com%22%2C%22publisher%22%3A%22BleepingComputer%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22QejiQDikjMDrMVyfjnFdmQ%22%2C%22clientTimestamp%22%3A1641937697268%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ud62jbo27fl5cne7bqq8%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 04:46:26 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
age: 61840
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: aQDmnvh7K2uXDsCOZnYL6Cpao6GPgH2J6SRzC4zwj5yAfQr22Gdaig==

GET
H2 200 c75453aa-70df-4aa9-9041-1986cd2c74d8.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 6 KB
5 KB 20ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/c75453aa-70df-4aa9-9041-1986cd2c74d8.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0c0d9b9fe4b60d32bdc1338efe2ecb617e8c0ac93eafab0ef85410afed23dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
age: 4792
etag: "SvHkgDyP9DsV0BW5BhidVhWtqnFEtqTw+OMEIO1JD30"
access-control-max-age: 86400
fastly-io-info: ifsz=26652 idim=1600x802 ifmt=jpeg ofsz=5918 odim=700x394 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 5147

GET
H2 200 a1dfd742-8b42-4fb1-a803-2f064e77a96c.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 28 KB
28 KB 21ms
20ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/a1dfd742-8b42-4fb1-a803-2f064e77a96c.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a12d8b2945daaab7df6ae4dd9bb6618497c0d3f376b826301b65c43c8c5e9174

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
age: 4792
etag: "lH6ARxpLimKdqKhT3ZBGHKqgkXp0brsfrfMUjg9F078"
access-control-max-age: 86400
fastly-io-info: ifsz=141890 idim=1600x900 ifmt=jpeg ofsz=28427 odim=700x394 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 28052

GET
H2 200 7bd945b4-2ad6-4838-9459-c61529da761c.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 26 KB
26 KB 22ms
21ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/7bd945b4-2ad6-4838-9459-c61529da761c.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d0a565b583be1ca20348aadda75eefa50ab0225dc7490d963468c0ce2ae12097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
age: 4792
etag: "uRFtF8CBdohIaGoZmyx7Sgu0Q2kyWyPj2+Ag7rYEvhA"
access-control-max-age: 86400
fastly-io-info: ifsz=198376 idim=1600x801 ifmt=jpeg ofsz=26788 odim=700x394 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361

GET
H2 200 3183e2e1-e0ca-4f43-8695-fff6419ada0b.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 6 KB
4 KB 23ms
23ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/3183e2e1-e0ca-4f43-8695-fff6419ada0b.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bc2c26426fa2895419e8899f7fd6fdde15d6a58af4c62fcaa10fe1547ee067aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
age: 4792
etag: "C8yOaLiCUWA0GfLiMfz3tRpEGrWd382cdVMXGoyR6pA"
access-control-max-age: 86400
fastly-io-info: ifsz=25239 idim=1600x900 ifmt=jpeg ofsz=5767 odim=700x394 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3511

GET
H2 200 0574ad75-e2ed-434d-8998-c5a6cae6d9d2.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 22 KB
22 KB 24ms
24ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/0574ad75-e2ed-434d-8998-c5a6cae6d9d2.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a06791f009f0e44ae3af26b33c4af9c61948d550271956a7dbc2014fdf72c463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: br
age: 4792
etag: "Qqdys0oD4AFMFD8Qe/MOKQPjGuOJj+D9gRki573170k"
access-control-max-age: 86400
fastly-io-info: ifsz=125330 idim=1600x900 ifmt=jpeg ofsz=22466 odim=700x394 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 22097

GET
H2 200 bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 7 KB
7 KB 41ms
40ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57292d9d8c895f526c9f7cdae30de7ee3bad46137b432711a1c1fb19a3061cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527787
cf-polished: origFmt=png, origSize=15281
content-disposition: inline; filename="bleeping-computerlogo-lg.webp"
content-length: 6986
last-modified: Wed, 07 Jan 2015 22:52:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey707I4ZNXf%2F0cmkSduvfZDUhDClsJ7uCOXX89ZDVyY61dDDm6%2FiDPipuZYi09yhR6V6qM2ot8VHiGINFz582cZIwDtwN5GqvxkguDus5UaRdak75eVAYXa5J471DuvYjCaTdPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 04 Feb 2022 19:11:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cc159307a49e597-MAN
cf-bgj: imgq:85,h2pri

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6CD0 601 KB
195 KB 25ms
9ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
date: Fri, 07 Jan 2022 20:29:48 GMT
expires: Sat, 07 Jan 2023 20:29:48 GMT
last-modified: Fri, 07 Jan 2022 20:25:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 350309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6A9D 44 KB
17 KB 126ms
101ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Jan 2022 21:48:17 GMT

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame E8C3 601 KB
195 KB 9ms
8ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
date: Fri, 07 Jan 2022 20:29:48 GMT
expires: Sat, 07 Jan 2023 20:29:48 GMT
last-modified: Fri, 07 Jan 2022 20:25:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 350309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame AD6E 601 KB
195 KB 15ms
14ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
date: Fri, 07 Jan 2022 20:29:48 GMT
expires: Sat, 07 Jan 2023 20:29:48 GMT
last-modified: Fri, 07 Jan 2022 20:25:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 350309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame BEA4 495 KB
87 KB 28ms
8ms Script
application/javascript 2600:9000:2240:4e00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4e00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 1912589
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -CWZ3cTYo97o1QYDaXVNUIJbUTvYzIRf460rd7tb-cmS83Z5nCCsHg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 495ms
120ms Script
text/javascript 2a00:1450:4019:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1588
date: Tue, 11 Jan 2022 21:21:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 11 Jan 2022 23:21:49 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame E451 51 KB
18 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc03db6521f41a4f4907bcbd066d04ac91ad8d2c057b77bb3fd88641ccd6897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18301
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 19:55:44 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9C03 37 KB
13 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 20:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 11 Jan 2022 21:56:34 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9D1C 37 KB
13 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 20:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 11 Jan 2022 21:56:34 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 04DB 37 KB
13 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 20:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 11 Jan 2022 21:56:34 GMT

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 21 B
454 B 138ms
46ms Fetch
application/json 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

556ee8a8380b60437747eab7c0dc7a25da85cfb45c687ea33ca5e90651ca7ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 11 Jan 2022 21:48:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: close
Access-Control-Allow-Headers: content-type
Content-Length: 41
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BEA4 159 B
845 B 303ms
19ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4f131ceb884592507c0c11cf9b782e4011157277b88111c7afb7aa587365a3c4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 11 Jan 2022 21:48:17 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5debb664-9fef-49db-b626-227e4ec3681b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BEA4 0
122 B 297ms
14ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Tue, 11 Jan 2022 21:48:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame BEA4 0
225 B 504ms
219ms XHR
application/json 3.123.168.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.168.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-168-197.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame BEA4 0
225 B 503ms
218ms XHR
application/json 3.123.168.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.168.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-168-197.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g= Show response
ads.adaptv.advertising.com/a/h/ Frame BEA4 2 KB
1 KB 10ms
10ms XHR
text/xml 3.123.168.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641937697321&gdpr=1&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.168.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-168-197.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

bc0c02eebcdb99c227375db6c621dfdf73b993dfb8c36b07cd5f180db0dba15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 955
expires: 0

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 3829 15 KB
7 KB 97ms
32ms Script
application/javascript 108.128.226.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=16329b3f-122b-4320-92d7-1e8a094d87c2&pblob=
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.226.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-226-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 16e6f710b5b95747cc992e5292cadbf6a826218743bede4e05b3c2b48c786af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6640

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 469ms
235ms XHR
text/plain 2a00:1450:4019:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1133922037&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&ul=en-us&de=windows-1252&dt=AvosLocker%20Ransomware%20(.avos)%20Support%20Topic%20-%20Ransomware%20Help%20%26%20Tech%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=738740921&gjid=1915599931&cid=66434822.1641937698&tid=UA-91740-1&_gid=996366764.1641937698&_r=1&gtm=2ou1a0&z=1449457499

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 21:48:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame A5B7 48 KB
15 KB 233ms
224ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=942111685863795&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2daa739b22b4fc%26domain%3Dwww.bleepingcomputer.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bleepingcomputer.com%252Ffa911becc7f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=150

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3fd9674c71de0874c24bc05169d5f9a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fc8c5259f732bb84bd1e5a5e7d59018a824a9d6fc9f7414ef8daf09f6d66fe7

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: av+rrmV9/kcne1BgJ2uoXa3GC9stJ4h4oUjSO/G36fWZBDMjnyA1tyOrL7sRi60QGaF0wa9k+8uUQ8WkS3p3bQ==
date: Tue, 11 Jan 2022 21:48:18 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

POST
H2 200 rum Show response
www.bleepingcomputer.com/cdn-cgi/ 0
252 B 82ms
81ms XHR
text/plain 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bleepingcomputer.com/forums/t/754311/avoslocker-ransomware-avos-support-topic/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6cc15935c90354b8-MAN
vary: Origin

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/ Frame 3829 319 KB
103 KB 170ms
20ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=16329b3f-122b-4320-92d7-1e8a094d87c2&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 05 Jan 2022 20:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524303
x-amz-server-side-encryption: AES256
x-amz-storage-class: STANDARD_IA
vary: Accept-Encoding
content-length: 104909
x-amz-id-2: fOF4IDhDdBYEsPu3dYT7ndg/R2Ck1dXE7sXlQgGS0DVytirbpYesrIWLnqckbC6O6QbXrEmJ+VY=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Oct 2021 12:07:18 GMT
server: ATS
etag: "ad866575d644f8b5c5d7a56ff730d7e3-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: CVANDVE143XTW1RQ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 3829 43 B
246 B 24ms
8ms Image
image/gif 54.93.147.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=603d9102810cd10001d1d12f&s=true&pv=10.2.82&ifr=true&cb=0.5290671085904164&pt=o2unit&sid=a7f92b84-119b-4fc5-891c-4fb34229867b&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.147.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-147-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Tue, 11 Jan 2022 21:48:18 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame A5B7 400 B
824 B 8ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=942111685863795&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2daa739b22b4fc%26domain%3Dwww.bleepingcomputer.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bleepingcomputer.com%252Ffa911becc7f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: yYbHUV6khPUC2TLhTkkL7RGWwRJ7QT/m817iaJGcHgZm6gVBl7ZC9r05TH0h636EsBCL/NNpMn7HGXqa05v4cQ==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 04 Jan 2023 17:07:08 GMT

GET
H2 200 yeDV_yBDjcV.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/ Frame A5B7 518 KB
136 KB 24ms
9ms XHR
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/yeDV_yBDjcV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50e73b9f587cd1bf6fbe917157bdce177fb178ceaba7231ed433394a8e2bffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dVkFVvKRO2+iaAFL3ep6NQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 138557
x-fb-rlafr: 0
x-fb-debug: m5xdCuvZFBAr7MQplPtozJJ4NetVMJvib5ygCaeHzT9Mc82EkBEccxCYn7EbJ62Q1CHNyRY7THG0cKcH+H/yZg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 07 Jan 2023 19:15:29 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame BEA4 133 KB
44 KB 44ms
8ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 63D3DB90A4C1C423
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33201
accept-ranges: bytes
content-length: 44266
x-amz-id-2: CNYiFOjpiAoSYzPONR3EVoPnvWEpYOgKCXK7sVCgt07HFuYdeykdlzyO3Bi4FWBHYtMoxRr7aVE=

GET
H/1.1 200
OK VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 3829 249 B
0 424ms
424ms XHR
text/xml 3.123.168.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641937697321&gdpr=1&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&pi.height=480&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=394&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=700

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.168.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-168-197.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 3829 43 B
245 B 9ms
9ms Image
image/gif 54.93.147.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&s=true&sid=a7f92b84-119b-4fc5-891c-4fb34229867b&vvuid=e4194bea-9a7b-4b20-9dda-e9cccf9b93ea&orgId=28949&plcid=1279691&vrid=16329b3f-122b-4320-92d7-1e8a094d87c2&ab=0&dt=277&h=394&spaceid=793604934&w=700&cb=0.3114556452290749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.147.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-147-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Tue, 11 Jan 2022 21:48:18 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 3829 43 B
245 B 9ms
9ms Image
image/gif 54.93.147.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&s=true&sid=a7f92b84-119b-4fc5-891c-4fb34229867b&vvuid=e4194bea-9a7b-4b20-9dda-e9cccf9b93ea&orgId=28949&plcid=1279691&vrid=16329b3f-122b-4320-92d7-1e8a094d87c2&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=100&vwa=0&vwm=-1&cb=0.8277002605268609
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.147.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-147-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Tue, 11 Jan 2022 21:48:18 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 3829 43 B
245 B 8ms
8ms Image
image/gif 54.93.147.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&s=true&sid=a7f92b84-119b-4fc5-891c-4fb34229867b&vvuid=e4194bea-9a7b-4b20-9dda-e9cccf9b93ea&orgId=28949&plcid=1279691&vrid=16329b3f-122b-4320-92d7-1e8a094d87c2&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=700&p.vw.active=1&p.vw.sound=100&vwa=0&vwm=-1&h=394&cb=0.4688367714884796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.147.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-147-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 21:48:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.21.3
content-type: image/gif
content-length: 43
expires: Tue, 11 Jan 2022 21:48:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
10ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1641937698589&de=966862929912&d=277%3A-%3A-%3A-&bo=bleepingcomputer.com&bd=bleepingcomputer.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 21:48:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jan 2022 21:48:18 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame 3829 0
0

GET
H2 200 bc2 Show response
bc-ssb-dub.springserve.com/ Frame BEA4 6 KB
1 KB 177ms
100ms XHR
application/json 52.17.74.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-ssb-dub.springserve.com/bc2?r=781cd51e-d7fd-4ba5-8a84-3276078658a8-s.514171-d.528021-dc.132380&aid=962&det_d=www.bleepingcomputer.com&det_w=700
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.74.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-74-22.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 61a37242802ca840c4ba5229c300079bfc194e7e45d7a8dc18c3cfc68490943f

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Tue, 11 Jan 2022 21:48:19 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 8A15 174 B
680 B 43ms
16ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&owner=P%26G&bp_id=freestar

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

f641cc76ff21da5e099fdc63dcba705db3e2db2786649d01ce1a81e81f780cce

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/

Response headers

date: Tue, 11 Jan 2022 21:48:19 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 174
via: 1.1 google
alt-svc: clear

GET
H2 200 627448 Show response
vid.springserve.com/vast/ Frame BEA4 22 B
219 B 31ms
30ms XHR
application/xml 34.243.159.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/627448?w=640&h=480&cb=2874338192137&url=bleepingcomputer.com&ip=217.64.151.9&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&dnt=&gdpr_consent=&gdpr=1&us_privacy=&schain=&ip=217.64.151.9&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&lat=51.2993&lon=9.491&dnt=&desc=&ic=&dur=&ap=&app_bundle=&app_name=&app_store_url=&inv_partner_domain=&vid=&min_dur=&max_dur=&mute=&placement=&skip=&prodq=&content_id=&content_episode=&content_title=&content_series=&content_season=&content_genre=&content_livestream=&content_producer_name=&rating=&channel_name=&language=&network_name=&did=&pp=%7B%7BPRICE_PAID%7D%7D&device_make=Google&device_model=Chrome&brand_name=Google&country=DE&ifa_type=&gdpr_consent=&gdpr=1&us_privacy=&payid=a24eb6%3A1224&schain=&coppa=&lmt=&omidpn=%7B%7BOMID_PN%7D%7D&omidpv=%7B%7BOMID_PV%7D%7D&_bchc=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.159.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-159-23.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Tue, 11 Jan 2022 21:48:19 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 22
content-type: application/xml;charset=UTF-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8A15 70 B
265 B 123ms
48ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c78b7ece-12f5-41d1-8de0-c3f13da74184&gdpr=1&gdpr_consent=
Requested by: Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&owner=P%26G&bp_id=freestar
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 21:48:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame BEA4 0
123 B 109ms
30ms XHR
text/plain 54.229.115.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=781cd51e&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.115.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-115-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Tue, 11 Jan 2022 21:48:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

POST abt
capi.connatix.com/tr/ Frame 6A9D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&s=true&sid=a7f92b84-119b-4fc5-891c-4fb34229867b&vvuid=e4194bea-9a7b-4b20-9dda-e9cccf9b93ea&orgId=28949&plcid=1279691&vrid=16329b3f-122b-4320-92d7-1e8a094d87c2&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=700&aert=432&ar=no&fo=0&ft=0&h=394&cb=0.03823347490193929

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/abt?v=144775

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bleepingcomputer.com/	1969-12-31 23:59:59	Name: session_id Value: 65cfe70064b730e97765f7d15c4b29fe
.google.com/	1970-01-20 04:29:08	Name: NID Value: 511=oYv6Ex2DCBAE-7_sWMcMGQHel4lRPYv9qt-Az7FldWZYVjJXPk-FYpt4C_rX5ubDgKtT1DCChfdvY3lgdI8XTkCYxlydBphnzmwHeKg-srfvhjH6P7DlYhw-H7-XpYW3vhxC4EFYruzHhXD_V5uxtnDkJSjJmntXAJ_UtltCN7A
www.bleepingcomputer.com/	1969-12-31 23:59:59	Name: fsbotchecked Value: true
.scorecardresearch.com/	1970-01-20 17:22:25	Name: UID Value: 1XWE6SII5LWOQF5HI9DQTFg1641937697
.springserve.com/	1970-01-20 08:49:47	Name: ssid Value: df718317-aea7-487f-bb91-2ca18cd76aaf
.springserve.com/	1970-01-20 08:49:47	Name: sst Value: 1641937697321
.bleepingcomputer.com/	1970-01-20 17:36:49	Name: _ga Value: GA1.2.66434822.1641937698
.bleepingcomputer.com/	1970-01-20 00:07:04	Name: _gid Value: GA1.2.996366764.1641937698
.bleepingcomputer.com/	1970-01-20 00:05:37	Name: _gat_gtag_UA_91740_1 Value: 1
.tapad.com/	1970-01-20 01:32:01	Name: TapAd_TS Value: 1641937699144
.tapad.com/	1970-01-20 01:32:01	Name: TapAd_DID Value: c78b7ece-12f5-41d1-8de0-c3f13da74184

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F754311%2Favoslocker-ransomware-avos-support-topic%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1641937696723&_gfid=I0_1641937696723&parent=https%3A%2F%2Fwww.bleepingcomputer.com&pfname=&rpctoken=10940907 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
accounts.google.com
acds.prod.vidible.tv
ad.doubleclick.net
ads.adaptv.advertising.com
apis.google.com
audit-tcfv2.quantcast.mgr.consensu.org
bc-ssb-dub.springserve.com
capi.connatix.com
cd.connatix.com
cdn-ssl.vidible.tv
cdn.firstimpression.io
cds.connatix.com
connect.facebook.net
d.pub.network
ecdn.analysis.fi
ecdn.firstimpression.io
hbopenbid.pubmatic.com
ib.adnxs.com
id-ransomware.malwarehunterteam.com
imasdk.googleapis.com
img.connatix.com
match.adsrvr.org
p.skimresources.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
px.moatads.com
quantcast.mgr.consensu.org
r.skimresources.com
rules.quantcount.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.cloudflareinsights.com
static.xx.fbcdn.net
t.skimresources.com
tag.escalated.io
test.quantcast.mgr.consensu.org
trk.vidible.tv
vid-io-dub.springserve.com
vid.connatix.com
vid.springserve.com
vpaid.springserve.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
z.moatads.com
capi.connatix.com
trk.vidible.tv
104.20.60.209
108.128.226.193
13.32.121.21
142.250.184.198
142.250.184.226
143.204.98.123
15.197.193.217
151.101.2.137
151.139.128.11
172.67.75.139
18.66.122.112
18.66.97.68
185.33.221.90
185.64.189.112
2.21.143.57
2600:9000:2156:3800:9:46dc:4700:93a1
2600:9000:2240:4e00:15:6f6c:b180:93a1
2600:9000:225e:fa00:3:a4cd:8380:93a1
2600:9000:2315:7200:6:44e3:f8c0:93a1
2606:4700:20::681a:8b
2606:4700:3036::ac43:dbb1
2606:4700::6810:5f41
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:800::7000
2a00:1450:4001:810::200d
2a00:1450:4001:811::2006
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2002
2a00:1450:4019:80a::2008
2a00:1450:4019:80c::200e
2a00:1450:4019:80d::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.123.168.197
34.243.159.23
35.190.59.101
35.190.91.160
35.201.67.47
35.201.71.192
35.227.248.159
35.241.45.217
52.17.74.22
54.229.115.186
54.78.253.158
54.93.147.121
92.122.252.43
027676eca49ffe2ee0b1e8181e64d4845cb710d6f88d345ebe581e613a8634cb
05b658ea546cb870312fdae60b81aad7b6497e19340962b104a86990f2a62b90
0e2a136c594c939d55752e9abb70e6cc550b10bc3bc350c0d46d23d5947c20d1
0f1e90548e911e24dedcb2ca0ffee6847a49a8648e9c615bcd0582bb7c7993fd
0fb8da6b88a38c8151e5490d19f7de0ea26fd5b787f51822d153eacc109d5ab6
14dcce7abfc690cecd57a737a8af6fd712c2b7fec668b772d9f014f6ded77ef8
153b32597d4a71920b51fcb362e0e3df7cb2a4426ae5b3f5f3ed8432004aefe1
16e6f710b5b95747cc992e5292cadbf6a826218743bede4e05b3c2b48c786af0
1f8fa6db9c3c995edd6a33d7fd77f9dbebd342b41650d61a51c5ceae1c712b96
20f3f071ba5d3d01fbde346d00b98b0f1a0b6efc65c1e560eb1dc97c2d57fcae
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38
28d4e8c1043164607dcdeb358e2a08c9565fe286ceeeabea79e67f8c680187e7
2a10fb2699752353ba3f55bdb022589d690843ebbbf9f3b80789f2a57010475e
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2f3a385e75367a3874df952922b3af528bca486eba047ee441ca037f1c9f685a
386f87a6e6fcb89c6b046f988d18def949d1cc1f6a9fa4177858aa11da7a5bda
3aa29d1df34f28ec237bf79348805f48a266b64ffbd8f335f48b69bfd9366614
3afbbf882bdecc90b8dc8f0d0549daf6f1558c9efcd8b93bfa40d90c0c29d995
3e3b8f6c06d2d74cc294ee6439e67b08890587be0081249a158469ace2eaeaaf
3e6274abac1820c8bd99f826cf35a60aeaa56b962500486acc5665f98005031e
3e89beb7d66ef7d5e58dfcefd22a51e1a8ae452a49bc20d020418cf2b6c666d0
3f9080d2b8eae31a4cb5058bfb62c2202b95181a3d71fbd0ae90b1fc8cbdafed
3f95544529bf5a220675a5144deef8a36863d63b94d13b5408341bbd3229691f
3fef19e536824cf94f0a91aa3c591c5cce3a2324b0cb39b2a848ec4ea8ff642c
40aee4def6f2c1c3e46ddf1637b4132ddf7aed7394bed07ced7151481cb8ff60
40af293c9cbabf1f038c524c4270a81353bba3a28854475d9002ce14a2f9abc7
415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453d30f69cc2a6f3013254a0faed039d49cf9c5b004d5482fb5365e99702c149
4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4b9f912b0e7a50c12745f52ec2848dce5b779369999c6d35e6c297c713ce53d3
4f131ceb884592507c0c11cf9b782e4011157277b88111c7afb7aa587365a3c4
5028e223096a25034d4d95863f89374a4b205e86354c5e4461e00272e7fab4d9
50e73b9f587cd1bf6fbe917157bdce177fb178ceaba7231ed433394a8e2bffbf
51f20d95dad9ea1473e4f877b5f7a7d8bcd589f1f989b8875ffddd83ae716a21
556ee8a8380b60437747eab7c0dc7a25da85cfb45c687ea33ca5e90651ca7ed5
57292d9d8c895f526c9f7cdae30de7ee3bad46137b432711a1c1fb19a3061cab
586803c80f33b0b6660ddeaece4354cfb8bb4bb4bd53f44eae03fb25cbee870d
587bbca8ef040bd81781b196ab4f32e75b2d88200c76caa1cebd1d71841708bf
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
59e6b6895ab9c1fab302d73906ec3259ac826ffc4a3ae743412bf8a096a33054
5a82306a04a7272ebb873bdbaa91eae19c0362734f668d0bd962a4cd30d564eb
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f21621d88466412dcfaede8f939764baeefc127da15b1f9c26875645fb779ca
61a37242802ca840c4ba5229c300079bfc194e7e45d7a8dc18c3cfc68490943f
61da0a4638505960ec52709b7df80d92683c56e13042079daf5f082fc9548d5e
6289566050a86a1ddb8cbf100a78ea80f2853599204f5f2882e9bc1d8d00ccc3
63e2dfceaeeb7e8b933fa7fe96048fac66ad3fab6ab270b8e4a28ce02c1b73ab
63fd88f718ac0fb21b49ca1ebecb0afe5b3429c38036238a8b8a86b41b40727d
6aeb9f7542993c71c548ac254766824ef86c68f0d6fa13f293bd016b9cfc9dc6
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eeb3829a89d21a2c0e9b954799f235f75241ca089137b88602721a259d4b616
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
7289709ae46707bed0ee806280f219e63afaa5602ca8f1d5dd88a5b22b9c9010
770cb6f8747e90dad261e049dfa5cf42e622dac61bcbc86ecb0a8c134228eb91
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7c7b602cdbc698beb37421e105d80875a420901cb423183e52af8d1a92f4df85
7fc8c5259f732bb84bd1e5a5e7d59018a824a9d6fc9f7414ef8daf09f6d66fe7
85a2c5bd701224851deca6029998517a35d091922217a90241fd0c7f244e8f11
88cce58d273e66b4fe3ef3dc9fcc45ef979b751e4ed389094b74c8e89c7e6216
89a09b60a60ec0e04208b6170ab7d45606ec43b2229747a04ec7976c07173785
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7ad438c88cd0653af6066d4c148e00824961112a865f9611e258b9f3cc0981
9019adc6ec44d2cd4f38c97b8319b0ae8da8f03b3bd646d4f86707f23f8935a0
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
9320021507b35e189d2190eea673cbc21f7d368f6ecbfb5dc89d773a28cd015d
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
9e5a1148e6ba00dec0218671857bc04820e1a4628a6de00a659ece715a6ed2f6
9faebe5bdb9528f36d1ec5713865681bf10c7c0d1fa1b8224fc57982f45ed788
a06791f009f0e44ae3af26b33c4af9c61948d550271956a7dbc2014fdf72c463
a0c0d9b9fe4b60d32bdc1338efe2ecb617e8c0ac93eafab0ef85410afed23dfc
a12d8b2945daaab7df6ae4dd9bb6618497c0d3f376b826301b65c43c8c5e9174
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a51f645170637f10f3eba218020318af3fff3ad8e7087db87ef607896f19a940
a5ad4fb0d40625889969083053d32ab1191e66c11bb4aebfde2643954c0f5673
a9f3bcb19c0bd5c65610479456e6725269fff54283881bdee75052d68e6c8def
abe9d30276e3d66a71219ad2b0ed5a9663020a5c534557dd0f5c8ba71da4ebd4
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
b5165d19aef58031fc6b041bd5da0943348bd4f5723baac625504963ef9a2a09
b937537ed7f13e70dc6a69b6e9b308237cd369e11fa2a2b97a24d97d8487673e
bc0c02eebcdb99c227375db6c621dfdf73b993dfb8c36b07cd5f180db0dba15f
bc2c26426fa2895419e8899f7fd6fdde15d6a58af4c62fcaa10fe1547ee067aa
be3e6ce4107dfe75c6ed8d87f06761d7b4c19db8ecab97a36a5b67c4eb4f8fb5
bf50c94253085740a5cce42e9c14f7b897cfc384303b38a5d9d7a0ab8ea5160f
bfd753d445592a633d4e3b8f74fe6e4ca85ab95a1f0b2fc00f11afeaaeed8194
c05be6df055c8b5772076297b0505b0a6f10463bec1c3482892bb6bb1c8326f7
c2a0ed3ea5aebdf80781e96b0e677656f9db72ea592b679299953852fef84b02
c7451690fed2a104bf6ff86e5ab0b3a7d8393d26a859a4bad6ba81b1d7aa339d
cbd8236978dd3f165bc49566f78c460e3937e552df38787439c1ef2797c4c709
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a565b583be1ca20348aadda75eefa50ab0225dc7490d963468c0ce2ae12097
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d11e31e4a1d2b7528c066ca3c849a95e53a53538440a5d72c18bf9f9ee84ce9e
d1731db9016f326daff11d0045c86fd068ec9e72cc4c6ec56a7c856a3a3d28c7
d1832b7da0292ab076dfe046f8b1c2d5fcfd1bfb5628b7e21a3754a20308aa57
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
d813e6becda7ebe8b6bf1a54e7b83aa2a2551dc41bf4f07877834984a293958e
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db311c11353d5628e6e28d260bca9b8935b23440964d7c6bc4914edcda08472a
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfeeb6ccbb4ed22616faa7a705e8ee45cc4942feaee699ccd2ad421f7e4a8b69
e117519c37cdc87cdba16b48751246d55d422b79e368c6a546f493fee3d7df82
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
e91fde7db8e3812710dc53a9112678498279bbe017ae00b73f057e73e90189c3
ebbdc09f56e8b9cba9117f0d84b4903fdc89508496a9b5d5b8d6bf59ff13ebbf
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee8f7905092bf6469b0c386a948e74e4d3e3c71e4742d6d841295312766d4afe
efc6361ebe5a559578c83bf197d5407b7f6bf44f74d35c4ee8eb22c810fb34a7
f33585b10bb5487bd6c92f53018de62cb147ab48b829334b7f97437015aae557
f34544ddb27241b3eccb8e06d7447230005e8718b463a30d9dd83d1e8bada1a1
f5dc80ad8c001e3bdcb2a2e838bf6aa70eecfdb69ebb07b6b4f3b49ffc41156f
f641cc76ff21da5e099fdc63dcba705db3e2db2786649d01ce1a81e81f780cce
f8845dfbc0e20f22fc59d875d267c2d1bdb41b59c7e0f04807ea7ca4c44f7880
fcc03db6521f41a4f4907bcbd066d04ac91ad8d2c057b77bb3fd88641ccd6897
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcead9ad6bdb0547253732ff49bfebe4439e39f9eab3e0ffe5c0fc251afc2779
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.bleepingcomputer.com Open in urlscan Pro 104.20.60.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

94 %HTTPS

42 %IPv6

35 Domains

55 Subdomains

49 IPs

6 Countries

2662 kBTransfer

9122 kBSize

11 Cookies

9 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

94 %
HTTPS

42 %
IPv6

35
Domains

55
Subdomains

49
IPs

6
Countries

2662 kB
Transfer

9122 kB
Size

11
Cookies

150 HTTP transactions
-4 data transactions