urlscan.io logo urlscan.io
SecurityTrails logo

pagesix.com Open in urlscan Pro
192.0.79.33  Public Scan

Go To Rescan Add Verdict Report
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Submission: On May 15 via manual from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 113 IPs in 10 countries across 74 domains to perform 388 HTTP transactions. The main IP is 192.0.79.33, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is pagesix.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 27th 2020. Valid for: 3 months.
This is the only time pagesix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 192.0.79.33 2635 (AUTOMATTIC)
7 2606:2800:233... 15133 (EDGECAST)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 52.222.176.82 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
22 192.0.77.32 2635 (AUTOMATTIC)
11 2a01:4a0:1338... 201011 (NETZBETRI...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 192.0.78.18 2635 (AUTOMATTIC)
6 54.230.183.14 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
6 23.210.250.44 16625 (AKAMAI-AS)
1 52.216.165.93 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.230.183.59 16509 (AMAZON-02)
19 52.222.190.75 16509 (AMAZON-02)
9 192.0.72.24 2635 (AUTOMATTIC)
5 52.222.191.194 16509 (AMAZON-02)
1 151.101.114.217 54113 (FASTLY)
1 35.227.208.151 15169 (GOOGLE)
1 34.242.103.69 16509 (AMAZON-02)
1 34.107.156.205 15169 (GOOGLE)
1 2600:9000:209... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 93.184.220.66 15133 (EDGECAST)
4 192.0.76.3 2635 (AUTOMATTIC)
1 172.217.21.226 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.72.240.134 14618 (AMAZON-AES)
1 4 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.249.205.129 16509 (AMAZON-02)
1 2 2600:9000:207... 16509 (AMAZON-02)
16 2.18.70.82 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
10 172.217.22.98 15169 (GOOGLE)
2 70.42.32.95 22075 (AS-OUTBRAIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.84.50.149 16509 (AMAZON-02)
1 99.84.230.44 16509 (AMAZON-02)
1 52.2.255.108 14618 (AMAZON-AES)
2 34.246.123.201 16509 (AMAZON-02)
17 23.210.250.213 16625 (AKAMAI-AS)
1 18.209.235.124 14618 (AMAZON-AES)
1 2 52.95.118.60 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.190.40.172 15169 (GOOGLE)
1 3 34.95.120.147 15169 (GOOGLE)
12 69.173.144.141 26667 (RUBICONPR...)
8 12 2606:2800:233... 15133 (EDGECAST)
1 4 37.252.172.38 29990 (ASN-APPNEX)
1 2.18.68.31 16625 (AKAMAI-AS)
3 23.210.249.164 16625 (AKAMAI-AS)
1 178.250.0.165 44788 (ASN-CRITE...)
3 151.101.114.2 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.222.191.67 16509 (AMAZON-02)
5 54.230.183.83 16509 (AMAZON-02)
3 54.230.183.26 16509 (AMAZON-02)
2 54.230.183.57 16509 (AMAZON-02)
19 151.101.14.133 54113 (FASTLY)
1 2 107.178.250.234 15169 (GOOGLE)
1 52.222.182.38 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.222.178.51 16509 (AMAZON-02)
1 4 2600:9000:201... 16509 (AMAZON-02)
1 35.186.249.72 15169 (GOOGLE)
1 3 2.16.31.65 16625 (AKAMAI-AS)
2 54.174.232.189 14618 (AMAZON-AES)
1 91.228.74.232 27281 (QUANTCAST)
1 23.45.237.36 20940 (AKAMAI-ASN1)
2 63.32.141.117 16509 (AMAZON-02)
1 35.241.8.149 15169 (GOOGLE)
2 3.85.246.13 14618 (AMAZON-AES)
1 37.252.167.201 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
4 50.31.142.63 22075 (AS-OUTBRAIN)
1 52.222.182.66 16509 (AMAZON-02)
3 54.230.183.127 16509 (AMAZON-02)
1 52.222.190.25 16509 (AMAZON-02)
2 54.230.183.102 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.88.164.102 14618 (AMAZON-AES)
2 54.209.139.223 14618 (AMAZON-AES)
1 151.101.114.133 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 54.88.21.30 14618 (AMAZON-AES)
1 9 91.228.74.148 27281 (QUANTCAST)
1 52.213.155.56 16509 (AMAZON-02)
1 35.201.76.231 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2600:9000:207... 16509 (AMAZON-02)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 23.210.249.83 16625 (AKAMAI-AS)
1 23.37.42.132 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-)
2 35.156.98.228 16509 (AMAZON-02)
1 54.208.248.37 14618 (AMAZON-AES)
9 35.155.25.126 16509 (AMAZON-02)
1 52.222.182.25 16509 (AMAZON-02)
2 52.222.182.80 16509 (AMAZON-02)
2 3.230.92.60 14618 (AMAZON-AES)
1 35.227.229.34 15169 (GOOGLE)
1 2 147.75.102.200 54825 (PACKET)
2 192.0.72.2 2635 (AUTOMATTIC)
1 195.181.175.46 60068 (CDN77)
388 113
15    192.0.79.33 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
pagesix.com
7    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cookielaw.org
4    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    52.222.176.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-176-82.ham50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
22    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
s0.wp.com
11    2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)
use.typekit.net
1    2a02:26f0:6c00:284::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.optimizely.com
1    192.0.78.18 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
r-login.wordpress.com
6    54.230.183.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-14.ham50.r.cloudfront.net
us.tags.newscgp.com
cdn.exelator.com
tags.decider.com
tags.knewz.com
1    151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
6    23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    52.216.165.93 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.230.183.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-59.ham50.r.cloudfront.net
native.sharethrough.com
19    52.222.190.75 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-75.ham50.r.cloudfront.net
tagan.adlightning.com
9    192.0.72.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
nyppagesix.files.wordpress.com
5    52.222.191.194 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-191-194.ham50.r.cloudfront.net
video.unrulymedia.com
1    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    35.227.208.151 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 151.208.227.35.bc.googleusercontent.com
aswpsdkus.com
1    34.242.103.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-103-69.eu-west-1.compute.amazonaws.com
segment-data.zqtk.net
1    34.107.156.205 (United States)

ASN15169 (GOOGLE, US)
PTR: 205.156.107.34.bc.googleusercontent.com
tag.bounceexchange.com
1    2600:9000:2093:ac00:e:5a70:ca47:86e1 (United States)

ASN16509 (AMAZON-02, US)
cdn.flipboard.com
13    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
pagead2.googlesyndication.com
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    52.72.240.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-240-134.compute-1.amazonaws.com
www.zergnet.com
4    35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    34.249.205.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-205-129.eu-west-1.compute.amazonaws.com
stats3.unrulymedia.com
2    2600:9000:2070:bc00:14:85db:2b40:93a1 (United States)

ASN16509 (AMAZON-02, US)
fpn.flipboard.com
16    2.18.70.82 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-70-82.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
10    172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net
securepubads.g.doubleclick.net
2    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.84.50.149 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-149.ham50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    99.84.230.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-230-44.sfo5.r.cloudfront.net
ithinkthereforeiam.net
1    52.2.255.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-255-108.compute-1.amazonaws.com
logx.optimizely.com
2    34.246.123.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-123-201.eu-west-1.compute.amazonaws.com
match.adsrvr.org
17    23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com
1    18.209.235.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-235-124.compute-1.amazonaws.com
zephr.pagesix.com
2    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2606:4700:10::6816:47ab (United States)

ASN13335 (CLOUDFLARENET, US)
assets.bounceexchange.com
1    35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 172.40.190.35.bc.googleusercontent.com
api.skimlinks.mgr.consensu.org
3    34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
nypost-d.openx.net
eu-u.openx.net
12    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)
adserver-us.adtech.advertising.com
4    37.252.172.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2.18.68.31 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-31.deploy.static.akamaitechnologies.com
prebid.media.net
3    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    2a02:26f0:6c00:28d::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
p.typekit.net
1    52.222.191.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-191-67.ham50.r.cloudfront.net
cdn.parsely.com
5    54.230.183.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-83.ham50.r.cloudfront.net
img5.zergnet.com
img2.zergnet.com
3    54.230.183.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-26.ham50.r.cloudfront.net
img1.zergnet.com
2    54.230.183.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-57.ham50.r.cloudfront.net
img4.zergnet.com
cdn.pprl.io
19    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
2    107.178.250.234 (United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    52.222.182.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-38.ham50.r.cloudfront.net
static.clicktripz.com
2    2a02:26f0:6c00::210:baf1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
b-code.liadm.com
1    52.222.178.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-178-51.ham50.r.cloudfront.net
z-na.associates-amazon.com
4    2600:9000:2016:2e00:e:ec66:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.keywee.co
1    35.186.249.72 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
3    2.16.31.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    54.174.232.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-232-189.compute-1.amazonaws.com
srv-2020-05-15-05.pixel.parsely.com
1    91.228.74.232 (United Kingdom)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
1    23.45.237.36 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    63.32.141.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-141-117.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    35.241.8.149 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 149.8.241.35.bc.googleusercontent.com
idsync.rlcdn.com
2    3.85.246.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-246-13.compute-1.amazonaws.com
us.pixel.newscgp.com
1    37.252.167.201 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 32.ratbait.prod.ams1.adnexus.net
rb.adnxs.com
1    2a00:1450:4001:81a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
log.ncaudienceexchange.com
4    50.31.142.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
mcdp-chidc2.outbrain.com
1    52.222.182.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-66.ham50.r.cloudfront.net
www.ncaudienceexchange.com
3    54.230.183.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-127.ham50.r.cloudfront.net
tags.realtor.com
tags.marketwatch.com
tags.wsj.com
1    52.222.190.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-25.ham50.r.cloudfront.net
tags.barrons.com
2    54.230.183.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-102.ham50.r.cloudfront.net
tags.mansionglobal.com
tags.nypost.com
1    2600:1f18:730:b150:668b:98d8:e278:ef3b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.88.164.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-164-102.compute-1.amazonaws.com
rp4.liadm.com
2    54.209.139.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-139-223.compute-1.amazonaws.com
www.i.matheranalytics.com
1    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
consumer.krxd.net
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
66c76e7a351bcebf588a01117b97b87b.safeframe.googlesyndication.com
19    2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    54.88.21.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-21-30.compute-1.amazonaws.com
pixel.keywee.co
9    91.228.74.148 (United Kingdom)

ASN27281 (QUANTCAST, US)
pixel.quantserve.com
1    52.213.155.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-155-56.eu-west-1.compute.amazonaws.com
geo.moatads.com
1    35.201.76.231 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 231.76.201.35.bc.googleusercontent.com
fubotv.pxf.io
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2070:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    23.37.42.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a02:fa8:8806:12::1400 (Sweden)

ASN41041 (VCLK-EU-, SE)
aol-match.dotomi.com
2    35.156.98.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-98-228.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    54.208.248.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-248-37.compute-1.amazonaws.com
i.liadm.com
9    35.155.25.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-25-126.us-west-2.compute.amazonaws.com
www.clicktripz.com
1    52.222.182.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-25.ham50.r.cloudfront.net
us.audience.newscgp.com
2    52.222.182.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-80.ham50.r.cloudfront.net
sn1.clicktripz.com
2    3.230.92.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-92-60.compute-1.amazonaws.com
tag.pprl.io
1    35.227.229.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 34.229.227.35.bc.googleusercontent.com
api.bounceexchange.com
2    147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET, US)
mydmp.exelator.com
2    192.0.72.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
thenypost.files.wordpress.com
1    195.181.175.46 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-46.datapacket.com
load77.exelator.com
Apex Domain
Subdomains		 Transfer
26 wp.com
s0.wp.com
stats.wp.com
pixel.wp.com
317 KB
22 googlesyndication.com
66c76e7a351bcebf588a01117b97b87b.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
29 KB
22 krxd.net
cdn.krxd.net
beacon.krxd.net
consumer.krxd.net
116 KB
19 adlightning.com
tagan.adlightning.com
491 KB
18 moatads.com
z.moatads.com
geo.moatads.com
857 KB
18 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
576 KB
16 pagesix.com
pagesix.com
zephr.pagesix.com
78 KB
14 advertising.com
adserver-us.adtech.advertising.com
pixel.advertising.com
7 KB
13 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
21 KB
13 outbrain.com
widgets.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com
mv.outbrain.com
103 KB
12 clicktripz.com
static.clicktripz.com
www.clicktripz.com
sn1.clicktripz.com
231 KB
12 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
103 KB
12 wordpress.com
r-login.wordpress.com
nyppagesix.files.wordpress.com
thenypost.files.wordpress.com
214 KB
12 typekit.net
use.typekit.net
p.typekit.net
363 KB
11 zergnet.com
www.zergnet.com
img5.zergnet.com
img2.zergnet.com
img1.zergnet.com
img4.zergnet.com
122 KB
10 quantserve.com
secure.quantserve.com
pixel.quantserve.com
12 KB
10 googletagservices.com
www.googletagservices.com
264 KB
10 skimresources.com
s.skimresources.com
r.skimresources.com
t.skimresources.com
p.skimresources.com
24 KB
10 google.com
ampcid.google.com
www.google.com
adservice.google.com
2 KB
8 unrulymedia.com
video.unrulymedia.com
stats3.unrulymedia.com
25 KB
7 cookielaw.org
cdn.cookielaw.org
113 KB
6 adnxs.com
ib.adnxs.com
rb.adnxs.com
acdn.adnxs.com
4 KB
6 newscgp.com
us.tags.newscgp.com
us.pixel.newscgp.com
us.audience.newscgp.com
169 KB
5 keywee.co
cdn.keywee.co
pixel.keywee.co
32 KB
5 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
i.liadm.com
14 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
30 KB
4 exelator.com
cdn.exelator.com
mydmp.exelator.com
load77.exelator.com
8 KB
4 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
39 KB
4 bounceexchange.com
tag.bounceexchange.com
assets.bounceexchange.com
api.bounceexchange.com
95 KB
4 google.de
ampcid.google.de
www.google.de
adservice.google.de
2 KB
4 google-analytics.com
www.google-analytics.com
19 KB
3 facebook.com
www.facebook.com
512 B
3 facebook.net
connect.facebook.net
171 KB
3 pprl.io
cdn.pprl.io
tag.pprl.io
21 KB
3 scorecardresearch.com
sb.scorecardresearch.com
1 KB
3 parsely.com
cdn.parsely.com
srv-2020-05-15-05.pixel.parsely.com
21 KB
3 casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
1 KB
3 openx.net
nypost-d.openx.net
eu-u.openx.net
818 B
3 flipboard.com
cdn.flipboard.com
fpn.flipboard.com
5 KB
2 criteo.net
static.criteo.net
41 KB
2 ncaudienceexchange.com
log.ncaudienceexchange.com
www.ncaudienceexchange.com
221 B
2 adsrvr.org
match.adsrvr.org
805 B
2 twitter.com
platform.twitter.com
29 KB
2 googleapis.com
imasdk.googleapis.com
ajax.googleapis.com
120 KB
2 optimizely.com
cdn.optimizely.com
logx.optimizely.com
87 KB
2 onetrust.com
geolocation.onetrust.com
807 B
1 dotomi.com
aol-match.dotomi.com
104 B
1 quantcount.com
rules.quantcount.com
quantcount.com Failed
3 KB
1 pxf.io
fubotv.pxf.io
469 B
1 knewz.com
tags.knewz.com
1 decider.com
tags.decider.com
1 nypost.com
tags.nypost.com
1 wsj.com
tags.wsj.com
1 marketwatch.com
tags.marketwatch.com
1 mansionglobal.com
tags.mansionglobal.com
1 barrons.com
tags.barrons.com
1 realtor.com
tags.realtor.com
1 bluekai.com
tags.bluekai.com
749 B
1 impactradius-event.com
d.impactradius-event.com
7 KB
1 associates-amazon.com
z-na.associates-amazon.com
355 B
1 criteo.com
bidder.criteo.com
141 B
1 media.net
prebid.media.net
282 B
1 consensu.org
api.skimlinks.mgr.consensu.org
631 B
1 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com
59 B
1 ithinkthereforeiam.net
ithinkthereforeiam.net
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 googletagmanager.com
www.googletagmanager.com
27 KB
1 googleadservices.com
www.googleadservices.com
11 KB
1 zqtk.net
segment-data.zqtk.net
447 B
1 aswpsdkus.com
aswpsdkus.com
25 KB
1 speedcurve.com
cdn.speedcurve.com
499 B
1 sharethrough.com
native.sharethrough.com
120 KB
1 amazonaws.com
s3.amazonaws.com
3 KB
0 rkdms.com Failed
mid.rkdms.com Failed
388 74
Domain Requested by
22 s0.wp.com pagesix.com
19 tpc.googlesyndication.com tagan.adlightning.com
19 cdn.krxd.net pagesix.com
cdn.krxd.net
tagan.adlightning.com
19 tagan.adlightning.com pagesix.com
tagan.adlightning.com
17 z.moatads.com s0.wp.com
tagan.adlightning.com
15 images.outbrainimg.com pagesix.com
15 pagesix.com pagesix.com
tagan.adlightning.com
12 adserver-us.adtech.advertising.com 8 redirects pagesix.com
12 fastlane.rubiconproject.com us.tags.newscgp.com
11 use.typekit.net pagesix.com
use.typekit.net
10 securepubads.g.doubleclick.net tagan.adlightning.com
securepubads.g.doubleclick.net
pagesix.com
10 www.googletagservices.com pagesix.com
tagan.adlightning.com
securepubads.g.doubleclick.net
9 www.clicktripz.com static.clicktripz.com
sn1.clicktripz.com
tagan.adlightning.com
pagesix.com
9 pixel.quantserve.com 1 redirects tagan.adlightning.com
9 nyppagesix.files.wordpress.com pagesix.com
8 www.google.com 1 redirects pagesix.com
tagan.adlightning.com
7 cdn.cookielaw.org pagesix.com
cdn.cookielaw.org
6 widgets.outbrain.com pagesix.com
tagan.adlightning.com
widgets.outbrain.com
5 video.unrulymedia.com pagesix.com
video.unrulymedia.com
ajax.googleapis.com
tagan.adlightning.com
4 mcdp-chidc2.outbrain.com widgets.outbrain.com
4 cdn.keywee.co 1 redirects pagesix.com
tagan.adlightning.com
cdn.keywee.co
4 ib.adnxs.com 1 redirects us.tags.newscgp.com
pagesix.com
4 r.skimresources.com 1 redirects pagesix.com
s.skimresources.com
4 www.google-analytics.com 1 redirects pagesix.com
www.google-analytics.com
3 www.facebook.com pagesix.com
connect.facebook.net
3 connect.facebook.net cdn.keywee.co
connect.facebook.net
3 sb.scorecardresearch.com 1 redirects pagesix.com
www.googletagmanager.com
3 img1.zergnet.com pagesix.com
3 img5.zergnet.com pagesix.com
3 pixel.wp.com pagesix.com
3 stats3.unrulymedia.com pagesix.com
3 t.skimresources.com pagesix.com
s.skimresources.com
3 us.tags.newscgp.com pagesix.com
tagan.adlightning.com
3 c.amazon-adsystem.com pagesix.com
c.amazon-adsystem.com
2 thenypost.files.wordpress.com
2 mydmp.exelator.com 1 redirects
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 tag.pprl.io cdn.pprl.io
pagesix.com
2 sn1.clicktripz.com tagan.adlightning.com
2 pixel.advertising.com pagesix.com
2 eu-u.openx.net 1 redirects us.tags.newscgp.com
2 static.criteo.net us.tags.newscgp.com
static.criteo.net
2 www.i.matheranalytics.com pagesix.com
2 us.pixel.newscgp.com pagesix.com
2 beacon.krxd.net pagesix.com
cdn.krxd.net
2 srv-2020-05-15-05.pixel.parsely.com tagan.adlightning.com
pagesix.com
2 b-code.liadm.com www.googletagmanager.com
tagan.adlightning.com
2 js.matheranalytics.com 1 redirects pagesix.com
2 img2.zergnet.com pagesix.com
2 odb.outbrain.com tagan.adlightning.com
2 as-sec.casalemedia.com us.tags.newscgp.com
2 assets.bounceexchange.com tagan.adlightning.com
2 aax-eu.amazon-adsystem.com 1 redirects tagan.adlightning.com
2 match.adsrvr.org us.tags.newscgp.com
pagesix.com
2 log.outbrainimg.com widgets.outbrain.com
2 fpn.flipboard.com 1 redirects pagesix.com
2 p.skimresources.com pagesix.com
2 www.zergnet.com pagesix.com
tagan.adlightning.com
2 www.google.de pagesix.com
2 platform.twitter.com pagesix.com
tagan.adlightning.com
2 geolocation.onetrust.com cdn.cookielaw.org
1 load77.exelator.com
1 api.bounceexchange.com tagan.adlightning.com
1 us.audience.newscgp.com us.tags.newscgp.com
1 i.liadm.com tagan.adlightning.com
1 aol-match.dotomi.com pagesix.com
1 eus.rubiconproject.com us.tags.newscgp.com
1 acdn.adnxs.com us.tags.newscgp.com
1 rules.quantcount.com secure.quantserve.com
1 fubotv.pxf.io d.impactradius-event.com
1 geo.moatads.com z.moatads.com
1 pixel.keywee.co pagesix.com
1 66c76e7a351bcebf588a01117b97b87b.safeframe.googlesyndication.com tagan.adlightning.com
1 consumer.krxd.net cdn.krxd.net
1 mv.outbrain.com tagan.adlightning.com
1 rp4.liadm.com pagesix.com
1 rp.liadm.com 1 redirects
1 tags.knewz.com tagan.adlightning.com
1 tags.decider.com tagan.adlightning.com
1 tags.nypost.com tagan.adlightning.com
1 tags.wsj.com tagan.adlightning.com
1 tags.marketwatch.com tagan.adlightning.com
1 tags.mansionglobal.com tagan.adlightning.com
1 tags.barrons.com tagan.adlightning.com
1 tags.realtor.com tagan.adlightning.com
1 www.ncaudienceexchange.com tagan.adlightning.com
1 log.ncaudienceexchange.com us.tags.newscgp.com
1 rb.adnxs.com us.tags.newscgp.com
1 idsync.rlcdn.com pagesix.com
1 tags.bluekai.com pagesix.com
1 secure.quantserve.com us.tags.newscgp.com
1 cdn.pprl.io us.tags.newscgp.com
1 d.impactradius-event.com pagesix.com
1 cdn.exelator.com tagan.adlightning.com
1 z-na.associates-amazon.com www.googletagmanager.com
1 ssum-sec.casalemedia.com www.googletagmanager.com
1 static.clicktripz.com pagesix.com
1 img4.zergnet.com pagesix.com
1 cdn.parsely.com tagan.adlightning.com
1 p.typekit.net pagesix.com
1 bidder.criteo.com us.tags.newscgp.com
1 prebid.media.net us.tags.newscgp.com
1 nypost-d.openx.net us.tags.newscgp.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 zephr.pagesix.com s0.wp.com
1 googleads.g.doubleclick.net tagan.adlightning.com
1 logx.optimizely.com cdn.optimizely.com
1 ithinkthereforeiam.net pagesix.com
1 d1z2jf7jlzjs58.cloudfront.net tagan.adlightning.com
1 www.googletagmanager.com pagesix.com
1 adservice.google.com tagan.adlightning.com
1 adservice.google.de tagan.adlightning.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 ajax.googleapis.com video.unrulymedia.com
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com pagesix.com
1 stats.wp.com pagesix.com
1 cdn.flipboard.com pagesix.com
1 tag.bounceexchange.com pagesix.com
1 segment-data.zqtk.net pagesix.com
1 aswpsdkus.com pagesix.com
1 cdn.speedcurve.com pagesix.com
1 native.sharethrough.com pagesix.com
1 imasdk.googleapis.com pagesix.com
1 s3.amazonaws.com pagesix.com
1 s.skimresources.com pagesix.com
1 r-login.wordpress.com pagesix.com
1 cdn.optimizely.com pagesix.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
0 quantcount.com Failed secure.quantserve.com
0 mid.rkdms.com Failed us.tags.newscgp.com
0 api.rlcdn.com Failed us.tags.newscgp.com
388 133
Subject Issuer Validity Valid
pagesix.com
Let's Encrypt Authority X3		 2020-04-27 -
2020-07-26		 3 months crt.sh
sni9451gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2021-05-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2018-03-12 -
2020-06-14		 2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
*.wordpress.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-06 -
2020-09-05		 2 years crt.sh
us.tags.newscgp.com
Amazon		 2020-04-03 -
2021-05-03		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2018-09-13 -
2020-10-07		 2 years crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.sharethrough.com
Amazon		 2019-10-07 -
2020-11-07		 a year crt.sh
*.adlightning.com
Amazon		 2019-08-19 -
2020-09-19		 a year crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-01-14		 2 years crt.sh
*.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2017-08-30 -
2020-11-27		 3 years crt.sh
a3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-04 -
2021-05-05		 a year crt.sh
aswpsdkus.com
DigiCert SHA2 Secure Server CA		 2020-02-03 -
2022-02-07		 2 years crt.sh
*.zqtk.net
COMODO RSA Domain Validation Secure Server CA		 2018-08-09 -
2020-08-24		 2 years crt.sh
tag.bounceexchange.com
Let's Encrypt Authority X3		 2020-05-10 -
2020-08-08		 3 months crt.sh
*.flipboard.com
DigiCert SHA2 High Assurance Server CA		 2019-11-02 -
2021-11-15		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
www.zergnet.com
Go Daddy Secure Certificate Authority - G2		 2019-05-24 -
2021-07-13		 2 years crt.sh
*.outbrainimg.com
DigiCert Secure Site ECC CA-1		 2020-03-26 -
2021-06-25		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
ithinkthereforeiam.net
Amazon		 2020-04-16 -
2021-05-16		 a year crt.sh
logx.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-10-01 -
2020-10-05		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh
*.pagesix.com
Amazon		 2019-06-21 -
2020-07-21		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2019-09-18 -
2020-08-26		 a year crt.sh
bounceexchange.com
CloudFlare Inc ECC CA-2		 2020-04-30 -
2020-10-09		 5 months crt.sh
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA		 2019-10-04 -
2021-10-07		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adtech.advertising.com
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2020-02-25 -
2021-05-26		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-03-30 -
2020-06-28		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-22 -
2021-04-23		 a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.parsely.com
Amazon		 2019-08-30 -
2020-09-30		 a year crt.sh
*.zergnet.com
Amazon		 2020-04-26 -
2021-05-26		 a year crt.sh
cdn.krxd.net
DigiCert SHA2 Secure Server CA		 2020-03-05 -
2021-03-06		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-04 -
2021-04-03		 2 years crt.sh
*.clicktripz.com
Amazon		 2020-02-13 -
2021-03-13		 a year crt.sh
b-code.liadm.com
DigiCert SHA2 Secure Server CA		 2019-05-17 -
2020-08-15		 a year crt.sh
z-na.associates-amazon.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
cdn.exelator.com
Amazon		 2020-02-10 -
2021-03-10		 a year crt.sh
*.keywee.co
COMODO RSA Domain Validation Secure Server CA		 2017-07-31 -
2020-08-06		 3 years crt.sh
*.impactradius-event.com
COMODO RSA Domain Validation Secure Server CA		 2019-01-08 -
2021-01-20		 2 years crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
*.pixel.parsely.com
Let's Encrypt Authority X3		 2020-04-01 -
2020-06-30		 3 months crt.sh
*.pprl.io
Amazon		 2019-08-02 -
2020-09-02		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-04-14 -
2021-04-10		 a year crt.sh
beacon.krxd.net
DigiCert SHA2 Secure Server CA		 2020-01-30 -
2021-01-30		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh
us.pixel.newscgp.com
Amazon		 2019-08-07 -
2020-09-07		 a year crt.sh
log.ncaudienceexchange.com
GTS CA 1D2		 2020-04-05 -
2020-07-04		 3 months crt.sh
ncaudienceexchange.com
Amazon		 2019-10-14 -
2020-11-14		 a year crt.sh
tags.knewz.com
Amazon		 2020-02-09 -
2021-03-09		 a year crt.sh
*.liadm.com
Amazon		 2020-01-17 -
2021-02-17		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
consumer.krxd.net
DigiCert SHA2 Secure Server CA		 2020-03-26 -
2021-03-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.moatads.com
DigiCert SHA2 Secure Server CA		 2019-03-12 -
2021-06-10		 2 years crt.sh
*.pxf.io
Sectigo RSA Domain Validation Secure Server CA		 2019-07-24 -
2021-07-23		 2 years crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-03-30 -
2020-06-28		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
www.clicktripz.com
Let's Encrypt Authority X3		 2020-04-27 -
2020-07-26		 3 months crt.sh
us.audience.newscgp.com
Amazon		 2019-07-24 -
2020-08-24		 a year crt.sh
api.bounceexchange.com
GTS CA 1D2		 2020-05-03 -
2020-08-01		 3 months crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3		 2020-03-31 -
2020-06-29		 3 months crt.sh

This page contains 43 frames:

Primary Page: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Frame ID: 05C0DBDE4C8A0646C26618F4AC323C1D
Requests: 261 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4787535666169376
Frame ID: 59F561868DB1163AB62D147CEF14F868
Requests: 1 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1653-0-g38b0fdf.js
Frame ID: 622C1B02C5D62C2A2F9C8A5469E147A2
Requests: 6 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: D72B6199DD3C88315B1C31B0CFB00FAE
Requests: 1 HTTP requests in this frame

Frame: https://ithinkthereforeiam.net/f/3eJyrVspUslJQMjQxNFTSUVAqB3EKEtNTizMr9JLzc0FiJSCxNKVaAOmzCxY===/1411.html
Frame ID: 5CA0CA3C839D2EFDC6195E366AC404A8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Fpagesix.com
Frame ID: D014407F917C29B1BFE0BC25778FCE1E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_ppt_oath_3lift&dcc=t
Frame ID: A227572EEFDB7CEA67F75D1D540B5DA0
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame15.min.html
Frame ID: 0CC2E6E511732BC6B7E14807F679C039
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F8DD23090CCBA262103AC04D4645A76A
Requests: 1 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1653-0-g38b0fdf&siteId=622642
Frame ID: D8416F81AAAEABC4D336CA6C748C9052
Requests: 1 HTTP requests in this frame

Frame: https://us.tags.newscgp.com/prod/ncg/cookie.html
Frame ID: 0F89361AAD54FAAF165A4E5B2780A1E2
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 371BB68D4BC0FD0EA54BEACFD8C1AB49
Requests: 1 HTTP requests in this frame

Frame: https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Frame ID: 04E0CAFD9A3DB3D6A5BEE0E614E6A352
Requests: 1 HTTP requests in this frame

Frame: https://tags.realtor.com/prod/ncg/cookie.html
Frame ID: 891CD84C5FDF24D1BCC4EB946CEDB5D5
Requests: 1 HTTP requests in this frame

Frame: https://tags.barrons.com/prod/ncg/cookie.html
Frame ID: 80D862430646857D0AEE3F7564176910
Requests: 1 HTTP requests in this frame

Frame: https://tags.mansionglobal.com/prod/ncg/cookie.html
Frame ID: 656EEEF438DF6495F710CCAE6FF0E983
Requests: 1 HTTP requests in this frame

Frame: https://tags.marketwatch.com/prod/ncg/cookie.html
Frame ID: FD484B0653553DD3248062430C4F6178
Requests: 1 HTTP requests in this frame

Frame: https://tags.wsj.com/prod/ncg/cookie.html
Frame ID: 640ECA03B2C06D7DB0E0EFFEF2B68988
Requests: 1 HTTP requests in this frame

Frame: https://tags.nypost.com/prod/ncg/cookie.html
Frame ID: 11BC42248CC94BFB06B4667AA1762A30
Requests: 1 HTTP requests in this frame

Frame: https://tags.decider.com/prod/ncg/cookie.html
Frame ID: 5D3CFD88FAFC559CB4948F54B5CAA46A
Requests: 1 HTTP requests in this frame

Frame: https://tags.knewz.com/prod/ncg/cookie.html
Frame ID: AE3B12EF9F7D0074064D5E8A72391B00
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 55933119080BB4DB9C372D47F55E28C5
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: 9F2AD32BB483CB48F31DC3018C69A5BB
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: BC0BCFC8D551F49F82CEE113778CDD02
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: D8626B2AB6DFAEA59CB2C949E71C9DC9
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: 6117C93EF782BE028C4BE67499B1CD90
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: 16E77BD25006084D3BD59E4DE6453A09
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: 703315CE6FFC905F57241BBFA15E9B58
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: A87859C4BC989D836915B07FFDE06689
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Frame ID: 8277CEC12BB2C9B110240F2FC84114F5
Requests: 13 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: C51FA8D75E31852B53A122EFDBC9692C
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: BA14621B642AE6BE9ABEBC5BB12C46AC
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: 97AC0C8C6318577954EE75A8B3ED5C6F
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: C36FD8C85D0BD979792201ED77803B0F
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: 1B0091E1BEAFFC166AC74EE997D67556
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: 2BD87F7CCA4F216B5DDEC175A83FDB21
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: DE888F477A85E446F5BEB7A9113009CD
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/serviceworker/index.html
Frame ID: C14E3A989C1B743F8318D55D0ABC65AA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 55C7B54D3EDA7960D4ABD887013395D1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1---
Frame ID: 84EF8520E37E2E675642D5CE39A0DC2A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: F16D2ABF43D3C9266BCA5BC32958CB20
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=a-01qt--47b30650-e36e-4106-8d73-d791a5c4905f&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 8A3CC8C00A942E050607C41666459B7C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 699B58B82168CC48AFDDCDA8990879E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

388
Requests

99 %
HTTPS

27 %
IPv6

74
Domains

133
Subdomains

113
IPs

10
Countries

5171 kB
Transfer

13945 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=547361830&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&ul=en-us&de=UTF-8&dt=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Performance%20Metrics&ea=First%20Contentful%20Paint&el=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&ev=742&_u=KGBACEABBAQC~&jid=1662582988&gjid=2063381158&cid=80458405.1589521608&tid=UA-3922003-6&_gid=915832077.1589521608&_r=1&z=208153713 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_gid=915832077.1589521608&gjid=2063381158&_v=j82&z=208153713 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_v=j82&z=208153713 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_v=j82&z=208153713&slf_rd=1&random=359942384
Request Chain 84
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01E8BDXW6EQ51TGAKSJBYMX6R2&persistence=1&checksum=523b5943b4652dfb53b595984aa394b6ca5446c667d607d1035f2ada30bf0650
Request Chain 91
  • https://fpn.flipboard.com/pix/__fpn.gif?utm_source=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F HTTP 307
  • https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttps%25253A%25252F%25252Fpagesix.com%25252F2020%25252F05%25252F14%25252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%25252F&rh=https%253A%252F%252Fpagesix.com%252F2020%252F05%252F14%252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%252F
Request Chain 124
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_ppt_oath_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_ppt_oath_3lift&dcc=t
Request Chain 132
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1---; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1--- HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;apid=1A78c7a046-966f-11ea-9f37-12244f280cb6;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1---
Request Chain 133
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1---; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1--- HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;apid=1A78edc168-966f-11ea-8b8f-1256e9c0edc4;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1---
Request Chain 134
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1---; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1--- HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;apid=1A78c73c5a-966f-11ea-8110-1215cb940d7a;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1---
Request Chain 135
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1---; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1--- HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;apid=1A78c7445c-966f-11ea-888b-1283af18fee8;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1---
Request Chain 170
  • https://js.matheranalytics.com/s/ma50638/961919700/ml.js?cb=1533 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma50638/961919700/4/ml.br.js
Request Chain 176
  • https://cdn.keywee.co/dist/analytics.min.js HTTP 301
  • https://cdn.keywee.co/dist/analytics-1.5.0.min.js
Request Chain 178
  • https://sb.scorecardresearch.com/b?c1=2&c2=6390601&ns__t=1589521609944&ns_c=UTF-8&c8=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&c7=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&ns__t=1589521609944&ns_c=UTF-8&c8=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&c7=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&c9=
Request Chain 188
  • https://ib.adnxs.com/mapuid?member=7239&user=3f485834-c1d1-4c4e-897d-e51afe743113 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D7239%26user%3D3f485834-c1d1-4c4e-897d-e51afe743113
Request Chain 219
  • https://rp.liadm.com/p?tna=v1.1.1&aid=a-01qt&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&lduid=a-01qt--47b30650-e36e-4106-8d73-d791a5c4905f&duid=aa5d4a657ed8--01e8bdxxjjg16k5t50pactcbb7&se=e30&dtstmp=1589521610469 HTTP 302
  • https://rp4.liadm.com/p?tna=v1.1.1&aid=a-01qt&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&lduid=a-01qt--47b30650-e36e-4106-8d73-d791a5c4905f&duid=aa5d4a657ed8--01e8bdxxjjg16k5t50pactcbb7&se=e30&dtstmp=1589521610469&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Request Chain 368
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1--- HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1---
Request Chain 371
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7TW6nuozu5_1MunK4WD1nuBnu8L1Yb3C7WIHS3E8
Request Chain 398
  • https://mydmp.exelator.com/load/?p=1365&g=2&j=d&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rurl=&0-event=OneTrustLoaded&0-OnetrustActiveGroups=%2C%2C&0-gtm.uniqueEventId=0&1-event=OptanonLoaded&1-OptanonActiveGroups=%2C%2C&1-gtm.uniqueEventId=1&2-pagename=%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&2-page_type=article&2-byline=Emily%20Smith&2-tags=donald%20trump%2Chackers%2Clawyers&2-section=page-six&2-article_title=Law%20firm%20hackers%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&2-publish_date=2020%2F05%2F14&2-date=2020-05-14T20%3A43%3A09-04%3A00&2-publish_time=20%3A43%3A09&2-article_update_date_time=2020-05-14T22%3A22%3A52-04%3A00&2-post_id=5254311&2-primary_tag=hackers&2-word_count=731&2-article_type=column&2-stat_tag=enable&3-event=OneTrustLoaded&3-OnetrustActiveGroups=%2CC0012%2CC0013%2CC0017%2C&3-gtm.uniqueEventId=2&4-event=OptanonLoaded&4-OptanonActiveGroups=%2CC0012%2CC0013%2CC0017%2C&4-gtm.uniqueEventId=3&5-gtm.start=1589521609233&5-event=gtm.js&5-gtm.uniqueEventId=4&6-event=gtm.dom&6-gtm.uniqueEventId=6&push=function()%7Bvar%20d%3Bif(0%3Cld.SANDBOXED_JS_SEMAPHORE)%7Bd%3D%5B%5D%3Bfor(var%20e%3D0%3Be%3Carguments.length%3Be%2B%2B)d%5Be%5D%3Dnew%20Qj(arguments%5Be%5D)%7Delse%20d%3D%5B%5D.slice.call(arguments%2C0)%3Bvar%20f%3Dc.apply(a%2Cd)%3BRj.push.apply(Rj%2Cd)%3Bif(300%3C%0Athis.length)for(J(%22GTM%22%2C4)%3B300%3Cthis.length%3B)this.shift()%3Bvar%20h%3D%22boolean%22!%3D%3Dtypeof%20f%7C%7Cf%3Breturn%20Xj()%26%26h%7D&isTrusted=true HTTP 302
  • https://mydmp.exelator.com/load/?p=1365&g=2&j=d&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rurl=&0-event=OneTrustLoaded&0-OnetrustActiveGroups=%2C%2C&0-gtm.uniqueEventId=0&1-event=OptanonLoaded&1-OptanonActiveGroups=%2C%2C&1-gtm.uniqueEventId=1&2-pagename=%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&2-page_type=article&2-byline=Emily%20Smith&2-tags=donald%20trump%2Chackers%2Clawyers&2-section=page-six&2-article_title=Law%20firm%20hackers%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&2-publish_date=2020%2F05%2F14&2-date=2020-05-14T20%3A43%3A09-04%3A00&2-publish_time=20%3A43%3A09&2-article_update_date_time=2020-05-14T22%3A22%3A52-04%3A00&2-post_id=5254311&2-primary_tag=hackers&2-word_count=731&2-article_type=column&2-stat_tag=enable&3-event=OneTrustLoaded&3-OnetrustActiveGroups=%2CC0012%2CC0013%2CC0017%2C&3-gtm.uniqueEventId=2&4-event=OptanonLoaded&4-OptanonActiveGroups=%2CC0012%2CC0013%2CC0017%2C&4-gtm.uniqueEventId=3&5-gtm.start=1589521609233&5-event=gtm.js&5-gtm.uniqueEventId=4&6-event=gtm.dom&6-gtm.uniqueEventId=6&push=function()%7Bvar%20d%3Bif(0%3Cld.SANDBOXED_JS_SEMAPHORE)%7Bd%3D%5B%5D%3Bfor(var%20e%3D0%3Be%3Carguments.length%3Be%2B%2B)d%5Be%5D%3Dnew%20Qj(arguments%5Be%5D)%7Delse%20d%3D%5B%5D.slice.call(arguments%2C0)%3Bvar%20f%3Dc.apply(a%2Cd)%3BRj.push.apply(Rj%2Cd)%3Bif(300%3C%0Athis.length)for(J(%22GTM%22%2C4)%3B300%3Cthis.length%3B)this.shift()%3Bvar%20h%3D%22boolean%22!%3D%3Dtypeof%20f%7C%7Cf%3Breturn%20Xj()%26%26h%7D&isTrusted=true&xl8blockcheck=1

388 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/ 		219 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c81a65e7c233d7f9a97b4928801bd8bb3db044ec02e2e95b1219da54cfe74704
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.nypost.com *.decider.com *.pagesix.com http://www.stumbleupon.com https://www.stumbleupon.com
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pagesix.com
:scheme
https
:path
/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 15 May 2020 05:46:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Cookie
last-modified
Fri, 15 May 2020 05:42:47 GMT
cache-control
max-age=60, must-revalidate
x-nananana
Batcache
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-content-type-options
nosniff
x-xss-protection
1; mode=block
link
<https://wp.me/p3Q98K-m2SX>; rel=shortlink
content-security-policy
frame-ancestors *.nypost.com *.decider.com *.pagesix.com http://www.stumbleupon.com https://www.stumbleupon.com
content-encoding
gzip
x-ac
4.ams _dfw
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE8) /
Resource Hash
8e00ebebe053ff93e139bab1a80ced2517b33572ab374ae641e0e1cfed58d8e0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 May 2020 05:46:47 GMT
content-encoding
gzip
content-md5
MLCyYvLxOnp9pmGzmbla0g==
age
5312
x-cache
HIT
status
200
content-length
3742
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 17:15:09 GMT
server
ECAcc (frc/8FE8)
etag
0x8D7F2AA325E9C9C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6e9dffc1-c01e-000f-356f-2a3510000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 15 May 2020 09:46:47 GMT
9810c803-87b3-4d47-bcc8-307209971fb7.json
cdn.cookielaw.org/consent/9810c803-87b3-4d47-bcc8-307209971fb7/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/9810c803-87b3-4d47-bcc8-307209971fb7/9810c803-87b3-4d47-bcc8-307209971fb7.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F29) /
Resource Hash
291a22604b10b26a12670ed8944ed0a475aebcfab4b87640a9c2678a70a684d6

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 May 2020 05:46:47 GMT
content-encoding
gzip
content-md5
ahm4VPU0/sW/SJejg92mXQ==
age
6758
x-cache
HIT
status
200
content-length
2161
x-ms-lease-status
unlocked
last-modified
Fri, 24 Jan 2020 23:42:00 GMT
server
ECAcc (frc/8F29)
etag
0x8D7A1270204C798
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dd82ae73-f01e-0007-156c-2a2e63000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 15 May 2020 09:46:47 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
3028
date
Fri, 15 May 2020 04:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 15 May 2020 06:56:19 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		101 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.176.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-176-82.ham50.r.cloudfront.net
Software
Server /
Resource Hash
b388addf9c8ba4bc2852132727bd9df68c99db7ca97d22fdb18ad2a426d02a5b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:38:16 GMT
content-encoding
gzip
server
Server
age
511
etag
06fa05e9082ab6150f8e415571b3ff6a
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
B1a5XlRaDpkBKrNE2Xl8oZSPZq5ws8rpR_3d_lcdjq8ckTPWwkrH7Q==
via
1.1 e783bb6c29f662cfdd94e8ac169d6a36.cloudfront.net (CloudFront)
publisher:getClientId
ampcid.google.com/v1/ 		74 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 May 2020 05:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pagesix.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/ 		326 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F13) /
Resource Hash
3c049ea432cb3c95043ef58d76b7635592b2a4cd8e0fb6ef5b4bd5cbef573923

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 May 2020 05:46:47 GMT
content-encoding
gzip
content-md5
q5TV2UTKwEiG982GRjoWWw==
age
7144
x-cache
HIT
status
200
content-length
80194
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 01:57:56 GMT
server
ECAcc (frc/8F13)
etag
0x8D79AF0AC276557
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c4b408f9-c01e-00ae-296b-2afb8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 15 May 2020 09:46:47 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pagesix.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		199 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5111a610ebc840dffe29c47d81d30a31f70ddf7d862e194658c1a1847b6cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
593a8f8228fbdfeb-FRA
cf-request-id
02b878055a0000dfeb432bd200000001
pagesix.css
s0.wp.com/wp-content/themes/vip/nypost-2016/static/css/ 		633 KB
108 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/themes/vip/nypost-2016/static/css/pagesix.css?ver=d933fa06de96b52a0283
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bf53bbbf913c52a215c78b84f05c0ed5f3bb2e89ef7e06d4c8c2d6746de25aea

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5e94a959-9e26a"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 14 May 2021 14:45:12 GMT
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2C) /
Resource Hash
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
content-md5
mHlk9fiiqYjvq2V+HtACPg==
age
7147
x-cache
HIT
status
200
content-length
5609
x-ms-lease-status
unlocked
last-modified
Thu, 16 Apr 2020 21:14:53 GMT
server
ECAcc (frc/8F2C)
etag
0x8D7E24B34C5F89B
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7a079731-401e-0138-696b-2adfea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
expires
Fri, 15 May 2020 09:46:48 GMT
uel0ekt.js
use.typekit.net/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/uel0ekt.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
b8d298fefa44c5df8dc4393e75dfb77fcc5353058d98a25ec962fd4bc0732a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Fri, 15 May 2020 05:46:48 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7738
2289930227.js
cdn.optimizely.com/js/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/2289930227.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:284::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a6a159d0b96f83b9195ee0c180028046b180d048cee4a30619d488df8cb166b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
.KZLMKAyCrg.nG_Vcm7ZvfwcR9R3RE3U
content-encoding
gzip
etag
"373ae0d574e801d77b8024520745bbfa"
x-amz-request-id
10E90471A97211ED
status
200
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:284::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
87370
x-amz-id-2
0ks3n5Z1nGPoaLzRibjKmepSV+/JaHdNHDZdulFhZDapuGKRyJ0KLzmRsOdMzVHUyJp72dt5mSM=
last-modified
Thu, 23 Jan 2020 17:29:15 GMT
server
AmazonS3
date
Fri, 15 May 2020 05:46:48 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=300
x-amz-meta-revision
2065
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
remote-login.php
r-login.wordpress.com/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r-login.wordpress.com/remote-login.php?action=js&host=pagesix.com&id=56757202&t=1589521367&back=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.18 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
content-length
0
vary
Cookie
content-type
text/javascript
/
s0.wp.com/_static/ 		98 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??-eJx9kF1OxDAMhC9E1kIL1fKAOEuamtTg/Ch2VXp73C0CLaC8JB5rvowdWKsLJStmhbS4ykukLLDWUJKTRIzbL3UKInfWcpQDLxMKWAMmEoWRS3h3TGPzbQPRjfGUKH8T/wSF0tD6qXrdHQkn8siYzNbDVpoi6hF91E7xo49clxjH2lDE2ZloSU5ny5IeF7E428srlXwj3Ct7aj20of1ItDJeB/2RPagW0eNpkNm3Hf66e5SUQJ5ttlhuxR/o2BjmB4hcRs+74SU93z9ens7DcDkPb5+Wb8f2?cssminify=yes
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bcd59b0a6e0b66cc74c40c5cceb90d86b939e051f98b16d9f68906b355491eb1

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2020 10:47:29 GMT
server
nginx
etag
W/"5ebbd041-1896a"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Thu, 13 May 2021 10:48:40 GMT
jquery.js
s0.wp.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-includes/js/jquery/jquery.js?m=1558356653h&ver=1.12.4-wp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5ce2a2b4-17a69"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Tue, 19 May 2020 12:51:07 GMT
jquery-migrate.min.js
s0.wp.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-includes/js/jquery/jquery-migrate.min.js?m=1466523978h&ver=1.4.1
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"586742ff-2748"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Wed, 03 Feb 2021 04:35:50 GMT
postmessage.js
s0.wp.com/wp-content/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/postmessage.js?m=1366211380h&ver=5.4.1
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8de21e093d76131bac32bc6919fece4c9a2e3b31bc1def2c8c0f38ba7bf61065

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"57391258-4c9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 30 Apr 2021 13:00:21 GMT
mobile-useragent-info.js
s0.wp.com/wp-content/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/mobile-useragent-info.js?m=1368567117h&ver=5.4.1
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
448edd17d85b0f45d04d16bdd64bcab8ffc962e1dd2183f0e817f2ec42eef4be

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5c32dc59-4802"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 30 Apr 2021 13:00:20 GMT
pb.js
us.tags.newscgp.com/prod/prebid/nyp/ 		646 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3970aab49c74ed2fb5352c84556a6165defc2a84a63b8a73306e50ca751866e0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 04:50:11 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 14 May 2020 16:59:27 GMT
Server
AmazonS3
Age
3398
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
RCeQZi1xIZ3lj9rcCMKyTOaLpRutvyXvklJbIuY7-RIuxU4P4IOfIQ==
93051X1547100.skimlinks.js
s.skimresources.com/js/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/93051X1547100.skimlinks.js?ver=1.0.0
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45030f99806ac885ab8756f55735acd0f479ee65c1aa210c4ceda892c91f716c

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2020 14:13:13 GMT
server
AmazonS3
x-amz-request-id
BE129C8078798D7D
etag
"c5ddc3239baeda04a31a0d6def22641d"
x-hw
1589521608.cds017.pa1.hn,1589521608.cds020.pa1.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
21660
x-amz-id-2
2KLLXFuGCqFyWgIzYgmtHzp44UF37eMQIht/VL7d7Z4frTvxg1X4OeeQO17IFTCx3UfKgCUCsYM=
global.bundle.js
s0.wp.com/wp-content/themes/vip/nypost-2016/static/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/themes/vip/nypost-2016/static/js/global.bundle.js?m=1589466143h&ver=d933fa06de96b52a0283
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
785f3ef00be32c3b3188de1f0a3e3dc3b14d6bbf88ba20097cadaf7898cda4ad

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5ebd5940-13bb3"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 14 May 2021 14:44:34 GMT
pagesix.bundle.js
s0.wp.com/wp-content/themes/vip/nypost-2016/static/js/ 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/themes/vip/nypost-2016/static/js/pagesix.bundle.js?m=1589466143h&ver=d933fa06de96b52a0283
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3e5d06096b4612a3cb702db467ff419c701dc056ccd8a387e10b50c43b63220f

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5ebd5940-1f95b"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 14 May 2021 14:45:10 GMT
outbrain.js
widgets.outbrain.com/ 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c76f21a6832b16e5f44c38c837beaf51cc05ba7dfa2ba9d35212b4cfbb4b8311

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
edge-cache-tag
widget-cheetah
status
200
content-length
46098
last-modified
Thu, 14 May 2020 14:29:01 GMT
etag
W/"21fcf-eLNUebyZaShW6jm+wCYgV6XtsOk"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
timing-allow-origin
*
akamai-age-ms
1589505965087
expires
Fri, 15 May 2020 09:46:48 GMT
668b356cfb437d97529b93beadcab6da39d6fc6e-v3.js
s3.amazonaws.com/maropost/uploads/755/websites/60/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/maropost/uploads/755/websites/60/668b356cfb437d97529b93beadcab6da39d6fc6e-v3.js?ver=1.0.0
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.165.93 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
909b1219d6b903a465954b46cf6a3776c787e693e15c8923bc3c07ff8f1c1a7f

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:49 GMT
Last-Modified
Thu, 17 Aug 2017 09:19:39 GMT
Server
AmazonS3
x-amz-request-id
B7D6332AE22D07EB
ETag
"c4a5284f528b1ad7c16847ac55f41fc5"
Content-Type
Accept-Ranges
bytes
Content-Length
2308
x-amz-id-2
067Z/2ZDl8qiUABtWixk1OheflG9yu/v3/uJHunf2RyyN0hfCt5igf26Jjl8O/ZsfJOjZkL/W2c=
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		264 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21eecef24071930fe32a70e72af2a611f8fe2f97ab49b997eb720ead5ed7bbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91718
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:48 GMT
sfp.js
native.sharethrough.com/assets/ 		422 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-59.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73531244dfaaf087694392ec070a281073c940e972e7fa5fd32b31474c464eea

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:09:36 GMT
content-encoding
gzip
age
2233
x-cache
Hit from cloudfront
status
200
x-amz-request-id
9E6EFBDED2D293ED
x-amz-id-2
wBx+9Nf4jb09zOCrlid4/2ackzu1kyoNQIHSS/5vpO877O+o0f70qYNBvZ3U6Lp94WZvcS5pqFI=
last-modified
Thu, 14 May 2020 21:09:29 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
GHAOCuV9PC5j_oEEWeEqfsQ7t-1ra_eGcpZ0wGKeVaqIj-REZ5Zdrw==
expires
Thu, 14 May 2020 22:09:28 GMT
op.js
tagan.adlightning.com/nc-nypost/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/op.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaeba89832a1bc5010ba4ac8545b0fb25f7155c70de41f7636e9cf1c32d83f1a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
vuvrcBD7DRoUCMPp2ft5XgKA8ElQYTHm
content-encoding
gzip
etag
"c5a1e1a861ff77db89f2737c09a1410d"
age
673
x-cache
Hit from cloudfront
status
200
content-length
12157
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 13 May 2020 15:56:51 GMT
server
AmazonS3
date
Fri, 15 May 2020 05:35:36 GMT
content-type
application/javascript
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
x-amz-cf-id
DvwPP1pqzs_S-6wxPEaeAACUXjvxFojET0JUeyYBnKIeh0tjvou3ig==
hackers-donald-trump.jpg
nyppagesix.files.wordpress.com/2020/05/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2020/05/hackers-donald-trump.jpg?quality=90&strip=all&w=618&h=410&crop=1
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
428eed2d035e4ed74a1c37e95c7055ac05e7b2e2fac779d08860b9b4e2a3d849

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Fri, 15 May 2020 00:36:25 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
38488
expires
Sun, 07 Jun 2020 11:58:51 GMT
native-loader.js
video.unrulymedia.com/native/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.191.194 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-194.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1857417dd8069bdb809a63088d95bf7a2e6e3358ec6dadfad7bcdfaa011a9cdb

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:40:31 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Fri, 14 May 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 14 May 2020 16:18:49 GMT
server
AmazonS3
age
378
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=600
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
AzIkm5UZ9ZOwvmArXegkS5YeglSBB5kNMFathOxlnBpxkldSewlyeg==
via
1.1 f2bfcb0e5eaa96cb4b9aaa38ccd55547.cloudfront.net (CloudFront)
lux.js
cdn.speedcurve.com/js/ 		252 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=263325431
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
c03eb721eafef22314905d83ff28cd71aca06ad39bc27e7341f538643af41365
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
age
34876
x-cache
HIT
status
200
content-length
182
x-served-by
cache-hhn4026-HHN
access-control-allow-origin
*
last-modified
Thu, 14 May 2020 20:05:32 GMT
server
Apache
x-timer
S1589521608.389261,VS0,VE0
date
Fri, 15 May 2020 05:46:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 21 May 2020 20:05:32 GMT
cache-control
max-age=604800
x-ua-compatible
IE=edge
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
170
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		197 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743ea2048b4da842bd6fe6626a5513bbc0629af7ef8347b63f02b429cec06ba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
593a8f83fd1cdfeb-FRA
cf-request-id
02b87806780000dfeb432cf200000001
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.176.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-176-82.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 00:15:13 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
19896
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 09 Apr 2020 23:46:54 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 8425e6875af3862b0f8a816b9812f408.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
ccPNF9NMKNTadQwQ2yX65SQmWuM1AHtcOnA0_dVNYEvShXgDIm6LKg==
en.json
cdn.cookielaw.org/consent/9810c803-87b3-4d47-bcc8-307209971fb7/ef918e97-58e1-45b2-b687-a32a8297cfb1/ 		23 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/9810c803-87b3-4d47-bcc8-307209971fb7/ef918e97-58e1-45b2-b687-a32a8297cfb1/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD5) /
Resource Hash
2c51436bc3b172d5e952adaa84eadd928fc90de0a7444d758ed11d85e20cd4fc

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
content-md5
DKB/oh0XbxxXradNTwxQTg==
age
6701
x-cache
HIT
status
200
content-length
6587
x-ms-lease-status
unlocked
last-modified
Fri, 24 Jan 2020 23:42:02 GMT
server
ECAcc (frc/8FD5)
etag
0x8D7A12702E5DBC0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cb674b1a-301e-00d6-176c-2a933c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 15 May 2020 09:46:48 GMT
ua-sdk.min.js
aswpsdkus.com/notify/v1/ 		114 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.151 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
151.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6643e620d05195621f624a26a3fa707d29ba32f660d93a5faa9316c81601e0d9

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:43:05 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1588691027
age
223
x-guploader-uploadid
AAANsUn8-rKya6edMcvFLWv5F4RwPOEShnefOm3J4GBGOoRWPqlTJA0iQYnAAkRdLF1MwdRCoe9Ci87zhnPt_fwE0iNoKCACAA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24747
last-modified
Tue, 05 May 2020 15:03:49 GMT
server
UploadServer
etag
"cd7fd4b60de5c9f6afc0818f8102343c"
vary
Accept-Encoding
x-goog-hash
crc32c=Cyz1YA==, md5=zX/Utg3lyfavwIGPgQI0PA==
x-goog-generation
1588691029288135
cache-control
public, max-age=300
x-goog-stored-content-length
24747
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 15 May 2020 05:48:05 GMT
newscorpjs-1f38g3
segment-data.zqtk.net/ 		176 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/newscorpjs-1f38g3?url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.103.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-103-69.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a56dd58d49ba48da9a4f8a199b9408db62edd26f9686869075d68a42296eb539

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:48 GMT
Expires
Sun, 17 May 2020 00:43:37 GMT
Last-Modified
Fri, 15 May 2020 00:43:37 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
176
Content-Type
application/javascript; charset=UTF-8
wp-emoji-release.min.js
s0.wp.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1582709031h&ver=5.4.1
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5e563936-364d"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 30 Apr 2021 13:00:18 GMT
i.js
tag.bounceexchange.com/2130/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2130/i.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.156.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
205.156.107.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
09fe5c64711e319e9afeb75935195f6b98e9d2420a4b59305f5277722973baca

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:08 GMT
content-encoding
gzip
server
fasthttp
age
40
etag
0c9ca90de96f54
content-type
text/plain; charset=utf-8
status
200
cache-control
public, max-age=60
x-region
us-east4
alt-svc
clear
content-length
5070
via
1.1 google
flbuttons.min.js
cdn.flipboard.com/web/buttons/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2093:ac00:e:5a70:ca47:86e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e7ad8de87781f6ad65b36a7d3243b44d80dc182df6af076484a2bec85051550

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 23:31:39 GMT
content-encoding
gzip
last-modified
Wed, 11 Oct 2017 00:24:00 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:alee/gid:20/mode:33188/mtime:1507680760/atime:1507680783/md5:ec6e4306e5e274d25c4f9afde663da81/ctime:1507680760
age
22509
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
N-D8uN7n0UienQgGUn9jOzSSsdx5g56bXzi1tI_TLcHErW8Qd12ymQ==
via
1.1 e783bb6c29f662cfdd94e8ac169d6a36.cloudfront.net (CloudFront)
1x1-000000-0.png
s0.wp.com/wp-content/themes/vip/nypost-2016/static/images/ 		68 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.wp.com/wp-content/themes/vip/nypost-2016/static/images/1x1-000000-0.png
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
x-ac
3.ams _dfw
last-modified
Thu, 11 Apr 2019 19:39:29 GMT
server
nginx
etag
"5caf97f1-44"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68
expires
Sat, 10 Apr 2021 19:39:44 GMT
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343280
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
yfifspWjJQ-k6GuDGGpH0EcZwbPYD1gUPsZImPeaX8uQTxz9qhqqfw==
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136173
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
H0y6gXM8mabhisrLfNB-rxBfk5OI4W9oWUDoE9T_1qzlhm3CfwsXXg==
gpt.js
www.googletagservices.com/tag/js/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ad1dc3b2a55651a98caeccafddbd0db2469f2255c80064797b488d49df73daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"516 / 802 of 1000 / last-modified: 1589472768"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
14447
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:48 GMT
nypost-svg.svg
pagesix.com/wp-content/themes/vip/nypost-2016/static/images/ 		32 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/wp-content/themes/vip/nypost-2016/static/images/nypost-svg.svg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0f23e68d600294853f20f49f867d60cbe3258f2fc8a0ffa9c36dd1fc3a32adee

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
last-modified
Tue, 05 Feb 2019 20:21:10 GMT
server
nginx
status
200
etag
W/"5c59f036-8080"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.ams _dfw
expires
Sat, 15 May 2021 05:46:48 GMT
truncated
/ 		840 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bff41083bbc6e80116d25ea27234d5ccf4b7d6b6f1d121bf29dcdb949a7fa95d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		144 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b6734d324bce4596f3a5f2c1b941f4a0021fde1d6a1d121e9d9c6897992cc2e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
etag
"b5fef031a96fc670f9c3b1b64dd52243a29d7531"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
34344
l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
etag
"e7811049bfa1845589c42f0b31c9740a16cee93a"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
43068
otFlat.json
cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/ 		15 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F95) /
Resource Hash
c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
content-md5
vs/gsO9tV0OXmh/ItWBsNA==
age
7144
x-cache
HIT
status
200
content-length
2826
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 01:57:45 GMT
server
ECAcc (frc/8F95)
etag
0x8D79AF0A5AEE8BA
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1a0092d4-601e-0002-6a6b-2ada1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 15 May 2020 09:46:48 GMT
otPcPopup.json
cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/ 		68 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/otPcPopup.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD7) /
Resource Hash
e891f7c4f6d8bed7e8accd954579e237bce77dee93a2b8ec6179a1709dcc9f9b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
content-md5
jRtnVDHx2as2i5IDGALjIw==
age
7096
x-cache
HIT
status
200
content-length
12691
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 01:57:46 GMT
server
ECAcc (frc/8FD7)
etag
0x8D79AF0A6308D2E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d1faae6f-801e-0161-656b-2ada6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 15 May 2020 09:46:48 GMT
p6podcast402x.png
nyppagesix.files.wordpress.com/2019/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2019/09/p6podcast402x.png
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9d5f5ab50c7cbdf6e488e184b9ca3d3c1471c50ef6fc4198ae3d7929e3b2e5a7

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Mon, 16 Sep 2019 14:35:43 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/png
status
200
accept-ranges
bytes
content-length
2443
expires
Tue, 02 Jun 2020 03:49:06 GMT
we_hear_sidebarimage_520x280_v2.jpg
nyppagesix.files.wordpress.com/2019/09/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2019/09/we_hear_sidebarimage_520x280_v2.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
63dba5053ef06ad972a8c072344945d749622d58f9e212fdb9d5afad8f35130d

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Mon, 16 Sep 2019 14:35:41 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
110777
expires
Sat, 23 May 2020 11:14:28 GMT
spotify-podcast-badge-wht-grn-330x80402x.png
nyppagesix.files.wordpress.com/2019/09/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2019/09/spotify-podcast-badge-wht-grn-330x80402x.png?w=205&h=50
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8827d61817b0bad460b975ce6799a2b17da3097aee4b8d1633d223fb26948ab3

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Thu, 05 Sep 2019 21:38:47 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
5620
expires
Fri, 05 Jun 2020 03:58:31 GMT
apple-podcast-badge402x.png
nyppagesix.files.wordpress.com/2019/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2019/09/apple-podcast-badge402x.png?w=190&h=46
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5189e14e19906306cbe17692c2c77f9cad749043714f4d5eb95f3b236a6ab16e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Thu, 05 Sep 2019 21:38:43 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
7398
expires
Sat, 06 Jun 2020 04:14:31 GMT
stitcher-button402x-1.png
nyppagesix.files.wordpress.com/2019/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2019/09/stitcher-button402x-1.png?w=165&h=49
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a41285bc84ab29cfe6df95a09dbcf68614b662fd67dcef9ead8de6604e61cd1b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Thu, 05 Sep 2019 21:38:49 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
5725
expires
Mon, 01 Jun 2020 13:48:45 GMT
google_podcasts_badge402x-1-1.png
nyppagesix.files.wordpress.com/2019/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2019/09/google_podcasts_badge402x-1-1.png?w=190&h=48
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e5cb806d10205c48076caedd39c5b28b4da9c3aa0316933fc672b2f8e98c6843

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Wed, 11 Sep 2019 16:10:45 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
7024
expires
Thu, 18 Jun 2020 11:49:02 GMT
vip-powered-dark-small.png
s0.wp.com/wp-content/themes/vip/plugins/vip-do-not-include-on-wpcom/vip-powered-wpcom/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.wp.com/wp-content/themes/vip/plugins/vip-do-not-include-on-wpcom/vip-powered-wpcom/images/vip-powered-dark-small.png
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
318b47c0042bbc1bdee2d50b37d8d8b1c2a592978855b9de235dbd1a23ecbab8

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
x-ac
3.ams _dfw
last-modified
Sat, 31 Dec 2016 05:38:25 GMT
server
nginx
etag
"58674451-13b2"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5042
expires
Wed, 03 Feb 2021 04:37:42 GMT
show-ads.js
s0.wp.com/wp-content/themes/vip/nypost-2016/static/js/ 		24 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/themes/vip/nypost-2016/static/js/show-ads.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cdac293f3cc0409daf0c6ace00f5fac40baf0749dc37f3c8b6f25eb6631be979

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5a6b8ad8-18"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Wed, 03 Feb 2021 04:37:48 GMT
loading.gif
s0.wp.com/wp-content/mu-plugins/post-flair/sharing/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.wp.com/wp-content/mu-plugins/post-flair/sharing/images/loading.gif
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
x-ac
3.ams _dfw
last-modified
Mon, 16 May 2016 00:20:34 GMT
server
nginx
etag
"57391252-9e2"
content-type
image/gif
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2530
expires
Wed, 03 Feb 2021 04:33:35 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?ver=20111117
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8F) /
Resource Hash
cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 May 2020 17:25:55 GMT
Server
ECS (amb/6B8F)
Age
387
Etag
"580310dcde7e145486d79be6e5257680+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
29223
pending.js
s0.wp.com/wp-content/mu-plugins/twitter-blackbird-pie/ 		883 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/twitter-blackbird-pie/pending.js?m=1408998121h&ver=20130322
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c53d6dc81211bf7c4cb78004c5fb4c6d266ede9f72cb899d4c940c2cb89138ab

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"57391252-569"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Wed, 03 Feb 2021 04:34:34 GMT
neverending.js
s0.wp.com/wp-content/mu-plugins/twitter-blackbird-pie/ 		153 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/twitter-blackbird-pie/neverending.js?m=1349449263h&ver=20121005
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3c18a16be79b6c4db237b4377ef214b4e36e813b58e60774823bf2b0a4e91e48

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"58674606-99"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Wed, 03 Feb 2021 04:34:35 GMT
app.bundle.min.js
s0.wp.com/wp-content/themes/vip/nypost-2016/plugins/zephr/build/ 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/themes/vip/nypost-2016/plugins/zephr/build/app.bundle.min.js?m=1588797460h&ver=d933fa06de96b52a0283
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e223c1d0ff5997fdfa3281f501659eba00d0395638fcc855d255f797bcfce4b4

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5eb335bc-278c6"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 14 May 2021 14:44:22 GMT
vip-analytics.js
s0.wp.com/wp-content/mu-plugins/2-vip/js/ 		996 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/2-vip/js/vip-analytics.js?m=1411795912h&ver=20140927b
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b677e0fdcbd860cbebc8c37551e05f834c48da20d953fba50345fad6427a8627

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5739124f-506"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Wed, 03 Feb 2021 04:35:50 GMT
masterbar.js
s0.wp.com/wp-content/mu-plugins/admin-bar/masterbar-overrides/ 		1 KB
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/admin-bar/masterbar-overrides/masterbar.js?m=1489004139h&ver=20150909
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8f3e7e5925dc42da4621ce42327d0571887edf39a82e794b709eab7dd57fbeb0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"58c066c8-728"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Wed, 03 Feb 2021 04:35:50 GMT
masterbar-tracks.js
s0.wp.com/wp-content/mu-plugins/admin-bar/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/admin-bar/masterbar-tracks.js?m=1520516873h&ver=20171026
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
4a70a6e4f5b7d2e76b3a5174528403bfde046edd0acb1186b9d8760ea221875e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5aa13f15-166a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Wed, 03 Feb 2021 04:35:50 GMT
sharing.js
s0.wp.com/wp-content/mu-plugins/post-flair/sharing/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/post-flair/sharing/sharing.js?m=1564557884h&ver=wpcom
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
98b36dd59d75325c3b27bd16d542933c7388c6bc21ddd66369de3f22a1344310

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5d414279-3c90"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Thu, 30 Jul 2020 07:25:53 GMT
w.js
stats.wp.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/w.js?61
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f45206737eac638bb52a6adda01ec197e1b62f4e40399fbf2956497308b4b63f

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
nginx
etag
W/"5e6029bb-4e62"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Thu, 04 Mar 2021 22:24:11 GMT
conversion.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f226.1e100.net
Software
cafe /
Resource Hash
98272ae0cb3a95da5d3fc90a6772e95af0c014ee707e431b9542e3eb7410afc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10796
x-xss-protection
0
server
cafe
etag
16444458054189666048
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 May 2020 05:46:48 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		120 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3105&u=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&pid=CGJa2KQluA3Di&cb=0&ws=1600x1200&v=7.50.00&t=1500&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x251%22%2C%221x1%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Frec_atf%2Fstories%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22978x250%22%2C%221x1%22%2C%221x11%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Fbillb_atf%2Fstories%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x252%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Frec_btf%2Fstories%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%221x7%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Finline%2Fstories%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%221x12%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Fcustom%2Fstories%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%221x2%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Fskin%2Fstories%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x255%22%2C%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Frec_widget%2Fstories%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%221x4%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Foverlay_fullpage%2Fstories%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%221x6%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpagesix.desktop%2Fnative%2Fstories%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.176.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-176-82.ham50.r.cloudfront.net
Software
Server /
Resource Hash
984ca2adeff93742479d5031967913c2e8657f7a4976053535611c608cdb5e15

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
HAM50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pagesix.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
127
via
1.1 e783bb6c29f662cfdd94e8ac169d6a36.cloudfront.net (CloudFront)
x-amz-cf-id
WIiiaDcoECuvxVqTdkz9u-gZwpfJKmR_czsdhXGkHA1tOi8q-0uiRw==
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a7be1fb83be077fd5b4bb33d222776309092759f73e93a2fa579399ae631809

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98cc794498727ceaad5c218a9405ec4245a5fa94cff76f769b9018442223b64d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		147 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4114727dde2b921cfbfc577cef45ab356d55765c1d8330e4f9fed328421ff868

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		610 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a2a2904fa4a2f46288e110ff0ea44d46cc72243d61e0e6e3619b066d4440d25

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
l
use.typekit.net/af/648f69/000000000000000000010098/27/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/648f69/000000000000000000010098/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i8&v=3
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d48b7457ceb7ec7f26f1f04927ef6efc28f192d1111313a8bf88d0f921a7030e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
etag
"6dc35ff8dcf5ecdf38b561dad1531ea42a33c874"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
41108
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=547361830&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_gid=915832077.1589521608&gjid=2063381158&_v=j82&z=208153713
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_v=j82&z=208153713
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_v=j82&z=208153713&slf_rd=1&random=359942384
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_v=j82&z=208153713&slf_rd=1&random=359942384
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3922003-6&cid=80458405.1589521608&jid=1662582988&_v=j82&z=208153713&slf_rd=1&random=359942384
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce0cc1453e5d5a423a6e0ce7210c950573b3a8dec7acf15a22202e33ca401348

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
etag
"79fea02668402fc378c129193093131a2db2577c"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33568
l
use.typekit.net/af/d562ce/00000000000000003b9b204c/27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d562ce/00000000000000003b9b204c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
1f86855eed5dfa085ca62ef7a301e94d1f82c34f426ddfd54fe66b15d632db90

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
etag
"79b73a8b60023503d1f34e07b81f37976902b3f9"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
25780
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f65e29b8d04a48f628644fbbcc890b1d3e478006b646f92bfb386a2b8b2f0c6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		635 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0df403297be900bbc142d19564a6e7d994e98bba1e2721b6d8ee99b2260f5a0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
l
use.typekit.net/af/8a200c/00000000000000003b9b204a/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8a200c/00000000000000003b9b204a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a3ca54f77d4efa225bb8d473c8460fd76c1fd1be46e58c6ea069e6780bafaa9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
etag
"98e94e3a4f18a4bde13fe394b9115dd62fc5445b"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24444
emily-smith-01.png
nyppagesix.files.wordpress.com/2013/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2013/08/emily-smith-01.png?w=76&h=69&crop=1
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c18a9e0d59a2c6f104523b34aaab6c6ef362a0351b3b9fa500b04a40dda4e1d4

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:48 GMT
last-modified
Tue, 25 Feb 2014 18:05:52 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
4971
expires
Mon, 18 May 2020 02:08:06 GMT
zerg.js
www.zergnet.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=33407
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.240.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-240-134.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d6409005ead5f0503a8ea631b0d1810d79660ee28937169bb707bd1a4e898cb9

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=UTF-8
expires
Fri, 22 May 2020 05:46:48 GMT
l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
a870f8c0efeb6e2f998fdf7dc1c4f9c074f7de696ea4043602e1677d1d34c062

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
server
nginx
etag
"dd5b169fb4bedb60e8626027fdc93f0b1be2f4fb"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
47172
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01E8BDXW6EQ51TGAKSJBYMX6R2&persistence=1&checksum=523b5943b4652dfb53b595984aa394b6ca5446c667d607d1035f2ada30bf0650
174 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01E8BDXW6EQ51TGAKSJBYMX6R2&persistence=1&checksum=523b5943b4652dfb53b595984aa394b6ca5446c667d607d1035f2ada30bf0650
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
45a67c7ea4320802d7cab80c8df12000bd5ad362ead9aea844c441f2f3862fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://pagesix.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Fri, 15 May 2020 05:46:48 GMT
via
1.1 google
server
openresty/1.11.2.5
status
307
location
https://r.skimresources.com/api/?xguid=01E8BDXW6EQ51TGAKSJBYMX6R2&persistence=1&checksum=523b5943b4652dfb53b595984aa394b6ca5446c667d607d1035f2ada30bf0650
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://pagesix.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
text/html
alt-svc
clear
content-length
193
robots.txt
t.skimresources.com/api/v2/ Frame 59F5 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4787535666169376
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
206
date
Fri, 15 May 2020 05:46:48 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=0.8947787765282453
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=0.8947787765282453
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:48 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
et_v1.0.1653-0-g38b0fdf.js
video.unrulymedia.com/native/ Frame 622C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1653-0-g38b0fdf.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.191.194 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-194.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c5ffce3c629e745b11f0ac6649cf2dfc24c1720f1a51fd8ba1ca73d356070e1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Tue, 05 May 2020 14:32:45 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
832443
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://pagesix.com
x-amz-expiration
expiry-date="Wed, 05 May 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 05 May 2020 14:01:22 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
YigZAk4kNa6rVFgW1u-uD_94IbQ50TpB1TbsTH3f-Od27sof-8yZSQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 622C 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Tue, 05 May 2020 21:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
806614
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 May 2021 21:43:14 GMT
blank.gif
stats3.unrulymedia.com/ 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=622642&id=921269371&d=1589521608865&in_iframe=false&h=v1.0.1653-0-g38b0fdf&compat=CSS1Compat&pageLoadId=887726976&supplyMode=direct&unr.site.env=html&ts=2020-05-15T05%253A46%253A48.865-%252B02%253A00
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.249.205.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-205-129.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:49 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-075.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
__fpn.gif
fpn.flipboard.com/tr/
Redirect Chain
  • https://fpn.flipboard.com/pix/__fpn.gif?utm_source=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F
  • https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttps%25253A%25252F%25252Fpagesix.com%25252F2020%25252F05%25252F14%25252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2525...
35 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttps%25253A%25252F%25252Fpagesix.com%25252F2020%25252F05%25252F14%25252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%25252F&rh=https%253A%252F%252Fpagesix.com%252F2020%252F05%252F14%252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%252F
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2070:bc00:14:85db:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 23:50:40 GMT
via
1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2017 18:19:12 GMT
server
AmazonS3
age
21370
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
35
x-amz-cf-id
mdiSXS3OCEtswJR5RUfgn1ahTohg6xtjKk4SUocCl-m0z58La4rQwQ==

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:48 GMT
via
1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
HAM50-C3
status
307
x-cache
LambdaGeneratedResponse from cloudfront
location
/tr/__fpn.gif?qs=utm_source%253Dhttps%25253A%25252F%25252Fpagesix.com%25252F2020%25252F05%25252F14%25252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%25252F&rh=https%253A%252F%252Fpagesix.com%252F2020%252F05%252F14%252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%252F
cache-control
no-cache, no-store, must-revalidate
content-length
0
x-amz-cf-id
ExfF75vrqk8aWNrgCGNXRDIHjfsAX01ho6fV99g5Tq8pz7Z0bxo8vA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame D72B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1589467080.438486"
last-modified
Thu, 14 May 2020 14:28:21 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Fri, 15 May 2020 05:46:48 GMT
timing-allow-origin
*
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1589521608~rv=4~id=c5c5c10b7dc98f69c69f360b05f8e28e; path=/; Expires=Fri, 15 May 2020 05:46:48 GMT; Secure; SameSite=None
cGFnZXNpeC5jb20=
tcheck.outbrainimg.com/tcheck/check/ 		16 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cGFnZXNpeC5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=35435
Date
Fri, 15 May 2020 05:46:49 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
false
Content-Length
16
Expires
Fri, 15 May 2020 15:37:24 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pagesix.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pagesix.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020050602.js
securepubads.g.doubleclick.net/gpt/ 		243 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 May 2020 17:23:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89224
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:49 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1589521609195&sessionId=4a5ed276-cc9f-de8e-f900-b098d6d537ea&url=pagesix.com&cheqSource=1&cheqEvent=0&exitReason=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d6f449e6bab5d2750e9ac3f5bda2de77
Content-Length
4
Expires
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ccca8ed8371b97ddb9683e043b84ade1b99f74144a54bbfdd2f2a4e1f062b3c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		546 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86f2a170bedf99374211e6a25439f8f7b7e6367ce16f07f8211f3074897b8fd0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
native_v1.0.1653-0-g38b0fdf.js
video.unrulymedia.com/native/ Frame 622C 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1653-0-g38b0fdf.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.191.194 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-194.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dca171c0563d880b6fee5bda558808df3d9523fa6c0a6f1f2fb4e518bfc194d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Tue, 05 May 2020 14:32:46 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
832443
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://pagesix.com
x-amz-expiration
expiry-date="Wed, 05 May 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 05 May 2020 14:01:21 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
t2YuQ8VZ8P2cdFFjh0QxUTBPZeVenkuDWRxiUgIqsickebsVyCtIMQ==
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1589521609228&sessionId=4a5ed276-cc9f-de8e-f900-b098d6d537ea&url=pagesix.com&cheqSource=1&cheqEvent=3&responseTime=301
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
750f7bb2df88a5f85dda1db40883ce40
Content-Length
4
Expires
0
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
781
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Fri, 15 May 2020 06:33:48 GMT
gtm.js
www.googletagmanager.com/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c24ebb7002bc4aec80993d235f628f81fb7fd64602246ce8d67e8b4a286f06d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27609
x-xss-protection
0
last-modified
Fri, 15 May 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 May 2020 05:46:49 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.149 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-149.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 02:16:06 GMT
Via
1.1 52c7de80c6ff92b7b540ab39e3ca1184.cloudfront.net (CloudFront)
Age
18850
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/x-javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
HAM50-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
ogk8ilT5T65sVL_hNOh99eu3d8HrDJ1qcTbApeQRVnWCAmnx00tCAQ==
Expires
Sat, 16 May 2020 00:32:33 GMT
1411.html
ithinkthereforeiam.net/f/3eJyrVspUslJQMjQxNFTSUVAqB3EKEtNTizMr9JLzc0FiJSCxNKVaAOmzCxY===/ Frame 5CA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ithinkthereforeiam.net/f/3eJyrVspUslJQMjQxNFTSUVAqB3EKEtNTizMr9JLzc0FiJSCxNKVaAOmzCxY===/1411.html
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.230.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-230-44.sfo5.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

:method
GET
:authority
ithinkthereforeiam.net
:scheme
https
:path
/f/3eJyrVspUslJQMjQxNFTSUVAqB3EKEtNTizMr9JLzc0FiJSCxNKVaAOmzCxY===/1411.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
content-length
590
server
CloudFront
date
Fri, 15 May 2020 05:46:49 GMT
x-cache
LambdaGeneratedResponse from cloudfront
via
1.1 dbf749b5462dc5b2c9b4f9b080fa86cd.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C3
x-amz-cf-id
INLyKDZ-NIUowxgmgUb1OkrCJ4sXO990z02nqJ5S2aqGHxSQ3GzJPA==
grunion.css
s0.wp.com/wp-content/mu-plugins/grunion-contact-form/css/ 		2 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/grunion-contact-form/css/grunion.css?ver=wpcom
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5eeaf1ee8d663d18e673d37b655cc56ed28cc8e128ad36dcda745d45836748de

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
server
nginx
etag
W/"5ce2ad7b-95a"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Thu, 22 Apr 2021 19:09:05 GMT
events
logx.optimizely.com/v1/ 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2289930227.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.255.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-255-108.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 15 May 2020 05:46:49 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://pagesix.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
0b1c74eb-62bc-4cca-ba3b-ee58463e0e1f
output.js
www.zergnet.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=33407&time=1589521609255&sc=1&callback=json8081988
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.240.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-240-134.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5a52e74b5846d73df774c797e2efcbde7d5fb18fe27c9fb8fb0e7576aeaa885

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7372551981642996
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 05:46:49 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?blog=56757202&v=wpcom&tz=-4&user_id=0&post=5254311&subd=nyppagesix&host=pagesix.com&ref=&fcp=742&rand=0.014042788073614254
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 05:46:49 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1BNmNJfGhxNCVxUDExYmtib2E%2FSzdEJm0lUEtbdFU0fFk4cHZvcUFrZT90Tn4yQm1%2BR3NyNTdhJitIV3pvNTdrYm40UDdDc3FnfklhcWR4amlEaj8vbHRoVTFZUDMsOFZDMl80TEhTJTdKcWtBTVloUktfVjREOWlfPVMlTzNQVFk4QjV6YX5aNzBDQm1xT3M9XWRPclttRDBhVCZ3d1o1USwrSThZT01Taks2V3JlZ016TFY1Z2FGOUZlcTRaWTI9aHNMTGM2TnMwQld5ZnZxVn40Q2hPWk9qZkJ6LXpM&v=wpcom-no-pv&rand=0.28218435826769306
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 05:46:49 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/?random=1589521609268&cv=9&fst=1589521609268&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tiba=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&hn=www.googleadservices.com&us_privacy=1---&rfmt=3&fmt=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc88d9584b5158722eaca03f4dd853340a073adadede8b2529b108ce5337b0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity
api.rlcdn.com/api/ 		0
0
idsv2
mid.rkdms.com/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185739
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.123.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-123-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
520b72e7cfded3d2893de46b2dc9fe1e3ee0906f871182b4d93d2d093acf2db3

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pagesix.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 14 Jun 2020 05:46:49 GMT
moatcontent.js
z.moatads.com/nypostcontent5820949302/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nypostcontent5820949302/moatcontent.js
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/wp-content/themes/vip/nypost-2016/static/js/global.bundle.js?m=1589466143h&ver=d933fa06de96b52a0283
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de07a78069141f1c7c6b93c99b4968bac8f3e755a894b16df849788c9ebf9622

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2017 17:27:13 GMT
server
AmazonS3
x-amz-request-id
3D18152FE8BA5E5F
etag
"f12058bf9e1e592b098634d6f41134d3"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=52889
accept-ranges
bytes
content-length
54867
x-amz-id-2
XQm0aRQkgXGDbWHNHxSdHhw9EiCjX+r7zjDLVLnlOvnNO37fP48l+GKcjblcvTnp2lZeBSj7hNU=
widget_iframe.2a008290075125adde2d7b849b06a0bb.html
platform.twitter.com/widgets/ Frame D014 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Fpagesix.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B73) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
40909
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 15 May 2020 05:46:49 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Tue, 12 May 2020 17:24:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B73)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
features
zephr.pagesix.com/wp-json/nypost-zephr/v1/ 		833 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.pagesix.com/wp-json/nypost-zephr/v1/features?content_id=5254311&brand=pagesix&env=production
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/wp-content/themes/vip/nypost-2016/plugins/zephr/build/app.bundle.min.js?m=1588797460h&ver=d933fa06de96b52a0283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.235.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-235-124.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
26e24278b0a2a1d7a96bed463adca9e4fc5c807d294d130e434efd7279d56382
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nananana
Batcache
date
Fri, 15 May 2020 05:46:49 GMT
x-ac
4.dca _dca
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-C3
x-cache
Miss from cloudfront
status
200
access-control-allow-headers
Authorization, Content-Type
content-encoding
identity
content-length
833
access-control-allow-origin
https://pagesix.com
allow
GET
last-modified
Fri, 15 May 2020 05:43:23 GMT
server
nginx/1.12.2
x-robots-tag
noindex
vary
Accept-Encoding,Cookie
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=UTF-8
via
1.1 47c0295005ec7d8570406951491004c3.cloudfront.net (CloudFront)
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
true
zephr-request
true
link
<//ny-post.cdn.blaize.io/wp-json/>; rel="https://api.w.org/"
x-amz-cf-id
OVMipPP-uFmsV6eIx5txwgoJTZJqqsIxHZJnhfXJFAEW3JSBQT6zTQ==
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
l
use.typekit.net/af/4c4052/00000000000000003b9b3069/27/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4c4052/00000000000000003b9b3069/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uel0ekt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
38abe4268828718148217ea158621cbd491f81a5fa3818f9dd62a18d05b638bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
server
nginx
etag
"9b9703c5b759eb477679eb877a148d00687183e5"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
36116
l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uel0ekt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
f685d36f3f62589ffc7cb9633a82850958978f8803780ece24c613ca6f8cf563

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
server
nginx
etag
"d9c559430b0162ff50e16cf6dad5514fa963f9ff"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
35116
l
use.typekit.net/af/0c71d1/000000000000000000010097/27/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0c71d1/000000000000000000010097/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uel0ekt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
4ab7357d75156817f5990cb427f9ade60a52b7eab9db7e34c11b4b465f9ef660

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Origin
https://pagesix.com

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
server
nginx
etag
"9a321477e1d5d21d086db71c2cd6b1e9483fc61d"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
40536
nypost-brightcove.css
s0.wp.com/wp-content/themes/vip/nypost-2016/static/css/ 		3 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/themes/vip/nypost-2016/static/css/nypost-brightcove.css?ver=d933fa06de96b52a0283
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ded965a9211a4e3d7551bf6eb237e2c4a42e940d90c713198bebf61863bc2755

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
server
nginx
etag
W/"5ebaab8f-ae4"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 14 May 2021 14:44:24 GMT
/
r.skimresources.com/api/ 		192 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547100.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
6f3a98c73f7cf2e3ddf2057979c8f2d6cb9729526500900a4292fbaf5771ffe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://pagesix.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
application/json
alt-svc
clear
via
1.1 google
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame A227
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_ppt_oath_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_ppt_oath_3lift&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_ppt_oath_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A0h4cvW7fENyrFip3-5dhcc|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Server
Server
Date
Fri, 15 May 2020 05:46:49 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
193
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A0h4cvW7fENyrFip3-5dhcc; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 05:46:49 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Jul-2025 05:46:49 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Fri, 15 May 2020 05:46:49 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_ppt_oath_3lift&dcc=t
Set-Cookie
ad-id=A0h4cvW7fENyrFip3-5dhcc|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 05:46:49 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
ijs_all_modules_001b416599e7e98cc05f9bb4738590e0.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		345 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_001b416599e7e98cc05f9bb4738590e0.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ce99fbfcc16eda46b2613ed30f6cc13906d5d13956ca275e28a7d2d0b1630b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
296743
x-guploader-uploadid
AAANsUlNHtWqjm0YBaRre9d5QielBXq90t9zWIKWec7k_QQVcxSqEz0a4p6wpHYFejZRduAkvQef9XU2Av_tBv2ITD0
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
90458
cf-request-id
02b8780b280000bf0f9409c200000001
last-modified
Thu, 07 May 2020 16:57:55 GMT
server
cloudflare
etag
"2d2c03865bcbc522794e22e112161a44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ZpeI8A==, md5=LSwDhlvLxSJ5TiLhEhYaRA==
x-goog-generation
1588870675708025
access-control-allow-origin
*
content-type
text/javascript
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
90458
accept-ranges
bytes
cf-ray
593a8f8b7a96bf0f-FRA
expires
Tue, 11 May 2021 17:14:37 GMT
iab
api.skimlinks.mgr.consensu.org/ 		772 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.skimlinks.mgr.consensu.org/iab?nocache=1589521609563
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547100.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
nginx/1.14.0 /
Resource Hash
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.0
access-control-allow-headers
*
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://pagesix.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
arj
nypost-d.openx.net/w/1.0/ 		189 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nypost-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=71f7f22c-0cd7-4c54-a89d-fd8aeae06762%2C09178f9a-5db7-4aec-a607-760325aea040%2C0f3071c8-222b-4196-8eaf-5ba8f7402953%2Cd341bcc8-ccf7-42a1-8625-7c81dd34cca9&nocache=1589521609670&us_privacy=1---&aus=970x90%2C970x250%7C300x250%2C300x600%7C300x250%7C300x250&divIds=div-gpt-ad-billb_atf%2Cdiv-gpt-ad-rec_atf%2Cdiv-gpt-ad-rec_widget%2Cdiv-gpt-ad-rec_btf&auid=539030517%2C539030518%2C539030521%2C539030520&
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.186.1 /
Resource Hash
db90249d31d77d19f18c1a0023ee7ebe675cbc1120ff95c079a1f8a065cbba7e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:49 GMT
content-encoding
gzip
server
OXGW/16.186.1
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://pagesix.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
175
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=69232&zone_id=330612&size_id=55&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=71f7f22c-0cd7-4c54-a89d-fd8aeae06762&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2889290117389871
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
fe0b51ed42adf66228c4c92c8f1ae8ac7d06b2a36c7d25f08f52553db3e1f43a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:50 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=465
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=69232&zone_id=330612&size_id=15&alt_size_ids=10&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=09178f9a-5db7-4aec-a607-760325aea040&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1538542298649601
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f3ff3ffbd8bbdf6316cddcd8a0acf648c0d5bf435c6db618e1f092a75bd751df

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=487
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=69232&zone_id=330612&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=0f3071c8-222b-4196-8eaf-5ba8f7402953&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.24973226593980935
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
5c9265b2dfef9d2b812c13bb1e15620d5dcb3b583d0c8ef32cf7f769b3efbfe9

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=373
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=69232&zone_id=330612&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=d341bcc8-ccf7-42a1-8625-7c81dd34cca9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.549540936834624
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
30a3c47704d7854642eb3330f36fb5003e5d6e3db0a8e6e72394d7ec4be7eb25

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=388
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;apid=1A78c7a046-966f-11ea-9f37-12244f280cb6;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1---
adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1---;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1---
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;apid=1A78c7a046-966f-11ea-9f37-12244f280cb6;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=15...
944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;apid=1A78c7a046-966f-11ea-9f37-12244f280cb6;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1---
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
e7c9a27a147b6e26fde6d05366a6a62001296592e248ed696849cdbcd8f4b96a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4760346/0/0/ADTECH;apid=1A78c7a046-966f-11ea-9f37-12244f280cb6;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5502328762e4386;misc=1589521609678;us_privacy=1---
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A78edc168-966f-11ea-8b8f-1256e9c0edc4;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1---
adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1---;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1---
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;apid=1A78edc168-966f-11ea-8b8f-1256e9c0edc4;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=15...
944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;apid=1A78edc168-966f-11ea-8b8f-1256e9c0edc4;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1---
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
924760b0611f5ffa986a6bd780e443bd251b01e1dc85474e906093dde1da69f7

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428376/0/0/ADTECH;apid=1A78edc168-966f-11ea-8b8f-1256e9c0edc4;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=568bddc40a8365b;misc=1589521609678;us_privacy=1---
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A78c73c5a-966f-11ea-8110-1215cb940d7a;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1---
adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1---;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1---
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;apid=1A78c73c5a-966f-11ea-8110-1215cb940d7a;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=15...
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;apid=1A78c73c5a-966f-11ea-8110-1215cb940d7a;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1---
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
7fe8fc0517d1348c7ac342e1243308e872ee150a60a06c8e9e809de55f508be0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428399/0/0/ADTECH;apid=1A78c73c5a-966f-11ea-8110-1215cb940d7a;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=57c3623e951a725;misc=1589521609678;us_privacy=1---
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A78c7445c-966f-11ea-888b-1283af18fee8;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1---
adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1---;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1---
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;apid=1A78c7445c-966f-11ea-888b-1283af18fee8;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=15...
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;apid=1A78c7445c-966f-11ea-888b-1283af18fee8;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1---
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
803516ea9032caa4a1025c81c242c38ad53611a444a4956a9ab5e2213f1647c8

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10427.1/4428433/0/0/ADTECH;apid=1A78c7445c-966f-11ea-888b-1283af18fee8;cfp=1;rndc=1589521609;v=2;cmd=bid;cors=yes;alias=5834cbeef8e8601;misc=1589521609678;us_privacy=1---
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:51 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.197:80
AN-X-Request-Uuid
421d8fcc-9f58-474b-86b9-4a1eb2486b05
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=285550&zone_id=1435060&size_id=55&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=71f7f22c-0cd7-4c54-a89d-fd8aeae06762&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8151313248196883
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
da74f0952360659013a516d31ad10055703eb723cf523a74215269478c5f2b97

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:50 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=39
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=285550&zone_id=1435060&size_id=15&alt_size_ids=10&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=09178f9a-5db7-4aec-a607-760325aea040&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2764647764298327
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
5014ee7fa028685c5f94f0e46fb28618cd0d2511a1c46c584797b9de05a38baf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=428
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=285550&zone_id=1435060&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=0f3071c8-222b-4196-8eaf-5ba8f7402953&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.15627345369254408
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
75e0a476a7d31963e5f5ef16fef90a598663bd3bfb4ed8d967b0f5e17067e2aa

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=350
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=285550&zone_id=1435060&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=d341bcc8-ccf7-42a1-8625-7c81dd34cca9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.05332760670213732
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
e64e9f85902dc92f511346aee1958df60afb1036c43d9dbb68a3dd8e2d7f2d2b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=441
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		77 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.68.31 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-31.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
103f6fd015ad3ad3b43f27e90555fdc78b45e629c92e07c18a9fa249e59aeed8

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:49 GMT
server
nginx
status
200
content-type
application/json;charset=ISO-8859-1
access-control-allow-origin
https://pagesix.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
77
expires
Fri, 15 May 2020 05:46:49 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.204:80
AN-X-Request-Uuid
cd35cc23-a3e6-40a3-b35f-9cb0da34ef8b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		25 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=214430&v=7.2&r=%7B%22id%22%3A%22384483ae99de993%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2239c4bb670726d49%22%2C%22ext%22%3A%7B%22siteID%22%3A%22214430%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224030d52f61db4da%22%2C%22ext%22%3A%7B%22siteID%22%3A%22214430%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241da9ccc5de5fc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22214431%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22429bd29ce336159%22%2C%22ext%22%3A%7B%22siteID%22%3A%22214431%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224315b0d8a9fd512%22%2C%22ext%22%3A%7B%22siteID%22%3A%22214434%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224442b46599accdc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22214433%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228a2f3ce1-6849-48e9-af7c-5afab048d087%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222020-05-15T05%3A46%3A49%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cde1caa3e68efebefa04c718859e21f1eddf1af83cf85d2dcf91fb70bdf8396b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
43
Expires
Fri, 15 May 2020 05:46:49 GMT
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.15.0&cb=64960211697
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 15 May 2020 05:46:49 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://pagesix.com
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=288010&zone_id=1448516&size_id=55&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=71f7f22c-0cd7-4c54-a89d-fd8aeae06762&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8368602384991766
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ace8b501acb8401e63fce2bebd385150c7f6389a4943073437faae749658f719

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=253
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=288010&zone_id=1448516&size_id=15&alt_size_ids=10&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=09178f9a-5db7-4aec-a607-760325aea040&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4888013663331059
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
1a38cdf0e2820c6095ac3ced24cf933a4780554a83a8905a0c70e479e4b425a9

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=344
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=288010&zone_id=1448516&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=0f3071c8-222b-4196-8eaf-5ba8f7402953&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.871513301516228
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
2d3110aacd3225cfb1e63da2aa29eb1778ad7adc08465055a6e23016460d6d9a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:50 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=126
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21496&site_id=288010&zone_id=1448516&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tk_flint=pbjs_lite_v3.15.0&x_source.tid=d341bcc8-ccf7-42a1-8625-7c81dd34cca9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6555500058077102
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
4c268de28a756d5b23c070de5dff67bf030a5b00216b6f8f40d80ca9509f20c3

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:49 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=35
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
get
odb.outbrain.com/utils/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&settings=true&recs=true&widgetJSId=AR_3&key=NANOWDGT01&idx=0&version=1070208&apv=false&sig=CdW8x6Ez&format=html&va=true&et=true&rand=85031&pdobuid=-1&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1&ref=&px=333&py=3075&vpd=1875
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4d5ff43f505f033f786c7619e3064bc190763a415fee842f47408613b6387f3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
2dcee2361a4817084077d5c017158694
content-length
14728
x-served-by
cache-mdw17336-MDW, cache-hhn4021-HHN
pragma
no-cache
x-timer
S1589521610.043458,VS0,VE203
date
Fri, 15 May 2020 05:46:50 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.36
accept-ranges
bytes, bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=214442&u=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&v=3
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:50 GMT
Server
Apache
Content-Type
text/plain
Access-Control-Allow-Origin
https://pagesix.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 15 May 2020 05:46:50 GMT
p.gif
p.typekit.net/ 		35 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=uel0ekt&ht=tk&h=pagesix.com&f=139.140.175.176.10879.10881.10887.10888.39498.39500&a=738589&js=1.19.2&app=typekit&e=js&_=1589521609746
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:49 GMT
Last-Modified
Wed, 10 Jul 2019 10:41:33 GMT
Server
nginx
ETag
"5d25c0dd-23"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Mon, 07 Oct 2019 04:19:20 GMT
collect
www.google-analytics.com/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=547361830&t=pageview&_s=2&dl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&ul=en-us&de=UTF-8&dt=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjBAQC~&jid=&gjid=&cid=80458405.1589521608&tid=UA-3922003-6&_gid=915832077.1589521608&cd8=desktop&cd3=donald%20trump%2Chackers%2Clawyers&cd2=Emily%20Smith&cd1=article&cd5=standard&cd6=Law%20firm%20hackers%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&cd7=&cd12=LA%20law%20firm%20hackers%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&cd9=2020-05-14&cd10=20%3A%2043&cd11=5254311&cd31=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&cd15=hackers&cd16=793&cd17=no&cd4=pagesix&cd40=no&cd44=no&cd21=no&cd46=false&cg1=article&cg2=pagesix&cg3=pagesix.com&z=1566177132
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Apr 2020 22:07:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2446775
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
skin-622642.json
video.unrulymedia.com/native/skins/ Frame 622C 		1 KB
996 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-622642.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.191.194 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-194.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60449f24207319c099ea7f9358db2de6c4f66159315f69c5e2e55b9fe353653b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:50:18 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3392
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://pagesix.com
x-amz-expiration
expiry-date="Thu, 13 May 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 13 May 2020 04:41:03 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
via
1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
cache-control
max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
Xnfj48PfEzLCtnseqflBlmwldLtNDsUwR7jOc0XL2QAmf4ySIPnZ7w==
/
www.google.com/pagead/1p-user-list/988380111/ 		42 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/988380111/?random=1589521609268&cv=9&fst=1589518800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tiba=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&fmt=3&is_vtc=1&random=1350444962&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/988380111/ 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/988380111/?random=1589521609268&cv=9&fst=1589518800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&tiba=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&fmt=3&is_vtc=1&random=1350444962&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.js
cdn.parsely.com/keys/nypost.com/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/nypost.com/p.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.191.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-67.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
88416ae6ab0b1b800f4434bf36e9901f128160f60c27e1351759774ffa5c604e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Fri, 15 May 2020 02:21:30 GMT
content-encoding
gzip
last-modified
Mon, 08 Jul 2019 23:57:44 GMT
server
nginx
age
12446
etag
"5d23d878-d70b"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400, public
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
IPA03_ik5Rd0al7Kn7F1hTMY-JM0QK3YLIpm0D6WmrbDk5goZHGTEw==
via
1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
expires
Sat, 16 May 2020 02:19:18 GMT
5030874_240.jpg
img5.zergnet.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/5030874_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-83.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e9fefc7cc8b149d621fa1910f34691cf9a290615580d80c25f17cbde878b236

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 19:41:55 GMT
Via
1.1 5b2b264287e9650401ad0bc63aa348e6.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 31 Mar 2020 15:25:29 GMT
Server
AmazonS3
Age
1332298
ETag
"04a85c7fbafc03b7dd75879aaf45f4c1"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
15095
X-Amz-Cf-Id
5EN8ESqp6BEsQIfVZWFyEbPbHNPibWppKqz7G5vZprim-YOZklUG7w==
Expires
Wed, 31 Mar 2021 15:25:28 GMT
5153286_240.jpg
img5.zergnet.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/5153286_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-83.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e6a2affaf03fccbc1ef9cc04c4d6bca37740a73edc1c2cd064728ca5e5f4851

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 03:15:26 GMT
Via
1.1 5b2b264287e9650401ad0bc63aa348e6.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 30 Apr 2020 21:43:29 GMT
Server
AmazonS3
Age
9087
ETag
"00feecff41082d75597ba13a81eed932"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
13440
X-Amz-Cf-Id
nJlfuboqKnik1RVcS03PGISLM6eMvXOSeRQBTjcRJ1mOlz3alBNphA==
Expires
Fri, 30 Apr 2021 21:43:28 GMT
4485945_240.jpg
img2.zergnet.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/4485945_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-83.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4384e9389e9476aec79b3ac4d27f8fb3f9b1f6e35db36773d45f51b313b70d86

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 00:09:51 GMT
Via
1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 17 Sep 2019 19:10:33 GMT
Server
AmazonS3
Age
1229819
ETag
"f96acf2c7587ce348eac3f03cca10bbf"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
11075
X-Amz-Cf-Id
LHSaX029mhL5XhsKeBrX1iXHPxtiVlmKoJ-kdItcSBizrterztwcPg==
Expires
Thu, 17 Sep 2020 19:10:32 GMT
4907769_240.jpg
img2.zergnet.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/4907769_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-83.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
369c93dad61cdd247b015fa1f94b93069ebf48327c1a3272729ec2cbcb31caf0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 08:05:41 GMT
Via
1.1 d653a3b9e8104c26c77d7700ae0a93cf.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 20 Feb 2020 18:20:26 GMT
Server
AmazonS3
Age
1201269
ETag
"6f0beca90d38e1b02c39f8a6f3c3b563"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
10378
X-Amz-Cf-Id
dx4z9bFMgv1_3SmNDDggGvosr7fzzYnxXnMZgwekjJEcSUVUPL388w==
Expires
Sat, 20 Feb 2021 18:20:25 GMT
4494810_240.jpg
img5.zergnet.com/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/4494810_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-83.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb5c5f4f289f17d6841844c9dc38df54a9e7176a1498ad8b8bb028cddb71d7ed

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 16:34:01 GMT
Via
1.1 5b2b264287e9650401ad0bc63aa348e6.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 19 Sep 2019 21:21:31 GMT
Server
AmazonS3
Age
1343571
ETag
"ec4ec43e29e98ace55217fb859f60816"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
11723
X-Amz-Cf-Id
RL9P6Btp4yLOpiSH3EJESAt6DmNlTrxDHzJhCeCzbVTXTcAubuXY7w==
Expires
Sat, 19 Sep 2020 21:21:30 GMT
5211000_240.jpg
img1.zergnet.com/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/5211000_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-26.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05dccf62396bae47af03e900cf6d5065156311d26b7592f9dfdd6caf6421c899

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 01:49:46 GMT
Via
1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 14 May 2020 23:39:27 GMT
Server
AmazonS3
Age
14225
ETag
"2e59880d71f2e0f1f74482ded036d1c3"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
14317
X-Amz-Cf-Id
tP7cSCTUzKb4M_dzy0FDdVpDlxfMPDbWC9sy180p9Y-6N-oKuBj0dA==
Expires
Fri, 14 May 2021 23:39:26 GMT
5108848_240.jpg
img1.zergnet.com/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/5108848_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-26.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
effa040425cf8d55b9880966bab7a0d6047cf85514283c6bf1c044922acae952

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 May 2020 02:52:28 GMT
Via
1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 20 Apr 2020 21:03:09 GMT
Server
AmazonS3
Age
356063
ETag
"161b4a53c1d15b895ea3d009ff447c81"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
15784
X-Amz-Cf-Id
BvSb0alrn0CMZ3pjSUNMFrOA0B1KEZDNdADKJ0HNena3aqAlHto3NQ==
Expires
Tue, 20 Apr 2021 21:03:08 GMT
5169795_240.jpg
img4.zergnet.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/5169795_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-57.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d72f9aec4078a81f470b35d029db75b947872eb6d61331ab871d3cf983ce9c7

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 06 May 2020 00:47:02 GMT
Via
1.1 0a6bbd9174811c69f7dfb09b939e5b09.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 05 May 2020 20:03:34 GMT
Server
AmazonS3
Age
795590
ETag
"5ed48081957b0be142825be4d47b6824"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
9299
X-Amz-Cf-Id
9-ZDK7XwdGLoOvzK6SCo3g5XYeS9Tbu6b360rVGphBdts5fRuCD-sw==
Expires
Wed, 05 May 2021 20:03:33 GMT
5184756_240.jpg
img1.zergnet.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/5184756_240.jpg
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-26.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2f9e618182d3156aeed2dd1fa4606e429e0d5824c3a3bec86740e3292d6fc46

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 10 May 2020 04:35:37 GMT
Via
1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 08 May 2020 15:58:54 GMT
Server
AmazonS3
Age
436274
ETag
"cdcf1feb81a561bac2f4b36b9c29581d"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
13816
X-Amz-Cf-Id
HiiBz7g4oQGYZ6pNsJC_ofXbKyFXiBWzRiDuw9qWgUDUy0MHrH3Omg==
Expires
Sat, 08 May 2021 15:58:53 GMT
local_storage_frame15.min.html
assets.bounceexchange.com/assets/bounce/ Frame 0CC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame15.min.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
assets.bounceexchange.com
:scheme
https
:path
/assets/bounce/local_storage_frame15.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
date
Fri, 15 May 2020 05:46:49 GMT
content-type
text/html
set-cookie
__cfduid=d51412ad1105e577987dd23b614e590b41589521609; expires=Sun, 14-Jun-20 05:46:49 GMT; path=/; domain=.bounceexchange.com; HttpOnly; SameSite=Lax
x-guploader-uploadid
AAANsUmB61-6LJaknqsbNkYHJfuS363hbdBi3Oqbb9IFL01MJIhgvrCgKMzzho05wBxy9_bT-XoOR6i2fVSu7HUhi2E
expires
Thu, 13 May 2021 16:15:20 GMT
last-modified
Tue, 04 Feb 2020 01:30:01 GMT
x-goog-generation
1580779801190315
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1084
x-goog-hash
crc32c=+XVPJw== md5=pFDBHqtx21P9aslGrvSXrw==
x-goog-storage-class
MULTI_REGIONAL
vary
Accept-Encoding
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
cache-control
public, max-age=31536000
age
135089
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
593a8f8dccd4bf0f-FRA
content-encoding
gzip
cf-request-id
02b8780c990000bf0f940ae200000001
link
t.skimresources.com/api/v2/ 		22 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547100.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
Jy1Devre.js
cdn.krxd.net/controltag/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/Jy1Devre.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df7354775f93f55bf04112a5828eba1925bc30af29bc6223eccfed2b94bd2fec

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
age
725
x-cache
MISS, HIT, HIT
status
200
x-app-cache
HIT
x-age
0
content-length
6232
x-served-by
config-service-a005-ash-prod.krxd.net, cache-bwi5128-BWI, cache-fra19183-FRA
x-response-time
0
x-do-esi
esi
x-timer
S1589521610.246622,VS0,VE0
etag
"2282831c3394311327619f709f50b49b37057121"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 2, 2
ncg.js
us.tags.newscgp.com/prod/ncg/ 		127 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/ncg/ncg.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
236fc4df42ee397ce69f8b4db95eae6521d8698ad4e5c2e78c20b8adf8f3df23

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 May 2020 23:59:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 12:14:33 GMT
Server
AmazonS3
Age
20849
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
49qGIb5wqLyX3DBAgdgDN5-b9zYMu3E5enPfR35b1wxdUdjk6CENhw==
ml.br.js
js.matheranalytics.com/static/ltm/ma50638/961919700/4/
Redirect Chain
  • https://js.matheranalytics.com/s/ma50638/961919700/ml.js?cb=1533
  • https://js.matheranalytics.com/static/ltm/ma50638/961919700/4/ml.br.js
130 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma50638/961919700/4/ml.br.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
1336a1e668fb7d3226d7abb8e2228408e968bbb71f8f386191897d9175fd8d86

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 May 2020 20:37:43 GMT
content-encoding
br
last-modified
Fri, 26 Apr 2019 15:39:32 GMT
server
nginx
age
205747
etag
"6d4fab885d1b0710bb4ab11abce14987"
vary
Accept-Encoding
x-cache
HIT Fri, 26 Apr 2019 15:54:11 GMT
content-type
application/x-javascript
status
200
cache-control
public, max-age=269200
alt-svc
clear
content-length
39257
via
1.1 google

Redirect headers

date
Fri, 15 May 2020 05:46:50 GMT
via
1.1 google
server
nginx
status
301
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma50638/961919700/4/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
7-gc-euw1-10928
ucb.js
static.clicktripz.com/r/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clicktripz.com/r/ucb.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-38.ham50.r.cloudfront.net
Software
openresty/1.13.6.2 /
Resource Hash
209cc3a5acdbafd9256770f9577e2ae35abad8877f495eff5656c680bc60be99

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:28:08 GMT
content-encoding
br
age
26325
x-kong-proxy-latency
0
x-cache
Hit from cloudfront
status
200
x-kong-upstream-latency
118
last-modified
Thu, 14 May 2020 22:27:57 GMT
server
openresty/1.13.6.2
etag
W/"5ebdc5ed-f9f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
kong/2.0.3, 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
cache-control
max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
1plmhuuJAty-Ux72T1oZQbRYJWg7NRPxkdmxh0jDLNximvW-YKxagQ==
expires
Fri, 15 May 2020 22:28:08 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F8DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=Xr4syVVbLiIAACBB-E8AAABF; CMPS=4352; CMST=Xr4syV6+LMkB; CMDD=AANELQE*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html
Expires
Fri, 15 May 2020 05:46:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 15 May 2020 05:46:50 GMT
Content-Length
1662
Connection
keep-alive
Set-Cookie
CMID=Xr4syVVbLiIAACBB-E8AAABF;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 May 2021 05:46:50 GMT CMPS=4352;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Aug 2020 05:46:50 GMT CMPRO=203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Aug 2020 05:46:50 GMT CMST=Xr4syV6+LMoB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 May 2020 05:46:50 GMT CMDD=AANELQE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 May 2020 05:46:50 GMT CMRUM3=be5ebe2cca05a0&275ebe2cca0b40&285ebe2cca05a00&585ebe2cca05a0&2e5ebe2cca05a0&2d5ebe2cca05a0&c45ebe2cca05a00&9d5ebe2cca05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 May 2021 05:46:50 GMT
a-01qt.min.js
b-code.liadm.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01qt.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
d8ea5ecb9df9893a3c2a94e77577f223f67a04f5d4ced41d304a352900ffc324

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
last-modified
Wed, 18 Mar 2020 09:50:40 GMT
etag
"591ed91b52da893b9ac928a2c2981dd9"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=364
accept-ranges
bytes
content-length
10475
v2
z-na.associates-amazon.com/onetag/ 		23 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=60bac51f-6fc1-4c7c-a16c-77ee5fd7f6ae
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.178.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-178-51.ham50.r.cloudfront.net
Software
Server /
Resource Hash
8ac8f69a1b0c44b402deeaf4f84d1f4c275313efe637e73bfdbac8a24b3afb81

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 14 May 2020 20:34:03 GMT
via
1.1 64cab3aa5eaf0c5f28d762c526424858.cloudfront.net (CloudFront)
accept-charset
UTF-8
server
Server
age
33167
x-amz-rid
CHN751017DWMPPSQ94EX
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
HAM50-C1
content-length
23
x-amz-cf-id
aemZwZk7635SzjMhpBWXkHRfqwGfxiQ1gcHs-qALJD_a8pp2Nw5PzQ==
static.min.js
cdn.exelator.com/build/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exelator.com/build/static.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eab5593abd1540432ae819c9b55c7b6ae8c1102ac24ed8147edc35b5c289d46a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 23:53:04 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 15:59:58 GMT
server
AmazonS3
age
21230
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
dNws.zffdClvQ.kxsytSP4buI.Z.z6Fc
status
200
x-amz-cf-pop
HAM50-C3
content-type
application/javascript
x-amz-cf-id
4_oOLnr4nHL6jPao4nXWiKrS0OgGRooYBfAXxEKsUsUh7o_CRSQH3w==
via
1.1 20997ca80e84f6ddda445ba948f015bd.cloudfront.net (CloudFront)
analytics-1.5.0.min.js
cdn.keywee.co/dist/
Redirect Chain
  • https://cdn.keywee.co/dist/analytics.min.js
  • https://cdn.keywee.co/dist/analytics-1.5.0.min.js
17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/analytics-1.5.0.min.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:2e00:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48f91b42f40863f11d1675b9329cee9fa99d1f791f6a42c50be8a4e76b30116e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 16:58:59 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 05:56:23 GMT
server
AmazonS3
age
132472
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=259200,public
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
-tWe0aIW0vXrqFTdIEFBcSqJTAmjj6XFiOEyXCrmjnyHpQ9MsO_vBg==
via
1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)

Redirect headers

date
Thu, 14 May 2020 11:52:22 GMT
via
1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)
server
AmazonS3
age
64469
status
301
x-cache
Hit from cloudfront
location
/dist/analytics-1.5.0.min.js
x-amz-cf-pop
HAM50-C2
content-length
0
x-amz-cf-id
LhRjr4C644WUtII_vnhxdJjZ1ruOkfLj-u9vLOtZGyB1nKHhIV7aXQ==
P-A2229206-8f74-4692-9c75-1f3d78c142441.js
d.impactradius-event.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/P-A2229206-8f74-4692-9c75-1f3d78c142441.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d36b88ae4f3d2d389d5ae3f0ac6edd690c3db0c99fc423d8ae2d1b34a4a9b00e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:42:58 GMT
content-encoding
gzip
age
233
x-guploader-uploadid
AAANsUm6WmT42UjblxxsWKWonjkzi19cppKo4QIV6HkpT-lxWoAdrn0M7ZtJzChgCxK7rfYd9Vbt7htgP43e12jO-S2L9f73ZQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6499
last-modified
Fri, 01 May 2020 03:53:11 GMT
server
UploadServer
etag
"39ae3b7a973755ca8da4375b25d53f28"
vary
Accept-Encoding
x-goog-hash
crc32c=Q66UTg==, md5=Oa47epc3VcqNpDdbJdU/KA==
x-goog-generation
1588305191980640
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
6499
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Fri, 15 May 2020 05:47:58 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6390601&ns__t=1589521609944&ns_c=UTF-8&c8=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&c7=https%3A%2F%2Fpa...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&ns__t=1589521609944&ns_c=UTF-8&c8=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&c7=https%3A%2F%2Fp...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&ns__t=1589521609944&ns_c=UTF-8&c8=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&c7=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&c9=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:50 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&ns__t=1589521609944&ns_c=UTF-8&c8=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&c7=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&c9=
Pragma
no-cache
Date
Fri, 15 May 2020 05:46:50 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
third-party-iframes.html
video.unrulymedia.com/iframes/ Frame D841 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1653-0-g38b0fdf&siteId=622642
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.191.194 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-194.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
video.unrulymedia.com
:scheme
https
:path
/iframes/third-party-iframes.html?h=v1.0.1653-0-g38b0fdf&siteId=622642
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
content-type
text/html
content-length
466
date
Fri, 15 May 2020 05:46:51 GMT
last-modified
Thu, 14 May 2020 16:18:52 GMT
x-amz-expiration
expiry-date="Fri, 14 May 2027 00:00:00 GMT", rule-id="Delete after 7 years"
etag
"ac4c11853291c5a2756611ba0a31a83a"
cache-control
max-age=600
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 f2bfcb0e5eaa96cb4b9aaa38ccd55547.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
JO0jzbAT6J6SYQLgPfOyuqoc_PlIpcrT1YY3UcUzl9xfIXhLQwd1Bw==
/
r.skimresources.com/api/ 		174 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547100.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
d2c5e0b2ad7bac0634d0cb3bcd97753b2d2ad792719a703cb946a90f3e4dc91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://pagesix.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
application/json
alt-svc
clear
via
1.1 google
page
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547100.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:50 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
lady-gaga-stupid-love.jpg
nyppagesix.files.wordpress.com/2020/02/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyppagesix.files.wordpress.com/2020/02/lady-gaga-stupid-love.jpg?quality=90&strip=all&w=322&h=213&crop=1
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aa098959a8761aadc1d63242d40fbeb4ef25b671a1d5a60abc18f52dc8ce86e3

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 24 np
date
Fri, 15 May 2020 05:46:50 GMT
last-modified
Fri, 28 Feb 2020 17:12:45 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
23554
expires
Wed, 17 Jun 2020 14:47:35 GMT
/
srv-2020-05-15-05.pixel.parsely.com/start/ 		77 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://srv-2020-05-15-05.pixel.parsely.com/start/?rand=1589521610146&plid=95293164&idsite=nypost.com&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&sref=&sts=1589521610141&slts=0&title=REvil%2C+law+firm+hackers%2C+double+ransom+demand%2C+threaten+Donald+Trump&date=Fri+May+15+2020+07%3A46%3A50+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=1693505&callback=parselyStartCallback
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.232.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-232-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6823bc13a1c517075767ebf6fa41e448ad7cfc5529f3fd326f6de588e34d930c

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:50 GMT
Server
nginx
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Length
77
Content-Type
application/json
cookie.html
us.tags.newscgp.com/prod/ncg/ Frame 0F89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
us.tags.newscgp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Thu, 14 May 2020 23:53:54 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
fJnnaqOa6GQSj-UVq7FBop8TefmEeXxPxP5xzZUmck7qBIsU1cbGKg==
Age
21177
newsus.js
cdn.pprl.io/js/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pprl.io/js/newsus.js
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-57.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa66c534036afacee6243cfc690c77792f7a1d0270fbb43410fd29a0a19e45c0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:42:23 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 24 Feb 2020 01:48:51 GMT
Server
AmazonS3
Age
274
ETag
"1396a572a436bb340f5154dee2bd941b"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 0a6bbd9174811c69f7dfb09b939e5b09.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, s-maxage=600, public
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
19744
X-Amz-Cf-Id
nEbgZaDhB7vX3R75QFCwRXZDxJYTmI21U352801ozX4PltuafeWnpw==
quant.js
secure.quantserve.com/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.232 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15-May-2020 05:46:51 GMT
Server
QS
Etag
M0-004a9efe
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Strict-Transport-Security
max-age=86400
Content-Length
8025
Expires
Fri, 22 May 2020 05:46:51 GMT
39670
tags.bluekai.com/site/ 		62 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/39670?id=3f485834-c1d1-4c4e-897d-e51afe743113
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-237-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:50 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
64d6
Content-Type
image/gif
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/mapuid?member=7239&user=3f485834-c1d1-4c4e-897d-e51afe743113
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D7239%26user%3D3f485834-c1d1-4c4e-897d-e51afe743113
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D7239%26user%3D3f485834-c1d1-4c4e-897d-e51afe743113
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:53 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
AN-X-Request-Uuid
f15abcdb-8d89-4122-bff9-7eb777d8a888
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:53 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid
09738b17-ab2e-4088-b8a6-7e2c3cfdc55f
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D7239%26user%3D3f485834-c1d1-4c4e-897d-e51afe743113
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=newsiq&partner_uid=3f485834-c1d1-4c4e-897d-e51afe743113
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.141.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-141-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 15 May 2020 05:46:51 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1589521611
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n024-dub-prod.krxd.net
465646.gif
idsync.rlcdn.com/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/465646.gif?partner_uid=3f485834-c1d1-4c4e-897d-e51afe743113
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.8.149 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
149.8.241.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 15 May 2020 05:46:51 GMT
via
1.1 google
alt-svc
clear
i
us.pixel.newscgp.com/ 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.pixel.newscgp.com/i?stm=1589521610207&e=se&se_ca=aka&se_ac=link%3Adomain&se_la=3f485834-c1d1-4c4e-897d-e51afe743113&se_pr=pagesix.com&tv=js-2.9.0&tna=_ncg__0&aid=newsconnect-global&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f0dd8f79-dd40-4c94-a9c4-091ccbc75abd&dtm=1589521610205&vp=1600x1200&ds=1585x4812&vid=1&sid=5e1a2ba2-9527-4054-9010-b5a5d8f12560&duid=3f485834-c1d1-4c4e-897d-e51afe743113&fp=9633379&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.85.246.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-246-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:51 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
pack
rb.adnxs.com/ 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.201 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
32.ratbait.prod.ams1.adnexus.net
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=utf8

Response headers

status
204
date
Fri, 15 May 2020 05:46:59 GMT
access-control-allow-credentials
true
server
nginx/1.16.0
access-control-allow-origin
https://pagesix.com
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
/
log.ncaudienceexchange.com/pb/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.ncaudienceexchange.com/pb/
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=utf8

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
via
1.1 google
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,Keep-Alive,Origin,User-Agent,X-Requested-With
status
204
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-allow-credentials
true
x-appengine-log-flush-count
0
controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
cdn.krxd.net/ctjs/ 		249 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/Jy1Devre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
age
5583153
x-amz-server-side-encryption
AES256
x-cache
HIT
status
200
x-cache-hits
1333584
content-length
81295
x-served-by
cache-fra19183-FRA
last-modified
Wed, 11 Mar 2020 14:15:55 GMT
x-timer
S1589521610.295081,VS0,VE0
etag
"e4cdf7ad64ebac73f207c1ce55cc1727"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sat, 09 Mar 2030 14:15:54 GMT
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
last-modified
Thu, 14 May 2020 14:28:21 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1589466993.846892"
status
200
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
akamai-age-ms
-1
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
7090
expires
Sun, 14 Jun 2020 05:46:50 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
last-modified
Thu, 14 May 2020 14:28:21 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1589466976.661692"
status
200
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
akamai-age-ms
1589467055151
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
2735
expires
Sun, 14 Jun 2020 05:46:50 GMT
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=662ad4f5623a891e621b913f530e9781_770_1589521610182&tm=1361&eT=0&widgetWidth=618&widgetHeight=794&widgetX=334&widgetY=3010&tpcs=0&wRV=1070208&pVis=1&lsd=20ae19c9-22af-45ee-af6d-cfa5fbbba409&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
b1df21b32e1af4ccced839fd3ad2ee64
Content-Length
30
streamFeed.js
widgets.outbrain.com/nanoWidget/1070208/module/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/1070208/module/streamFeed.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
54922dfd4913057b2171d1c45c6a0f20491af63413a854513b1880f206f726ef

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
last-modified
Thu, 14 May 2020 14:28:21 GMT
server
AkamaiNetStorage
status
200
etag
"526c0cc8b9796ce1eff05236411e0dfc:1589467020.373391"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
14956
get
odb.outbrain.com/utils/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&settings=true&recs=true&widgetJSId=AR_12&key=NANOWDGT01&idx=1&version=1070208&apv=true&sig=CdW8x6Ez&format=html&va=true&et=true&rand=87812&pdobuid=-1&osLang=en-US&t=NjYyYWQ0ZjU2MjNhODkxZTYyMWI5MTNmNTMwZTk3ODE=&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1&ref=&px=651&py=5284&vpd=4084
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29d35b22bc467de31d6859aeaa7dec16404beba88d7b6287f8ecac52fd806658
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
c88e60b462c836ce884b15f85e23506f
content-length
4258
x-served-by
cache-mdw17381-MDW, cache-hhn4021-HHN
pragma
no-cache
x-timer
S1589521610.320192,VS0,VE134
date
Fri, 15 May 2020 05:46:50 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.81
accept-ranges
bytes, bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6IjQ5N2Y1YTcyMzFkNGQ1YTU4YWRkZmRhYmY4NGU1OTE5NjZjY2NhMWZkMzA3YTI4N2Q1NDBlNTQ1YmYyY2VjNTIiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ5N2Y1YTcyMzFkNGQ1YTU4YWRkZmRhYmY4NGU1OTE5NjZjY2NhMWZkMzA3YTI4N2Q1NDBlNTQ1YmYyY2VjNTIiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e4645dea52b9b85141c17b741cec2869fab9aaf8b4fc65bf5592f508ca33087
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Wed, 13 May 2020 18:49:20 GMT
Date
Fri, 15 May 2020 05:46:51 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2426927
Connection
keep-alive
X-TraceId
5d4b552aff5ea85afa6e21ea23e4cad6
Timing-Allow-Origin
*
Content-Length
24179
eyJpdSI6Ijc3MDY3MDhjOWFhZGY3MDFhNmRiNDNhYTBhYjQzYTUwOTMwNjc5YTg5MjgwZjUxOThjOTEzNTlkNTIzNjU0OWMiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc3MDY3MDhjOWFhZGY3MDFhNmRiNDNhYTBhYjQzYTUwOTMwNjc5YTg5MjgwZjUxOThjOTEzNTlkNTIzNjU0OWMiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c2554a0c3b800f208cc153bcf0801fa55bd70f4011697a82ef1abc323bec6f83
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Tue, 12 May 2020 09:20:40 GMT
Date
Fri, 15 May 2020 05:46:51 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2462400
Connection
keep-alive
X-TraceId
eeda1735bbdf534f702ad54265a28c5f
Timing-Allow-Origin
*
Content-Length
30951
eyJpdSI6IjViOTQ2NDFhYzU4OTdmYWY5OWE3NzEwNDVkZjliNGE2YjBjOGQyMjdlNTRmN2VmN2YxZGIxOGU5NWVkZjA3YWIiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjViOTQ2NDFhYzU4OTdmYWY5OWE3NzEwNDVkZjliNGE2YjBjOGQyMjdlNTRmN2VmN2YxZGIxOGU5NWVkZjA3YWIiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffe75c2a5e7469d66cca8dd00f766dcf60846ec0080c8aa565645f39db29fac9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 23 Apr 2020 18:59:57 GMT
Date
Fri, 15 May 2020 05:46:51 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1104615
Connection
keep-alive
X-TraceId
7c995c76fa04e0d27b25742b2cb3f5f8
Timing-Allow-Origin
*
Content-Length
28497
eyJpdSI6ImU1OWE4NWU5MWVmZTVmMmQ2YjViYTEyMzlmYmU3ZTI4NGVhOGNjN2UwZTkyNzJlZmUyNWUyYjIwOWIwYzA5N2YiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1OWE4NWU5MWVmZTVmMmQ2YjViYTEyMzlmYmU3ZTI4NGVhOGNjN2UwZTkyNzJlZmUyNWUyYjIwOWIwYzA5N2YiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
70628e3700b24d87417f87aad411696ef680a239b04489ae92fd4cc1c90ad5ae
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Tue, 12 May 2020 22:57:43 GMT
Date
Fri, 15 May 2020 05:46:51 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2444815
Connection
keep-alive
X-TraceId
8e519a012ff58255d3f716c4506b6fa9
Timing-Allow-Origin
*
Content-Length
15425
eyJpdSI6Ijg5YTFmNWEyN2JhM2Q1MmE1NTgyMmMwMzU1ZGFhOTEyOTdiNjI4MmJlNzk1MTc3Mzg1YzYzMjA0ZWI4ZWEwMTgiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg5YTFmNWEyN2JhM2Q1MmE1NTgyMmMwMzU1ZGFhOTEyOTdiNjI4MmJlNzk1MTc3Mzg1YzYzMjA0ZWI4ZWEwMTgiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f41877a0ab933a78bcdcc75ac9bb88181d1a6d1c1d6da35ac85d0626ae1512dc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sun, 19 Apr 2020 08:37:00 GMT
Date
Fri, 15 May 2020 05:46:51 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1597635
Connection
keep-alive
X-TraceId
6679c7e4c4ae7069cd5bcbebe00acf8b
Timing-Allow-Origin
*
Content-Length
42906
eyJpdSI6ImFjZjk4NDJmZGJmOGYzNTJmYjgzYjUxZTBmN2RmNTFjYWVlY2YxNWVkMjA0ZGZhZTUzMDc0NjE1ZDgzMjcyYTYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFjZjk4NDJmZGJmOGYzNTJmYjgzYjUxZTBmN2RmNTFjYWVlY2YxNWVkMjA0ZGZhZTUzMDc0NjE1ZDgzMjcyYTYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65cddf5c9d9f57578f197e2bfc68308baf66f4484a9ce88b58eee560602404ac
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sat, 09 May 2020 16:19:10 GMT
Date
Fri, 15 May 2020 05:46:52 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2445422
Connection
keep-alive
X-TraceId
47070f4ac6a68586c372f7fa2610cd85
Timing-Allow-Origin
*
Content-Length
41926
eyJpdSI6ImYzNTFhZjYxMmY5ZDBiZDlkMWIwNjRkMzI2OTI1NmEwYzk3N2U3YjFlN2M4NmNlOWE4Yzk4ZTNhMWM4ZWM3MzkiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYzNTFhZjYxMmY5ZDBiZDlkMWIwNjRkMzI2OTI1NmEwYzk3N2U3YjFlN2M4NmNlOWE4Yzk4ZTNhMWM4ZWM3MzkiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ad5daee7005ddb42919d55a0f0b61ea8250d9073a99546793a8eb19fecdd5c3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 14 May 2020 17:13:33 GMT
Date
Fri, 15 May 2020 05:46:52 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2458774
Connection
keep-alive
X-TraceId
aec485726ab89703468c9315229f7ecd
Timing-Allow-Origin
*
Content-Length
38946
eyJpdSI6IjVmYjY0N2IzYTk3OTgwMmY5ZjQ5NDhmNTEzMzAyMjdmOTYwNGFkNmI2Y2MxMWIzNjI4ZjY2MWRiZTRhNWUzZGQiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVmYjY0N2IzYTk3OTgwMmY5ZjQ5NDhmNTEzMzAyMjdmOTYwNGFkNmI2Y2MxMWIzNjI4ZjY2MWRiZTRhNWUzZGQiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2eca8ba3249ef64a990efba92c9bb26cc4cc1e23857a83c4714033ddce3b51d7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 14 May 2020 22:03:06 GMT
Date
Fri, 15 May 2020 05:46:52 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2451078
Connection
keep-alive
X-TraceId
5d02f3820a30f6871e1f4e07c07ae0a9
Timing-Allow-Origin
*
Content-Length
74170
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 371B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
recs_ada9ae79db0cf0558c96f17dc81cf1b8=0B2813817024A2774958102A2275839614A2812349080A2375991722A2782756512A2815445163A2815824383ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"55934d2eee012daae4d5234908aacef9:1586069622.523465"
last-modified
Sun, 05 Apr 2020 06:53:35 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Sat, 16 May 2020 05:46:50 GMT
date
Fri, 15 May 2020 05:46:50 GMT
content-length
3517
timing-allow-origin
*
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1589521610~rv=42~id=51dc82e41217f4518b584d2d62c23602; path=/; Expires=Fri, 15 May 2020 05:46:50 GMT; Secure; SameSite=None
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 09:48:23 GMT
etag
"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-amz-meta-version
0.2.0
content-type
application/javascript
status
200
cache-control
max-age=3272
accept-ranges
bytes
content-length
2374
cookie.html
www.ncaudienceexchange.com/prod/ncg/ Frame 04E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-66.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
www.ncaudienceexchange.com
:scheme
https
:path
/prod/ncg/cookie.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
content-type
text/html
date
Fri, 15 May 2020 00:16:38 GMT
last-modified
Wed, 28 Aug 2019 23:03:03 GMT
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 4efecb7b2ace4b001ec9b1d536dcfc43.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
JkbrFBnq1zgbYdTJvMNp3w59YE6qVMR9PP94iaKHrWdoY6Aic-qIXw==
age
19813
cookie.html
tags.realtor.com/prod/ncg/ Frame 891C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.realtor.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-127.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.realtor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Thu, 14 May 2020 23:53:54 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 ef32d25cab1f0dec4c6ff87f7986fe03.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
h1mv8ScUKgD2yHbgSx-LPzl3bk4ShqFhxHex6UGRzErzRIR66bQWDg==
Age
21177
cookie.html
tags.barrons.com/prod/ncg/ Frame 80D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.barrons.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-25.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.barrons.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Fri, 15 May 2020 00:14:39 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 2aad8fcd2689a21927951e9c238dbd00.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C2
X-Amz-Cf-Id
0OZdZlPf36fBEFfOOdsn_TNBrWDD97dyp_8O8WqeKumHZEfy_SSaDQ==
Age
19939
cookie.html
tags.mansionglobal.com/prod/ncg/ Frame 656E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.mansionglobal.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-102.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.mansionglobal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Thu, 14 May 2020 23:53:54 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
8TVweJko0MmO-gmHqaZ-3WjYEvxeYb3X_ncAPEm1NvcRoBkGWhVOJA==
Age
21178
cookie.html
tags.marketwatch.com/prod/ncg/ Frame FD48 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.marketwatch.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-127.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.marketwatch.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Date
Thu, 14 May 2020 18:03:36 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 d0a9a72e5bf584d7f4cd7045997db51e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
qJhZXnH0AleO0WGjdqU5YhKlpIbWfPe4yfKoKIDOgNVv7sq-h9ORsQ==
Age
47724
cookie.html
tags.wsj.com/prod/ncg/ Frame 640E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.wsj.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-127.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.wsj.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Thu, 14 May 2020 23:53:54 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 8a1ff83d003e2ec239013528078f9675.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
xvuHc8wRkOipqrkl3X-H4p0gbTwGA0W62maHL8fHpv7YmydqCPuzkQ==
Age
21177
cookie.html
tags.nypost.com/prod/ncg/ Frame 11BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.nypost.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-102.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.nypost.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Thu, 14 May 2020 23:53:54 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 5828aeb3ed46863908c51896fd6ce33e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
2WqySBPmsLP2PbfDUi2ieOFLTkoDCrwa4OvlVD6XDQ4-CmDfkc5IAA==
Age
21180
cookie.html
tags.decider.com/prod/ncg/ Frame 5D3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.decider.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.decider.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Thu, 14 May 2020 23:53:54 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 fd2461c1fc276b0abb08db5092b879f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
wZ7_NPh4DO3FlETxJdwuROnC1cAM9la_sIJIdSPBVC8D-7rxcSGVzA==
Age
21180
cookie.html
tags.knewz.com/prod/ncg/ Frame AE3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.knewz.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
tags.knewz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Content-Type
text/html
Content-Length
5976
Connection
keep-alive
Date
Fri, 15 May 2020 00:12:29 GMT
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
ETag
"27a77bbc87eed7c50fbccf9c936e316d"
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Hit from cloudfront
Via
1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
EASwvLfnKRScGPMLKTy9f8sQau94GkldZQFHdddGSCHU2BWQMo3R2w==
Age
20062
p
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/p?tna=v1.1.1&aid=a-01qt&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&lduid=a-...
  • https://rp4.liadm.com/p?tna=v1.1.1&aid=a-01qt&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&lduid=a...
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rp4.liadm.com/p?tna=v1.1.1&aid=a-01qt&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&lduid=a-01qt--47b30650-e36e-4106-8d73-d791a5c4905f&duid=aa5d4a657ed8--01e8bdxxjjg16k5t50pactcbb7&se=e30&dtstmp=1589521610469&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-164-102.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pagesix.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:54 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.16.1
vary
Origin
x-frame-options
DENY
content-type
image/gif
status
200
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; includeSubDomains
request-time
1
content-length
43
x-content-type-options
nosniff

Redirect headers

date
Fri, 15 May 2020 05:46:52 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.16.1
request-time
0
status
302
x-frame-options
DENY
location
https://rp4.liadm.com/p?tna=v1.1.1&aid=a-01qt&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&lduid=a-01qt--47b30650-e36e-4106-8d73-d791a5c4905f&duid=aa5d4a657ed8--01e8bdxxjjg16k5t50pactcbb7&se=e30&dtstmp=1589521610469&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
content-length
0
x-content-type-options
nosniff
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&page=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&wrdcnt=731&sec=page-six&pubname=Page%20Six&ptype=article&auth=Emily%20Smith&artupt=1589509372&arttype=column&artpubt=1589503389&artid=5254311&tv=js-3.0.74&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&tvltm=4&tid=1c03a5d6-633a-47c1-a2a4-1c7fe47e7e23&pid=acfcefb8-de5e-4b99-af51-0e4785b1151f&dtm=1589521610559&qnm=_matherq&visible=1&tabid=ebd44ca1-f3aa-46e5-bdf9-fbc7938a6a69&vp=1600x1200&ds=1585x5806&tofa=1589521611&vid=1&duid=11d2d59eb56dffef&fp=9633379&cid=ma50638&mrk=961919700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU4OTUyMTYwNzY1NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNS4wMTkzMTVtYiIsImhlYXBUIjoiMzAuMDY0NDkxbWIiLCJmc3RQYWludCI6Ijc0MiIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIxIiwiY29ublMiOiIxIiwiY29ubkUiOiI0OSIsInNzbFMiOiIxNSIsInJlcXVTIjoiNDkiLCJyZXNwUyI6IjIxMyIsInJlc3BFIjoiNDg3IiwiZG9tTG9hZCI6IjIxNiIsImRvbUludGVyIjoiMTYyMCIsImRvbUxvYWRTIjoiMTgxNyIsImRvbUxvYWRFIjoiMTg1MiJ9LCJrZXl3b3JkcyI6WyJkb25hbGQgdHJ1bXAiLCJoYWNrZXJzIiwibGF3eWVycyJdLCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjgwNDU4NDA1IiwicmVmVGltZSI6IjE1ODk1MjE2MTA1NTgifV19
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.139.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-139-223.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:52 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
get
mv.outbrain.com/Multivac/api/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&settings=true&recs=true&widgetJSId=AR_3&key=NANOWDGT01&version=1070208&apv=true&sig=CdW8x6Ez&format=html&rand=90369&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=NjYyYWQ0ZjU2MjNhODkxZTYyMWI5MTNmNTMwZTk3ODE=&winW=1600&winH=1200&adblck=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=no_abtest
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cb974a93b519a855e821da1be4fc5914067122ed3cd54276aea6ecaf2b9a499

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
a00c573f87e7f7ff7435318d3d6beb3a
content-length
11244
x-served-by
cache-mdw17323-MDW, cache-hhn4021-HHN
pragma
no-cache
x-timer
S1589521612.189645,VS0,VE274
vary
Accept-Encoding, User-Agent
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.23
accept-ranges
bytes, bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 5593 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cdn.krxd.net
:scheme
https
:path
/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Fri, 15 May 2020 05:46:50 GMT
via
1.1 varnish
age
59987723
x-served-by
cache-fra19183-FRA
x-cache
HIT
x-cache-hits
484630
x-timer
S1589521611.625926,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
127.js
cdn.keywee.co/config/ 		203 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/config/127.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:2e00:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fbab5c4ef7c1522822aa0afb0a2afc77d8a16dd5f417fb2f1f4d1d82455029b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 14:43:44 GMT
via
1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)
last-modified
Thu, 15 Nov 2018 09:11:16 GMT
server
AmazonS3
age
54187
etag
"1cbac355d09147fea0d6631a9d11edf6"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C2
content-length
203
x-amz-cf-id
8-GvrYYC41YhSM_8myXIZL78TjKKwwDJBijgOy4nDm5GX9Su2QNtdQ==
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=1a6375bd0626e90dc7326ba14effa34c_770_1589521610394&tm=1765&eT=0&widgetWidth=303&widgetHeight=267&widgetX=656&widgetY=5272&wRV=1070208&pVis=0&lsd=b0b0ba53-4863-4c35-948a-73a8f8d7dfcb&eIdx=&cnsnt=no_consent&ccpa=1---&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:53 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
61fc38fc6b9f9c2836271e1125feb3aa
Content-Length
30
eyJpdSI6ImNjMGM4ZGIyMDU3ODRjNzExZDBkMmMzZTI5YTIzODJhZjI3MDNkOGVkZWE2ZjJjMGZmYWIwNTVkMjUwNzZhNTAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNjMGM4ZGIyMDU3ODRjNzExZDBkMmMzZTI5YTIzODJhZjI3MDNkOGVkZWE2ZjJjMGZmYWIwNTVkMjUwNzZhNTAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a250727e0d82e2efbfad0b96c90e07bf45b628f272b30d49c27515753d36b51
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 14 May 2020 14:48:58 GMT
Date
Fri, 15 May 2020 05:46:52 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2409977
Connection
keep-alive
X-TraceId
cacea05cd9f6b39f79baaca066539456
Timing-Allow-Origin
*
Content-Length
24555
004480f6-3846-481a-abb4-46a3293402ae
consumer.krxd.net/consent/get/ 		221 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/004480f6-3846-481a-abb4-46a3293402ae?idt=device&dt=kxcookie&callback=Krux.ns._default.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4988989cf736a9a88fa52858a321389902bf69e893793fba2558b89d7093728f

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
1
x-served-by
consumer-a006-dub-prod.krxd.net, cache-hhn4081-HHN
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
status
200
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1589521612.229799,VS0,VE0
content-length
179
via
1.1 varnish
x-cache-hits
0, 1
sp-2.9.1.js
cdn.keywee.co/dist/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics-1.5.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:2e00:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 15 Feb 2020 12:23:24 GMT
content-encoding
gzip
last-modified
Sun, 14 Oct 2018 12:37:03 GMT
server
AmazonS3
age
7752207
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
sJW-Pj0Agf_KrAstqnrKQlgVN5GQJOJhxJnu65EYYu694wqxTSq8wA==
via
1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics-1.5.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
IliiFeMXqq2fBKCsGa2AoJz7i8TPETO9OHZM/TbQfliKCrbf82X03eaufVzBuFIgDOsjgwhUdPVnD8CkTSD87g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 15 May 2020 05:46:52 GMT, Fri, 15 May 2020 05:46:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4179979878822909&correlator=1293874336210998&output=ldjh&impl=fifs&adsid=NT&hxva=1&scor=1374536008517624&eid=21065782%2C21065976%2C21065724&vrg=2020050602&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200515&iu_parts=5850%2Cpagesix.desktop%2Crec_atf%2Cstories%2Cbillb_atf%2Crec_btf%2Cinline%2Ccustom%2Cskin%2Crec_widget%2Coverlay_fullpage%2Cnative&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F3%2C%2F0%2F1%2F5%2F3%2C%2F0%2F1%2F6%2F3%2C%2F0%2F1%2F7%2F3%2C%2F0%2F1%2F8%2F3%2C%2F0%2F1%2F9%2F3%2C%2F0%2F1%2F10%2F3%2C%2F0%2F1%2F11%2F3&prev_iu_szs=300x250%7C300x251%7C1x1%7C300x600%7C300x1050%2C970x90%7C970x250%7C978x250%7C1x1%7C1x11%2C300x250%7C300x252%7C1x1%2C1x7%7C1x1%2C1x12%2C1x2%7C1x1%2C300x255%7C300x250%7C1x1%2C1x4%7C1x1%2C320x50%7C1x6%7C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Cstrnativekey%3D1d61rfV5ArKdbiFWDUxcQKbD%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Cstrnativekey%3DLHRZbGizc6JTyFLPgBxihN4H%26amznbid%3D2%26amznp%3D2%7Cstrnativekey%3D1d61rfV5ArKdbiFWDUxcQKbD%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=authors%3DEmily%2520Smith%26page_type%3Darticle%26content%3Ddonald-trump%252Chackers%252Clawyers%26site%3Dpagesix%26ksg%3D%26kuid%3D%26psg%3D300003%252C210001%252C110000%252C110002%252C120000%252C120005%252C120003%252C78luxp%252Ci0fs8e%252Cwymtqt%252C469txr%252Ccqrq1y%252Cssy5n7%252C8byqwu%252Cnqjz0i%252Ciq3i3c%252Cekyf9g%252Cnbpe6e%252Cso8iwm%252Cufeznu%252Cemgiow%252C77i9s2%26video%3Dnone%26nckey_userGroup%3D6&cookie_enabled=1&bc=31&abxe=1&lmt=1589521367&dt=1589521610787&dlt=1589521607870&idt=1647&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adks=422875724%2C3889055879%2C3930521215%2C2600768620%2C1184574182%2C3026137908%2C4091859339%2C1470336576%2C2909627622&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&dssz=149&icsg=0&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0%7C1585x0%7C300x2521%7C1585x5985%7C1585x5985%7C1585x5967%7C300x0%7C1585x5967%7C300x0&msz=300x250%7C970x90%7C300x250%7C1x7%7C1x12%7C1x1%7C300x255%7C998x1%7C1x6&ga_vid=80458405.1589521608&ga_sid=1589521611&ga_hid=547361830&fws=128%2C128%2C128%2C128%2C128%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
129b41910f1bca259f0d9152c3518d04a0637c78418e905faa13ba58ef9bea15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12444
x-xss-protection
0
google-lineitem-id
5095523440,5095523404,5095523401,5095522732,-2,5095523419,5095320711,5095523437,5095522735
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138233898272,138233952676,138219690142,138212961504,-2,138234171079,138219690142,50763423215,55803230735
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pagesix.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
66c76e7a351bcebf588a01117b97b87b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://66c76e7a351bcebf588a01117b97b87b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
i
pixel.keywee.co/ 		43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.keywee.co/i?stm=1589521610850&e=pv&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&page=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&tv=js-2.9.1&tna=cf&aid=127&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=3ec4ee8b-7911-495d-89a7-9b6c1502974d&dtm=1589521610848&vp=1600x1200&ds=1585x6036&vid=1&sid=32adc60e-04f9-4b11-9d6b-8163eb195bc4&duid=97b0319a-54d1-4393-a142-c8f706463fc4&fp=9633379
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.21.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-21-30.compute-1.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200, 200 OK
date
Fri, 15 May 2020 05:46:52 GMT
x-content-type-options
nosniff
server
nginx/1.17.6
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame 9F2A 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136175
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
5WeJP0dxdd9P75G-pX2Py-NAFeK-vdI01M5qSzIP88jsCgvF0bsIKQ==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame 9F2A 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343282
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
FE3psXx2MW7ZJDZRrK9_zWcCUqob8zM_Wkp2Xvjtil6zFsJVACGbVQ==
2656502389547008921
tpc.googlesyndication.com/simgad/ Frame 9F2A 		926 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2656502389547008921
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2ef90f0bb5bd536ce408a5d301537895f96b634c35a4756ffa8fb27fe444b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 08:31:20 GMT
x-content-type-options
nosniff
age
2495732
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
926
x-xss-protection
0
last-modified
Mon, 21 May 2018 18:58:02 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 08:31:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame 9F2A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 9F2A 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:50 GMT
l
www.google.com/ads/measurement/ Frame 9F2A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5AQnauHwTrGXKCdZyr_uOd-L6w5rhjglT_spBNM3zXnEmWySQa4NDeWm5nMiliaFr1_6kk3qdys80yN9pgA-MT3vKkw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame 9F2A 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51268
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 9F2A 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a17-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame 9F2A 		35 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095523440
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:50 GMT
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame BC0B 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136176
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
EDXcfm0QcS8bloO8QOR6KQXHFXOFNKp3-ePv-CLopHa-SLFvfwmXzw==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame BC0B 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343283
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
5lL9vcq6JlcJC3LcfknzkUyS-FHVyKdprLr9-F2IN2HOg_SIpEWWug==
9802214028941331714
tpc.googlesyndication.com/simgad/ Frame BC0B 		926 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9802214028941331714
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2ef90f0bb5bd536ce408a5d301537895f96b634c35a4756ffa8fb27fe444b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 17:33:52 GMT
x-content-type-options
nosniff
age
303180
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
926
x-xss-protection
0
last-modified
Mon, 21 May 2018 18:55:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 May 2021 17:33:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame BC0B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BC0B 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:51 GMT
l
www.google.com/ads/measurement/ Frame BC0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRw1rMrBMom_QuwIdc1pV9qEFfkusKoS0SXHG4KA_ffpDVqkMwV8_A01rqd6N-ui8JFmeIPnWYXUtkOwxHHcpVeexn9QA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame BC0B 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51267
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame BC0B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"5c32dc50-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame BC0B 		35 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095523404
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame D862 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136176
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
E_ZUj_XhU5_0erAuUkJVhTvKIqykfuK4xP0hKKUq22oQ_1YvYx7rbQ==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame D862 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343283
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
H6oyngRAe6mtCE6Wwiqg6J4d5Rn_TIcQ3LWEiz5Q5itQEjrqRtAbvw==
7722809609799656118
tpc.googlesyndication.com/simgad/ Frame D862 		926 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7722809609799656118
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2ef90f0bb5bd536ce408a5d301537895f96b634c35a4756ffa8fb27fe444b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 06 May 2020 01:14:16 GMT
x-content-type-options
nosniff
age
793956
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
926
x-xss-protection
0
last-modified
Mon, 11 Dec 2017 00:02:54 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 May 2021 01:14:16 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame D862 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame D862 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:51 GMT
l
www.google.com/ads/measurement/ Frame D862 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHxT1xJueE0EOb2jdJLcvceOao0fOyp5Y8q5ZvxnNVhUJyXC5MmPbWSslLd73muvNF1Tb5K_i5YdDvWEcd4hrXfaEhOg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame D862 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51267
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame D862 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a16-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame D862 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095523401
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame 6117 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136176
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
NSKDLfGQQVD-9oy-ZTICBj0e2ukaXTljhuw-3jtT7uoimvsTJrbTvg==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame 6117 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343283
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
GiXHKiIwfDsMMqeM7QvFYy7xnK8devlt2TKnkt24GK5sDNH_LQjtTw==
1754342565589426539
tpc.googlesyndication.com/simgad/ Frame 6117 		807 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1754342565589426539
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 Apr 2020 11:11:20 GMT
x-content-type-options
nosniff
age
2918132
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
807
x-xss-protection
0
last-modified
Tue, 03 Oct 2017 15:58:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Apr 2021 11:11:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame 6117 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 6117 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:51 GMT
l
www.google.com/ads/measurement/ Frame 6117 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyBJ2MkO7oMqFxs4HFBcjG0ejveaNZk2xiNEf_SewtWd4mE20sxH3Gv0x-ZQd9LEWFh_6QtPOQ_4yksvbUza4mNU12DA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame 6117 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51267
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 6117 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a17-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame 6117 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095522732
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame 16E7 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136176
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
PMSL4sSCXI8NuJQXdeapzq2JFaDtxiLltosmj6T7FkQ4kXsmS3uwSQ==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame 16E7 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343283
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
MEHG6bjyrlCfLDv3zRGA9Xs-PswbVX9YPAxusFrHBnGGFMM9zStpbQ==
15083381910461318741
tpc.googlesyndication.com/simgad/ Frame 16E7 		926 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15083381910461318741
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2ef90f0bb5bd536ce408a5d301537895f96b634c35a4756ffa8fb27fe444b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 23:45:32 GMT
x-content-type-options
nosniff
age
3045680
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
926
x-xss-protection
0
last-modified
Wed, 23 May 2018 12:23:26 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Apr 2021 23:45:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame 16E7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 16E7 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:51 GMT
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame 16E7 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51267
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 16E7 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a17-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame 16E7 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095523419
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame 7033 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136176
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mStBZZzQE0dE7iDX7YEC03ALOD5A-tulhva751URx0nQoECrNVbW5g==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame 7033 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343283
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
HecDgRtO2pCU5LABijKDACBpo5MKzZqPIt0YEoYI9NZxdyOe53-RMg==
7722809609799656118
tpc.googlesyndication.com/simgad/ Frame 7033 		926 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7722809609799656118
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2ef90f0bb5bd536ce408a5d301537895f96b634c35a4756ffa8fb27fe444b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 06 May 2020 01:14:16 GMT
x-content-type-options
nosniff
age
793956
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
926
x-xss-protection
0
last-modified
Mon, 11 Dec 2017 00:02:54 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 May 2021 01:14:16 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame 7033 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 7033 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:51 GMT
l
www.google.com/ads/measurement/ Frame 7033 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiD4PxyuBs7F04LIuH-tvUU1lFQKQQMS300fqFCSzASCvjcriJFwQJT2HQIilwCWOiI2u82zfGjH20nKKidWDEbjyyoQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame 7033 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51267
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 7033 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a16-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame 7033 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095320711
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame A878 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136176
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ASo3DeAxHditOhZSTa9igtirB5kqtOJSqZPmRKlc5kzGcxQYtj5iJg==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame A878 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343283
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tN75xo2B2T0j46PcCOKw89IOXzzM7QSSa3z0CnN1K6a4JKYo_YXnBg==
14445307390641678809
tpc.googlesyndication.com/simgad/ Frame A878 		631 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14445307390641678809
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 17:38:28 GMT
x-content-type-options
nosniff
age
1858104
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
631
x-xss-protection
0
last-modified
Thu, 15 Oct 2015 13:13:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Apr 2021 17:38:28 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame A878 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame A878 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:51 GMT
l
www.google.com/ads/measurement/ Frame A878 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRejbqcYToRvR_xO9DyXmaTsP3ToxjSHUje6npgNVKCuPW1rKT1jkzF1hPuz-d7CFiG5Q7vtYGl3Uq-ZfyeW1Hd16TUTw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame A878 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51267
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame A878 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a17-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame A878 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095523437
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bl-2a28c82-a54dd07f.js
tagan.adlightning.com/nc-nypost/ Frame 8277 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-2a28c82-a54dd07f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 15:57:16 GMT
content-encoding
gzip
age
136176
x-cache
Hit from cloudfront
status
200
content-length
41126
x-amz-meta-git_commit
2a28c82
last-modified
Wed, 13 May 2020 15:56:34 GMT
server
AmazonS3
etag
"12ee7a91eae13d49c2ef1cbdbf8468dd"
x-amz-version-id
Jb9CAVmC0uB2z7F4SGiitLuI3UJUaD03
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
APhO-y2L4P99mOtfOiU-u2iYFl9h71ZCLICFk66hTJL0AV2goCxIdw==
b-0d4dfcb.js
tagan.adlightning.com/nc-nypost/ Frame 8277 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-75.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:38:49 GMT
content-encoding
gzip
age
1343283
x-cache
Hit from cloudfront
status
200
content-length
12448
x-amz-meta-git_commit
0d4dfcb
last-modified
Wed, 22 Apr 2020 03:15:53 GMT
server
AmazonS3
etag
"4b7672b7833e64e3ddc48bafb06c3c86"
x-amz-version-id
ekypVS20YQAaQ3xs.mWRk9UsoxVK71Ad
via
1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6SdKEvspbk2Gwdm_tn8ipXsp5_6Tv2GMsgQe6KIcuB63St6ZujZBNw==
3080221147358048708
tpc.googlesyndication.com/simgad/ Frame 8277 		119 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3080221147358048708
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 06 May 2020 04:19:59 GMT
x-content-type-options
nosniff
age
782813
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
last-modified
Thu, 08 Sep 2016 16:44:33 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 May 2021 04:19:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/ Frame 8277 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200511/r20110914/client/window_focus_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 04:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
1097331598879969194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 May 2020 04:36:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8277 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Fri, 15 May 2020 05:46:51 GMT
moatad.js
z.moatads.com/newyorkpost462244537432/ Frame 8277 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/newyorkpost462244537432/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 17:47:18 GMT
server
AmazonS3
x-amz-request-id
EFD0049AD8371F38
etag
"01d7ea2dfc2fe1b3ff7bb6f4bbac76d7"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=51267
accept-ranges
bytes
content-length
102271
x-amz-id-2
iyzkG36JXoCxwSngorObnYvmEkaatXsNqsRmJobLwrKbWwzrAbBvVqkIwJAsV0ig5B71d7JJUm4=
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 8277 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"5c32dc50-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
p-fx75g3JszSBqD.gif
pixel.quantserve.com/pixel/ Frame 8277 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fx75g3JszSBqD.gif?labels=_campaign.media.Advertiser%20ID.34934255.Campaign%20ID.2559072403.Line%20Item%20ID.5095522735
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:52 GMT
Server
QS
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9F2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5eCYgK0laU2J9q769my-sucS1d6RtHYxWeUTtvMoESW5S_oVbHvXiposDRXcd8EAdt8sZw-F6qXvRIWsD6-NefO5kC_okg13Gk9FeUMo8hwSJD0IIo40FYWx38NLFcEaJfNPkq6mqF8zNnw0CzCmCSN7lBoxglVwzrEEx3P9QI5x0U2uLLDKW7PvS8MqBzN51aAuwsIpWYBdq1gaVdusvp-Lo-GuvEKTvfJt4MU-cNBUsUKH9Tqao_8uYWA1Sb1Gg70azOtg9RhlHAz1aaV0R&sig=Cg0ArKJSzHK9mZ9O2Ly_EAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:51 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame BC0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQMxYt5n_WEbhP6sB9WjMajjy0VnXyv7W9L6vpAosNoVV1_F5x53Lu443J2gPUvpqhkEwXT8-jt_7Q1ARs8aJ-B_Xy4OzukiCO83hddBX9PdOqC6CF1_g1-mnmV_WLBItV8qaAJgdYK7-WQG-JIqAUlzvDuf7aoBuzpJwad00pxp822d-D-QTMCHAFPAc4L0L75_sOZ4aTFZUSb9cnW1FVqSyjp6eYfxoAQHs_R_b-GVUALECyz-S2s9pOuJG7wdzVpg3CNQBrYfSydmOeRgnJ6Lw&sig=Cg0ArKJSzJQ0t18lxfOVEAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:51 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 9F2A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2d50594fec0b7c273c3554ec222aff74fb5e77f143341f63ea683deb4762f72

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BC0B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
713566c50bdfc813c89d0f19f95ecf61e0c1df36449a8c523e32d05076e3e42a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
index.html
z.moatads.com/serviceworker/ Frame C51F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52566
date
Fri, 15 May 2020 05:46:51 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 9F2A 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
age
1106
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521611.387595,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
49
n.js
geo.moatads.com/ 		127 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=2073353136&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4BS8BwCBQmIoRBBCzBz1BBCTCyBBrcjBC4ehueB57M19aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Gw%23W%7BfQCZI&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=NYPOST1&hp=1&wf=1&vb=9&cm=23&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1589521611322&de=518778509235&m=0&ar=31f9dba90d-clean&iw=24d0cf9&q=2&cb=0&ym=0&cu=1589521611322&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=34934255%3A2559072403%3A5095523440%3A138233898272&zGSRC=1&gu=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&id=1&bo=94708775&bd=94964015&zMoatOrigSlicer1=94708775&zMoatOrigSlicer2=94964015&dfp=0%2C1&la=94964015&gw=newyorkpost462244537432&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A742%3A742%3A0%3A1620&fs=180167&na=1384226270&cs=0&callback=MoatDataJsonpRequest_23896767
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/newyorkpost462244537432/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.155.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-155-56.eu-west-1.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
d9683dc366967b4ebe573a0cf9775f72dba839becbc4f5f916da68e6e7f47901

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:52 GMT
server
TornadoServer/4.5.3
etag
"35be158a959d630bbc331162f21fb0718ec26794"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
127
index.html
z.moatads.com/serviceworker/ Frame BA14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52566
date
Fri, 15 May 2020 05:46:51 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame BC0B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
age
1106
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521611.468975,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
50
view
securepubads.g.doubleclick.net/pcs/ Frame D862 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv145h808S2JzkKnUN0uZNqc2Gi7EvpVFArN59ngxn_OScd6nkUDcoTXX0T_hpPEnE4Sk4I9FMPAk-kYGYUnuo88UPq6xM3IyVb11YprgRP2ncBMNIO8weGRoI3OcEId6IdmpucFoEj9ARODs5OYPOgWUBNsvUnAUOq1vUU1Zgl3EkDcLkm5ux4ikrrphShr3dXiOq-aPt4SLUQmt1_oT1J3qsjimdnX3RFfp52DeN5mqqLagw7_KIY3Q706ekGCiw7gQyYIZm4A4d7K-OZIdID&sig=Cg0ArKJSzIpFExV9P4b4EAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:51 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame D862 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c795cc787b087b839a86ae383d0d9db44b4eb1d07baa6a48ea4ba7950dafe9ec

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
index.html
z.moatads.com/serviceworker/ Frame 97AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52566
date
Fri, 15 May 2020 05:46:51 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame D862 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
age
1107
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521612.621410,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
51
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame D862 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"5c32dc50-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
view
securepubads.g.doubleclick.net/pcs/ Frame 6117 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-tUDOvryJEr4UpKx4slB8xJ1FgKtMhwswoE4ANV6MyFBS1-niGg1HGkqJdu_OLU7pKf_yvCEhZ_ECoy5TH4Kfs0Y2wYBoJk5Shr8rifMYPEcqPOgWNEwpz-pyS-b6Nm9XpW1NoiYx8X7etoJTjfvxC-xy9wvdLtu_Cd0i7TGQ5RhgJTPM8dzFwFKO4lKqBAAfvfqwm7cvmFm2CdUibZxhG3EtWnG6Ol7mkJ5rHQMIvHr341pWyoqWUIpHiNoc5judhJ828o8bTFzrLqLI3nI&sig=Cg0ArKJSzB6oBJvdkIhHEAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:51 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.html
z.moatads.com/serviceworker/ Frame C36F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52566
date
Fri, 15 May 2020 05:46:51 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 6117 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
age
1107
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521612.748156,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
52
view
securepubads.g.doubleclick.net/pcs/ Frame 16E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0aeUYE1gdk16slViIHn8Eml83RB0NsFkmcodBopzmOGEhKvpCS2AMJdZq2Hj46LJwZlp2owZmmAHVENDS4mMD0sH1uOJ8KAcwXDs3vrkT24upgIGuPGlFU1H4d7YVZUU3fR229EYkjbwNQf-lHJLnPxx8soSKXNBpkp_wUCpXr4Ph9bAPyyWWeZxYHLLdpcWTHgSKodwn5NL_t6AnLemwNh7dmKFKx7g729jkpIJ1H2vrl6qC5x8f150ytOB1x4NBnXvKyEIxmm-OTvJt&sig=Cg0ArKJSzOBBrsHrFJbVEAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:51 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 16E7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f7497ade81ade5d92575a13dfb302ee800ee214b1d0d388db27ab0c021276f3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
index.html
z.moatads.com/serviceworker/ Frame 1B00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52566
date
Fri, 15 May 2020 05:46:51 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 16E7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
age
1107
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521612.837700,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
53
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 16E7 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:51 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a17-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
view
securepubads.g.doubleclick.net/pcs/ Frame 7033 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAOByDaS2mHFOM2_KsgTMess3xQcBF6R3ut3Bya3Kk_Yvp5qhfhwgMZGgaEvI56Di_erjazza1qxre7bUhd2hdi6jTSguiY5lYcixVhmNnuLxDSMahNUlhfV4O2-keiqfZUWWJJ1TTDsVZ-U98I4QEoMHB6d5DM9nqIFRfP5E6KNpOUTY_brJYHcmDYaelRZMIKioAowODW8xCekJ2_fSIoc6BnKqyZbNn0JbQRRkRboqxJUwunSQoGtdumyid2UdB_u6KrwIcoVAdSXgTFZnb9a-E&sig=Cg0ArKJSzCBA_CPre1mPEAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:52 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A878 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3FI9wvgKLkvoawsWHAtmDlen-o6rkWly7g0fUTV4jZhIULanA9FDuHCIs9X18k2GO8w02w-PoCXD-8zAVXjzWhSCZu4fsJAmrKXaCI-D0LxnuF9fKiSgGfzrX0qcF4UAfh-F_89SL6B6b6WCR3OHRj3lZoqhUnYqXH_J7Mk0sehmTYre8GsxQI7m4i9F9tz9WgtU7nnqjKWoBP4PwLWD1kZqWzPTjdsT5IsbvNEqJWwFA0GzdVV_OrLJ8M1Mc8fzaxSPKy-Lwr3vp-90iYrOxdRT8CPfibvTQ&sig=Cg0ArKJSzDYYB3oXwCYMEAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:52 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame A878 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf9a6890fc807e81b296b1b67618caa66fb465b741a1d96d792a397543c72836

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
index.html
z.moatads.com/serviceworker/ Frame 2BD8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52565
date
Fri, 15 May 2020 05:46:52 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame A878 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
1107
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521612.133823,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
54
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame A878 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a17-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
truncated
/ Frame 7033 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cec55c6da0afbefc08eefe25fe36f2ec1b807183f7abadf96351511d7f56102e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
index.html
z.moatads.com/serviceworker/ Frame DE88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52565
date
Fri, 15 May 2020 05:46:52 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 7033 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
1107
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521612.198728,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
55
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 7033 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
server
nginx
etag
W/"5c32dc50-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
view
securepubads.g.doubleclick.net/pcs/ Frame 8277 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIkvfy0hPfRT5fxiTMuX-oe4CwESb7K22Jax31WyTHB_19Ls65pSEsO1hMlkIpWkdjJWnv8WpihGUTf-5IEETcACPQ1JyascUEuc5WT-HX6leBuv5lMrS4ENB9OllZLdvwPOflzWUQHBpRQYzEwrV1z12Wu8EARAfAfXaM2AmI-giWOIB2CdWpTM7w5izIYPnVoYkZ9KEbDUz8auq9ricR-NqK-P2hNrCpLYnxYm4lCyb29rnBC8i06myCqOyjO-W-PP_4CXgQBd6XehOAx9o&sig=Cg0ArKJSzPyIyfcHYnKlEAE&adurl=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:46:52 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 8277 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd479e1c34219ab4ba5c82776d6b879f6ebca03a7017521c00acb8f538b8f472

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
index.html
z.moatads.com/serviceworker/ Frame C14E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/serviceworker/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/serviceworker/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
x-amz-id-2
tEI+29/usm6togpnbCSTUmD895bOK/TzHph7Vj5PjRC35k/aGjEcEWANpua2W/ew4g2uZQGiwIQ=
x-amz-request-id
052C26EC7B59E1B5
last-modified
Mon, 13 Jan 2020 15:12:15 GMT
etag
"556947e7caedde54b35b41fec5b6ad30"
content-encoding
gzip
accept-ranges
bytes
content-type
text/html
content-length
3295
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=52565
date
Fri, 15 May 2020 05:46:52 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 8277 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=nyp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
1107
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
status
200
content-length
3316
x-served-by
cache-fra19183-FRA
last-modified
Wed, 13 May 2020 00:28:42 GMT
x-timer
S1589521612.454874,VS0,VE0
etag
"915a09611e3cb158f28a32849d8bdf7c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
accept-ranges
bytes
x-cache-hits
56
u27pbd480.js
pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/ Frame 8277 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/%E2%80%98https://cdn.krxd.net/controltag/u27pbd480.js
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
server
nginx
etag
W/"59510a17-7e5"
vary
Accept-Encoding
content-type
text/html
status
404
x-ac
4.ams _dfw
/
fubotv.pxf.io/xur/0/ 		46 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fubotv.pxf.io/xur/0/
Requested by
Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/P-A2229206-8f74-4692-9c75-1f3d78c142441.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.231 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
231.76.201.35.bc.googleusercontent.com
Software
/
Resource Hash
911554b5b2df32333c3bc54a4c2980da6ba27b784e926d0db768c79622a719f5

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:52 GMT
via
1.1 google
status
200
p3p
policyref="\/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
alt-svc
clear
expires
Fri, 15 May 2020 05:46:52 GMT
get
cdn.krxd.net/userdata/ Frame 9F2A 		224 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
0
x-cache
MISS, MISS
status
200
x-age
0
content-length
179
x-served-by
userdata-a005-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.838850,VS0,VE97
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 3
i
us.pixel.newscgp.com/ 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.pixel.newscgp.com/i?stm=1589521612829&e=pv&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&page=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&tv=js-2.9.0&tna=_ncg__0&aid=newsconnect-global&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=72791337-641a-4a2c-9a0b-66db7ccc707a&dtm=1589521610363&vp=1600x1200&ds=1585x5806&vid=1&sid=5e1a2ba2-9527-4054-9010-b5a5d8f12560&duid=3f485834-c1d1-4c4e-897d-e51afe743113&fp=9633379&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9ha2EvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsidXNlcl9pZCI6IiIsInVzZXJfcHJvdmlkZXIiOiIiLCJ1c2VyX21lbXR5cGUiOiIiLCJ1c2VyX25ld3NsZXR0ZXJfaWQiOiIiLCJ1c2VyX25ld3NsZXR0ZXJfcHJvdmlkZXIiOiIiLCJicm93c2VyX2RtcF9pZCI6IiIsImJyb3dzZXJfZG1wX3Byb3ZpZGVyIjoiIiwiYnJvd3Nlcl9hZHNfcHBpZCI6IiIsImJyb3dzZXJfYWRzX3Byb3ZpZGVyIjoiIiwiYnJvd3Nlcl9hbmFseXRpY3NfaWQiOiIiLCJicm93c2VyX2FuYWx5dGljc19wcm92aWRlciI6IiIsImJyb3dzZXJfbmNnX2lkIjoiIn19XX0
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.85.246.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-246-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:52 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
get
cdn.krxd.net/userdata/ Frame BC0B 		224 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
0
x-cache
MISS, HIT
status
200
x-age
0
content-length
179
x-served-by
userdata-a005-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.852340,VS0,VE84
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 4
get
cdn.krxd.net/userdata/ Frame D862 		224 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
0
x-cache
MISS, HIT
status
200
x-age
0
content-length
179
x-served-by
userdata-a005-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.886729,VS0,VE49
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 4
publishertag.prebid.js
static.criteo.net/js/ld/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
last-modified
Thu, 23 Apr 2020 08:37:42 GMT
server
nginx
etag
W/"5ea153d6-10c8e"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 16 May 2020 05:46:52 GMT
get
cdn.krxd.net/userdata/ Frame 6117 		224 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
0
x-cache
MISS, HIT
status
200
x-age
0
content-length
179
x-served-by
userdata-a005-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.905418,VS0,VE31
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 4
get
cdn.krxd.net/userdata/ Frame 16E7 		224 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:52 GMT
content-encoding
gzip
age
0
x-cache
MISS, HIT
status
200
x-age
0
content-length
179
x-served-by
userdata-a005-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.911381,VS0,VE25
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 4
rules-p-EPUV3QqrKdxQu.js
rules.quantcount.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-EPUV3QqrKdxQu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2070:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f75e0144333cf413c5e1b7968a9d5cef6e90534a03927c55319aa25798f7cae

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:32:57 GMT
content-encoding
gzip
last-modified
Mon, 30 Sep 2019 22:04:40 GMT
server
AmazonS3
age
835
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
ZquHAlG5xjkJVFWw4-kFgkzvYc_KsoS29WTHxTR0nXe2-EQZEl6hHw==
via
1.1 150f57582a5422af77de04444db8acf9.cloudfront.net (CloudFront)
get
cdn.krxd.net/userdata/ Frame A878 		224 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:53 GMT
content-encoding
gzip
age
0
x-cache
MISS, HIT
status
200
x-age
0
content-length
179
x-served-by
userdata-a005-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.012363,VS0,VE0
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 5
get
cdn.krxd.net/userdata/ Frame 7033 		224 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:53 GMT
content-encoding
gzip
age
0
x-cache
MISS, HIT
status
200
x-age
0
content-length
179
x-served-by
userdata-a005-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.018319,VS0,VE0
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 6
identity.js
connect.facebook.net/signals/plugins/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.18
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
10701
x-xss-protection
0
pragma
public
x-fb-debug
o2bX7/jKdiKJQ53DDY+2H+1MIg8BVbg4R88u2i2GLvqV+4xyj5Ao6jdsR+kZ/dfyaMFsEXZaUCuxQw+cXPpjCQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 15 May 2020 05:46:53 GMT, Fri, 15 May 2020 05:46:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
905617079525218
connect.facebook.net/signals/config/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/905617079525218?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e26803c74f1f585593385a30d333661dbfa0e62102e965c44963b94900e5cf95
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131821
x-xss-protection
0
pragma
public
x-fb-debug
eV/lbav2PY8mRF0JLdAY2oXFm2KsHqaJ+tyyfUQH3PyP8MMApNU5rNNBxuSb4GsEeOWtaHNYqin6mxKt2veDTQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 15 May 2020 05:46:53 GMT, Fri, 15 May 2020 05:46:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
get
cdn.krxd.net/userdata/ Frame 8277 		181 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=004480f6-3846-481a-abb4-46a3293402ae&callback=kx_partner_segments
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-0d4dfcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7017f392691b21df1e66f067e488d5ae131eebc249a8e31da7460ffa641ac059

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 May 2020 05:46:53 GMT
content-encoding
gzip
age
0
x-cache
MISS, MISS
status
200
x-age
0
content-length
155
x-served-by
userdata-a016-ash-prod.krxd.net, cache-fra19183-FRA
x-timer
S1589521613.156747,VS0,VE95
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
0, 0
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=f04386db55b0cddbf2ecf3c67e41fc66_770_1589521612371&tm=4276&eT=0&widgetWidth=618&widgetHeight=226&widgetX=334&widgetY=3831&wRV=1070208&pVis=1&lsd=2387a944-6662-4660-9543-6ed724ba4638&eIdx=&cnsnt=no_consent&ccpa=1---&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:54 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
28a2449d511627ef9cdb8f8884677de4
Content-Length
30
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=3f851a9fb1af0c3917708108c5a1eb10_770_1589521612402&tm=4301&eT=0&widgetWidth=618&widgetHeight=249&widgetX=334&widgetY=4087&wRV=1070208&pVis=0&lsd=791c9a3f-afd5-4dd5-b40a-4125c8065ff5&eIdx=&cnsnt=no_consent&ccpa=1---&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:57 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
4e661a0085e219ad999e09e209231b66
Content-Length
30
eyJpdSI6IjgzYjg2OTYxMTQyMmUwOTczMjg1MGU2MGY2ZTFlNDJlNmY3NGJlNjU3ZjA2NzBjYjRjZGZlMzM0OTU1MDhlYzciLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgzYjg2OTYxMTQyMmUwOTczMjg1MGU2MGY2ZTFlNDJlNmY3NGJlNjU3ZjA2NzBjYjRjZGZlMzM0OTU1MDhlYzciLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0505810f3d03dfc1b69826e3062d093e1b11fa2ac2cd28ddee2b9c617077eabd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Mon, 27 Apr 2020 07:04:31 GMT
Date
Fri, 15 May 2020 05:46:53 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2086109
Connection
keep-alive
X-TraceId
9c32c17ea35570c4697dfcfff37d346b
Timing-Allow-Origin
*
Content-Length
90507
eyJpdSI6IjE5NWEyNGZhYmI4ODMxYmY3YjdjYzU3ZDdhM2U3ZDIyMThmMjQzNzU3ZWVhMzFhN2VhZTk3YjkzMjFmYjZhMzQiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE5NWEyNGZhYmI4ODMxYmY3YjdjYzU3ZDdhM2U3ZDIyMThmMjQzNzU3ZWVhMzFhN2VhZTk3YjkzMjFmYjZhMzQiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2debdd0536ddaa8ed6ca6330f82b73e22245c615cc98c6ae35fb4a0c8613feba
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 14 May 2020 07:08:26 GMT
Date
Fri, 15 May 2020 05:46:53 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2458604
Connection
keep-alive
X-TraceId
b255ea108d2835e3b7c09ee3d64c22a0
Timing-Allow-Origin
*
Content-Length
21296
eyJpdSI6IjFmZjk4NGJiMTc1Yjk0OTk5Y2E0MzkzNGRhNmYxNzAwYmMzMWEyOGZhZWI4OWY2YmViNGVhMmU2YjY4NGIwNzQiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFmZjk4NGJiMTc1Yjk0OTk5Y2E0MzkzNGRhNmYxNzAwYmMzMWEyOGZhZWI4OWY2YmViNGVhMmU2YjY4NGIwNzQiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12d975b5d788e1b616ffea4779f1bc0e3eca61da3627a30991b8535338df619b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 07 May 2020 11:20:34 GMT
Date
Fri, 15 May 2020 05:46:53 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2462400
Connection
keep-alive
X-TraceId
44d98db4d311f1b8ab2529b33f94fa5f
Timing-Allow-Origin
*
Content-Length
26549
eyJpdSI6ImE4NDI3MTExZjZhMDViMTc1NDQyYmMxMDc3YTJlMjU1MzBkY2QwZmViODdjZjI2ZTlkZDhiYWY0NTEyODY4MjYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE4NDI3MTExZjZhMDViMTc1NDQyYmMxMDc3YTJlMjU1MzBkY2QwZmViODdjZjI2ZTlkZDhiYWY0NTEyODY4MjYiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18e03d688538ddd8d4c48d29154e5710686b9269eb6896238ddb34865fcc53a1

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:46:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 May 2020 17:24:57 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2250351
Connection
keep-alive
X-TraceId
f1794f2d87d81c8e1333d3662db9ebd0
Timing-Allow-Origin
*
Content-Length
41054
eyJpdSI6IjBjZjljNDA1M2FiOTUyYmFlYzlmNTRmMDM0ZDZkOTc5MmZjYjgyZjc1NjczMmY0N2JlODNiZGU0MDhkNjI5MjYiLCJ3Ijo1MCwiaCI6NTAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
images.outbrainimg.com/transform/v3/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZjljNDA1M2FiOTUyYmFlYzlmNTRmMDM0ZDZkOTc5MmZjYjgyZjc1NjczMmY0N2JlODNiZGU0MDhkNjI5MjYiLCJ3Ijo1MCwiaCI6NTAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75d2146ad1c333fa5a7377f3a8d84159d1bfebb28c73244c9cd8ab07aa6bbc6b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sat, 02 May 2020 23:33:29 GMT
Date
Fri, 15 May 2020 05:46:53 GMT
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=1950858
Connection
keep-alive
X-TraceId
605abb59fc090d70d7fd6219cca4cf9c
Timing-Allow-Origin
*
Content-Length
1449
eyJpdSI6ImNmZTgzNjg5NzVmNjI3MzljMzM2ZmNlNzNiODIwNTkxMzRhMDMyNWUwNDJlYjEzZjA1MmY3NWFkZjU5ZjcxOTEiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNmZTgzNjg5NzVmNjI3MzljMzM2ZmNlNzNiODIwNTkxMzRhMDMyNWUwNDJlYjEzZjA1MmY3NWFkZjU5ZjcxOTEiLCJ3Ijo0NTAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.70.82 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1878725fd75b43782558fe84d330e7dadfabac01c69db290d6dd241bffb6416
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 14 May 2020 18:14:40 GMT
Date
Fri, 15 May 2020 05:46:53 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2455208
Connection
keep-alive
X-TraceId
a672dd6f691fae74952b493c43172504
Timing-Allow-Origin
*
Content-Length
81082
publishertag.prebid.js
static.criteo.net/js/ld/ 		67 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:53 GMT
content-encoding
gzip
last-modified
Thu, 23 Apr 2020 08:37:42 GMT
server
nginx
etag
W/"5ea153d6-10c8e"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 16 May 2020 05:46:53 GMT
error
quantcount.com/log/ 		0
0
/
www.facebook.com/tr/ 		44 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=905617079525218&ev=KWCEPV&dl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rl=&if=false&ts=1589521613447&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589521613445.65298504&it=1589521613062&coo=false&tm=2&rqm=GET
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:53 GMT, Fri, 15 May 2020 05:46:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 May 2020 05:46:53 GMT
/
www.facebook.com/tr/ 		44 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=905617079525218&ev=PageView&dl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rl=&if=false&ts=1589521613459&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589521613445.65298504&it=1589521613062&coo=false&tm=1&rqm=GET
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:53 GMT, Fri, 15 May 2020 05:46:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 May 2020 05:46:53 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 55C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Sat, 15 May 2021 05:46:53 GMT
Date
Fri, 15 May 2020 05:46:53 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 84EF
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1---
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1---
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.186.1 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a45da625-e45d-0a60-12da-18313133b2f8|1589521613
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=a45da625-e45d-0a60-12da-18313133b2f8|1589521613; Version=1; Expires=Sat, 15-May-2021 05:46:53 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1589521613|mOgikimWiygu; Version=1; Expires=Sat, 30-May-2020 05:46:53 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.186.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 15 May 2020 05:46:53 GMT
content-type
text/html
content-length
375
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=a45da625-e45d-0a60-12da-18313133b2f8|1589521613; Version=1; Expires=Sat, 15-May-2021 05:46:53 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.186.1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2112ce67-3a65-4859-9c29-22ccf4085825&gdpr=1&us_privacy=1---
date
Fri, 15 May 2020 05:46:53 GMT
content-length
0
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame F16D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 13 May 2020 23:08:00 GMT
Content-Encoding
gzip
Content-Length
9160
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=72887
Expires
Sat, 16 May 2020 02:01:41 GMT
Date
Fri, 15 May 2020 05:46:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
current
aol-match.dotomi.com/match/bounce/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A78c7a046-966f-11ea-9f37-12244f280cb6&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 15 May 2020 05:46:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
pixel.advertising.com/ups/55965/
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7TW6nuozu5_1MunK4WD1nuBnu8L1Yb3C7WIHS3E8
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7TW6nuozu5_1MunK4WD1nuBnu8L1Yb3C7WIHS3E8
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.98.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-98-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 15 May 2020 05:46:53 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:53 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Location
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7TW6nuozu5_1MunK4WD1nuBnu8L1Yb3C7WIHS3E8
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 04 Aug 1978 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.123.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-123-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70
sync
pixel.advertising.com/ups/56465/ 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.98.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-98-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 15 May 2020 05:46:53 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
www.facebook.com/tr/ 		0
50 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarykg6VTvbsIa6s8zWA

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 15 May 2020 05:46:53 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://pagesix.com
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
Cookie set a-01qt
i.liadm.com/s/c/ Frame 8A3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=a-01qt--47b30650-e36e-4106-8d73-d791a5c4905f&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.248.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-248-37.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
i.liadm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lidid=f2b0f676-7fcf-4404-a97e-4ebbb29004fa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

Cache-Control
private, no-cache, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 May 2020 05:46:54 GMT
ETag
1.61803398874
Set-Cookie
_li_ss=MgUIBhDLDDIFCAoQywwyBQh6EMoMMgYIiwEQywwyBQgLEMsMMgUICxDLDDIFCHkQygw; Max-Age=2592000; Expires=Sun, 14 Jun 2020 05:46:54 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Length
642
Connection
keep-alive
constrain
www.clicktripz.com/api/integrations/v1/ 		526 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/api/integrations/v1/constrain?publisherAlias=nypost&u=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F
Requested by
Host: static.clicktripz.com
URL: https://static.clicktripz.com/r/ucb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
openresty/1.13.6.2 /
Resource Hash
f0f80720e6b56fd78687a577ad3ab906910d1853f83544a8f474a91952d3e0a8

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:55 GMT
content-encoding
br
server
openresty/1.13.6.2
status
200
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pagesix.com
x-kong-upstream-latency
101
cache-control
private
access-control-allow-credentials
true
via
kong/2.0.3
expires
Thu, 19 Nov 1981 08:52:00 GMT
nypost
www.clicktripz.com/n2/c/v0/a/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/n2/c/v0/a/nypost
Requested by
Host: static.clicktripz.com
URL: https://static.clicktripz.com/r/ucb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
3d39593bbb8478e0110a88fd5aee608f2d30d82fa0dc13e28b1cdfc2becf18da

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 May 2020 05:46:55 GMT
content-encoding
gzip
status
200
x-powered-by
Express
etag
W/"86b-0fzeC3qE1LtVtxm/Hoh/3+AfNco"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pagesix.com
x-kong-upstream-latency
3
access-control-allow-credentials
true
x-kong-proxy-latency
1
access-control-allow-headers
Accept, Content-Type, Cookie, Authorization
via
kong/2.0.2
lookuplist
us.audience.newscgp.com/ 		123 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.audience.newscgp.com/lookuplist?type=domain&site=pagesix.com&value=3f485834-c1d1-4c4e-897d-e51afe743113&&bust=15895216153900.5935156738028495&errors-in-body=1
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-25.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
736e89d00ae0f422bc6360fe3f3001408104ffb1e09b4833731a835ab4e38cab

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:55 GMT
via
1.1 8c7d2e4b1dd1d9cc43ca7f060033ac41.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HAM50-C1
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://pagesix.com
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
123
x-amz-cf-id
rfgd2ilkNlH15rnbkHTkTR4OOcPIo6KvO_gKk8x_Xh8NxFLqkWHOeQ==
logs
www.clicktripz.com/ 		2 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/logs
Requested by
Host: static.clicktripz.com
URL: https://static.clicktripz.com/r/ucb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 15 May 2020 05:46:56 GMT
via
kong/2.0.2
server
Cowboy
x-kong-proxy-latency
198
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-kong-upstream-latency
58
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
2o7hqv8d60ocqipfm802vis6
cs.js
sn1.clicktripz.com/cs/v0/059d731/20-05-11-22-07-39/20-05-11-22-14-09/ 		845 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sn1.clicktripz.com/cs/v0/059d731/20-05-11-22-07-39/20-05-11-22-14-09/cs.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-80.ham50.r.cloudfront.net
Software
/
Resource Hash
b107ca0bed9d9b3e57732bfaa1b205294b0b7bee38f3d248670155e06cb5c822

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 22:40:17 GMT
content-encoding
br
age
284789
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
etag
4919a2393957541133fbcd9d53dcc33859c1a647
vary
Origin,Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-cf-pop
HAM50-C1
access-control-allow-headers
Accept, Content-Type
x-amz-cf-id
QPQ-tIUvbAQIYU18FtRzZNxr1_siZxkatX3mPjAXUsVi69Vmer9YSQ==
expires
Wed, 10 Jun 2020 22:40:21 GMT
ct.core@a5daff3274cedc7e958c76a1ab685f4632d67243.js
sn1.clicktripz.com/cs/v0/r/dependencies/ 		170 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sn1.clicktripz.com/cs/v0/r/dependencies/ct.core@a5daff3274cedc7e958c76a1ab685f4632d67243.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-80.ham50.r.cloudfront.net
Software
/
Resource Hash
09fbdea26b0bdb325ad6f030209e55440435ef71fdb73b79f0c03df40112d8df

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 06 May 2020 16:48:04 GMT
content-encoding
br
age
737931
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
etag
621c149c5958d2d05a70422e4b75b21e01646f5b
vary
Origin,Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-cf-pop
HAM50-C1
access-control-allow-headers
Accept, Content-Type
x-amz-cf-id
yUsWQJiJNNS1xKSSDwHATEaS6X3Fs19QHnaS8s0VolAGujD_Smw1aw==
expires
Fri, 05 Jun 2020 16:48:04 GMT
logs
www.clicktripz.com/ 		2 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/logs
Requested by
Host: sn1.clicktripz.com
URL: https://sn1.clicktripz.com/cs/v0/059d731/20-05-11-22-07-39/20-05-11-22-14-09/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 15 May 2020 05:46:56 GMT
via
kong/2.0.2
server
Cowboy
x-kong-proxy-latency
1
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-kong-upstream-latency
4
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
2o7hqv8p0au6qrsm7gdh7li1
create_context.php
www.clicktripz.com/integrations/api/vendor/nypost/ 		168 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/integrations/api/vendor/nypost/create_context.php
Requested by
Host: sn1.clicktripz.com
URL: https://sn1.clicktripz.com/cs/v0/059d731/20-05-11-22-07-39/20-05-11-22-14-09/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
openresty/1.13.6.2 /
Resource Hash
83fe72ac836eb13d8d1e690af484cd01b5720ee9551d282e11635af24638423e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 15 May 2020 05:46:56 GMT
content-encoding
br
access-control-allow-origin
https://pagesix.com
x-kong-proxy-latency
1
status
200
x-kong-upstream-latency
15
pragma
no-cache
server
openresty/1.13.6.2
vary
Accept-Encoding
access-control-allow-methods
Content-Type, GET, POST, OPTIONS
content-type
application/json
via
kong/2.0.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Methods, Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
pas
www.clicktripz.com/x/ 		826 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/x/pas?ctzpid=d4902dca-2111-4d66-bbc9-e8708d222ef0&alias=nypost&placementId=2949-0&siteId=nypost&obj=exit_unit&ref=useAdServer%7C%7Ctrue%3A%3A%3AusingRuntimeExperiments%7C%7Cfalse%3A%3A%3A_sdkStreamName%7C%7Clive_general%3A%3A%3Aplugin-opt%7C%7C0%3A%3A%3Actcoretag%7C%7Ca5daff3%3A%3A%3Ahttps%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&optMaxChecked=2&optMaxAdvertisers=7&optRotationStrategy=1&optPopUnder=1&optLocalization=en&audiences=%7B%22typeOne%22%3A%5B%5D%2C%22typeTwo%22%3A%5B%5D%7D&tabbedMode=1&userForcedTabbedMode=1&callback=jsonp_callback_1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
openresty/1.13.6.2 /
Resource Hash
9c5b0b8078712ce85d06fd336ea350a180adc7f749a19948dbf8c2748569e189

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:46:56 GMT
content-encoding
br
server
openresty/1.13.6.2
status
200
x-kong-proxy-latency
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-kong-upstream-latency
121
cache-control
private
access-control-allow-credentials
true
via
kong/2.0.3
expires
Thu, 19 Nov 1981 08:52:00 GMT
optout_check
beacon.krxd.net/ 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns._default.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.141.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-141-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
95e1915afb7cac6226532119114b4c1c4d7df35078ef5e2d142fd3e642aadc10

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 05:46:56 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=44 t=1589521616
content-type
text/javascript
x-served-by
beacon-n016-dub-prod.krxd.net
logs
www.clicktripz.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/logs
Requested by
Host: sn1.clicktripz.com
URL: https://sn1.clicktripz.com/cs/v0/059d731/20-05-11-22-07-39/20-05-11-22-14-09/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 15 May 2020 05:46:56 GMT
via
kong/2.0.2
server
Cowboy
x-kong-proxy-latency
0
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-kong-upstream-latency
21
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
2o7hqv9rnu8fsc9um8qa1nq1
record_session_hotel_city.php
www.clicktripz.com/publisher/sessions/ 		0
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clicktripz.com/publisher/sessions/record_session_hotel_city.php?audiences=%7B%22typeOne%22%3A%5B%5D%2C%22typeTwo%22%3A%5B%5D%7D&publisherID=2949&alias=nypost&siteName=null&pageType=Remarketing&sessionVertical=Non-travel&pageviewUUID=5dc8d40f-e0c7-4d1c-8f88-2d2a64420595&ctzpid=d4902dca-2111-4d66-bbc9-e8708d222ef0&referralURL=audiences%7C%7C%7B%22typeOne%22%3A%5B%5D%2C%22typeTwo%22%3A%5B%5D%7D%3A%3A%3AuseAdServer%7C%7Ctrue%3A%3A%3AusingRuntimeExperiments%7C%7Cfalse%3A%3A%3A_sdkStreamName%7C%7Clive_general%3A%3A%3Aplugin-opt%7C%7C0%3A%3A%3Actcoretag%7C%7Ca5daff3%3A%3A%3Ahttps%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&callback=_ctz_callback_jsonp_17af4dbd2d754c3092a1bd4936736844
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
openresty/1.13.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:57 GMT
content-encoding
br
access-control-allow-origin
x-kong-proxy-latency
1
status
200
x-kong-upstream-latency
32
pragma
no-cache
server
openresty/1.13.6.2
vary
Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
via
kong/2.0.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
pixel.php
www.clicktripz.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clicktripz.com/pixel.php?&publisherID=2949&firstDraw=true&pageType=Remarketing&sessionVertical=Non-travel&campaigns=&referralURL=useAdServer%7C%7Ctrue%3A%3A%3AusingRuntimeExperiments%7C%7Cfalse%3A%3A%3A_sdkStreamName%7C%7Clive_general%3A%3A%3Aplugin-opt%7C%7C0%3A%3A%3Actcoretag%7C%7Ca5daff3%3A%3A%3Ahttps%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&t=1589521616911&r=0.8677834810803178&pageview_uuid=null&alias=nypost&siteName=null&ctzpid=d4902dca-2111-4d66-bbc9-e8708d222ef0&usingRuntimeExperiments=false
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software
openresty/1.13.6.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:46:57 GMT
via
kong/2.0.3
server
openresty/1.13.6.2
x-kong-proxy-latency
0
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
x-kong-upstream-latency
13
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, THIN_UI_CSRF_TOKEN
content-length
43
widget
tag.pprl.io/v2/ 		185 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.pprl.io/v2/widget?tag=newsus&bud=4cc2f1d4-9140-4581-9357-ae15360eb566&pid=61937514-b6ed-4970-9ca8-44b642cdc532&ver=2.4.7&prl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rul=&ifm=false&uag=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&ptl=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&tzi=2&wvs=1&wip=1&wes=&callback=__jp0
Requested by
Host: cdn.pprl.io
URL: https://cdn.pprl.io/js/newsus.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.92.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-92-60.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6aa96e0240875edec8a4590c396e92b2f76694653b1a9e525056624d5fdbb4f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.16.1
ETag
W/"b9-mud1l/CSxm451RqAlgcxhyKV4sU"
P3P
CP="Pureprofile does not have a P3P policy."
Cache-Control
no-cache
X-Server
event-collector (v2)
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
168
Expires
Thu, 01 Dec 1994 16:00:00 GMT
surveyData
tag.pprl.io/collect/ 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.pprl.io/collect/surveyData?tag=newsus&bud=4cc2f1d4-9140-4581-9357-ae15360eb566&pid=61937514-b6ed-4970-9ca8-44b642cdc532&ver=2.4.7&svt=impression&prl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rul=&ifm=false&uag=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&ptl=REvil%2C%20law%20firm%20hackers%2C%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&tzi=2
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.92.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-92-60.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 05:46:58 GMT
Server
nginx/1.16.1
P3P
CP="Pureprofile does not have a P3P policy."
Cache-Control
no-cache
X-Server
event-collector (v2)
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Dec 1994 16:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.74&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&tvltm=4&f_privb=0&tid=cc3618c9-131b-427f-99b8-8fcc1d373397&pid=acfcefb8-de5e-4b99-af51-0e4785b1151f&dtm=1589521620505&qnm=_matherq&visible=1&tabid=ebd44ca1-f3aa-46e5-bdf9-fbc7938a6a69&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&vp=1600x1200&ds=1585x6523&tofa=1589521621&vid=1&duid=f89f5294cd585145&fp=9633379&cid=ma50638&mrk=961919700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU4OTUyMTYwNzY1NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI1MS4xNzYyMDJtYiIsImhlYXBUIjoiNjQuMjE5MjE0bWIiLCJmc3RQYWludCI6Ijc0MiIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIxIiwiY29ublMiOiIxIiwiY29ubkUiOiI0OSIsInNzbFMiOiIxNSIsInJlcXVTIjoiNDkiLCJyZXNwUyI6IjIxMyIsInJlc3BFIjoiNDg3IiwiZG9tTG9hZCI6IjIxNiIsImRvbUludGVyIjoiMTYyMCIsImRvbUxvYWRTIjoiMTgxNyIsImRvbUxvYWRFIjoiMTg1MiJ9fQ
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.139.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-139-223.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:47:00 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
/
srv-2020-05-15-05.pixel.parsely.com/event/ 		43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2020-05-15-05.pixel.parsely.com/event/?rand=1589521620644&plid=95293164&idsite=nypost.com&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&sref=&sts=1589521620644&slts=0&date=Fri+May+15+2020+07%3A47%3A00+GMT%2B0200+(Central+European+Summer+Time)&action=heartbeat&inc=5&tt=4901&pvid=1693505&u=pid%3De969603eb14f6e3fbaecfd89fa115a7b
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.232.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-232-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:47:00 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Length
43
Content-Type
image/gif
blank.gif
stats3.unrulymedia.com/ Frame 622C 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=no_matching_placement&placementId=inArticle&placementName=pagesix.com%20-%20%20-%20MOBILE&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=incorrect%20number%20of%20matches%20for%20html%3Ahas(.mobile-share%3Avisible)%20body%5Bdata-unruly-publisher-marker__inArticle%5D%20.entry-content%20%3E%20p%3Aeq(2)&app=native&pid=622642&isMobile=false&pageLoadId=887726976&unr.site.env=html&ts=2020-05-15T05%253A47%253A04.046-%252B02%253A00&firstPaint=1589521608396&perf_consent_start=1589521609772&perf_corejs_start=1589521608865&perf_corejs_end=1589521609773&perf_skin_start=1589521609774&perf_skin_end=1589521609965&id=921269371&d=1589521624047&h=v1.0.1653-0-g38b0fdf
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.249.205.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-205-129.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:47:04 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-075.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
blank.gif
stats3.unrulymedia.com/ Frame 622C 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=zero_matching_placements&message=All%20placements%20failed&app=native&pid=622642&supplyMode=direct&isMobile=false&pageLoadId=887726976&unr.site.env=html&ts=2020-05-15T05%253A47%253A04.088-%252B02%253A00&firstPaint=1589521608396&perf_consent_start=1589521609772&perf_corejs_start=1589521608865&perf_corejs_end=1589521609773&perf_skin_start=1589521609774&perf_skin_end=1589521609965&id=921269371&d=1589521624089&h=v1.0.1653-0-g38b0fdf
Requested by
Host: pagesix.com
URL: https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.249.205.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-205-129.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:47:04 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-075.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
cs.js
sb.scorecardresearch.com/c2/6390601/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/6390601/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 05:47:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2011 23:11:26 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Mon, 18 May 2020 05:47:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8a688e52513d52bd6f1d49e7f2eb411ab7d0a82401e179b4538f1187a7553f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 May 2020 05:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5484
x-xss-protection
0
init1.js
api.bounceexchange.com/bounce/ 		36 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?tojQ=function&cts=1589521625930&tzo=-120&website_id=2130&resolution=1600x1200&referrer=&calling_url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&visit_cookie=%7B%22lp%22%3A%22https%253A%252F%252Fpagesix.com%252F2020%252F05%252F14%252Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%252F%22%2C%22r%22%3A%22%22%7D&cookie=%7B%22v%22%3A%7B%22pbb_response%22%3Afalse%7D%7D&vars[dfp_rblock]=sponsor&vars[pbb_response]=false&vars[section_name]=false&vars[category_page]=false&vars[article_page]=true&vdef[pbb_response]=false&cookie_too_large=false&bp=0&etp=[%22article%22,%22category%22]&pts=article&compliance_flag=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.229.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
34.229.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:47:06 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
content-type
text/html; charset=UTF-8
alt-svc
clear
via
1.1 google
/
mydmp.exelator.com/load/
Redirect Chain
  • https://mydmp.exelator.com/load/?p=1365&g=2&j=d&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rurl=&0-event=OneTrustLoaded&0-One...
  • https://mydmp.exelator.com/load/?p=1365&g=2&j=d&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rurl=&0-event=OneTrustLoaded&0-One...
211 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mydmp.exelator.com/load/?p=1365&g=2&j=d&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rurl=&0-event=OneTrustLoaded&0-OnetrustActiveGroups=%2C%2C&0-gtm.uniqueEventId=0&1-event=OptanonLoaded&1-OptanonActiveGroups=%2C%2C&1-gtm.uniqueEventId=1&2-pagename=%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&2-page_type=article&2-byline=Emily%20Smith&2-tags=donald%20trump%2Chackers%2Clawyers&2-section=page-six&2-article_title=Law%20firm%20hackers%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&2-publish_date=2020%2F05%2F14&2-date=2020-05-14T20%3A43%3A09-04%3A00&2-publish_time=20%3A43%3A09&2-article_update_date_time=2020-05-14T22%3A22%3A52-04%3A00&2-post_id=5254311&2-primary_tag=hackers&2-word_count=731&2-article_type=column&2-stat_tag=enable&3-event=OneTrustLoaded&3-OnetrustActiveGroups=%2CC0012%2CC0013%2CC0017%2C&3-gtm.uniqueEventId=2&4-event=OptanonLoaded&4-OptanonActiveGroups=%2CC0012%2CC0013%2CC0017%2C&4-gtm.uniqueEventId=3&5-gtm.start=1589521609233&5-event=gtm.js&5-gtm.uniqueEventId=4&6-event=gtm.dom&6-gtm.uniqueEventId=6&push=function()%7Bvar%20d%3Bif(0%3Cld.SANDBOXED_JS_SEMAPHORE)%7Bd%3D%5B%5D%3Bfor(var%20e%3D0%3Be%3Carguments.length%3Be%2B%2B)d%5Be%5D%3Dnew%20Qj(arguments%5Be%5D)%7Delse%20d%3D%5B%5D.slice.call(arguments%2C0)%3Bvar%20f%3Dc.apply(a%2Cd)%3BRj.push.apply(Rj%2Cd)%3Bif(300%3C%0Athis.length)for(J(%22GTM%22%2C4)%3B300%3Cthis.length%3B)this.shift()%3Bvar%20h%3D%22boolean%22!%3D%3Dtypeof%20f%7C%7Cf%3Breturn%20Xj()%26%26h%7D&isTrusted=true&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software
nginx/1.14.0 / Undertow/1
Resource Hash
c99559c3ac45efd861fddf27e0d7353fcf7c7e098760cf237f628612c72a3281

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:47:06 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
status
200
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin
https://pagesix.com
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/x-javascript;charset=UTF-8

Redirect headers

date
Fri, 15 May 2020 05:47:05 GMT
server
nginx/1.14.0
status
302
x-powered-by
Undertow/1
location
https://mydmp.exelator.com/load/?p=1365&g=2&j=d&url=https%3A%2F%2Fpagesix.com%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&rurl=&0-event=OneTrustLoaded&0-OnetrustActiveGroups=%2C%2C&0-gtm.uniqueEventId=0&1-event=OptanonLoaded&1-OptanonActiveGroups=%2C%2C&1-gtm.uniqueEventId=1&2-pagename=%2F2020%2F05%2F14%2Fla-law-firm-hackers-double-ransom-demand-threaten-donald-trump%2F&2-page_type=article&2-byline=Emily%20Smith&2-tags=donald%20trump%2Chackers%2Clawyers&2-section=page-six&2-article_title=Law%20firm%20hackers%20double%20ransom%20demand%2C%20threaten%20Donald%20Trump&2-publish_date=2020%2F05%2F14&2-date=2020-05-14T20%3A43%3A09-04%3A00&2-publish_time=20%3A43%3A09&2-article_update_date_time=2020-05-14T22%3A22%3A52-04%3A00&2-post_id=5254311&2-primary_tag=hackers&2-word_count=731&2-article_type=column&2-stat_tag=enable&3-event=OneTrustLoaded&3-OnetrustActiveGroups=%2CC0012%2CC0013%2CC0017%2C&3-gtm.uniqueEventId=2&4-event=OptanonLoaded&4-OptanonActiveGroups=%2CC0012%2CC0013%2CC0017%2C&4-gtm.uniqueEventId=3&5-gtm.start=1589521609233&5-event=gtm.js&5-gtm.uniqueEventId=4&6-event=gtm.dom&6-gtm.uniqueEventId=6&push=function()%7Bvar%20d%3Bif(0%3Cld.SANDBOXED_JS_SEMAPHORE)%7Bd%3D%5B%5D%3Bfor(var%20e%3D0%3Be%3Carguments.length%3Be%2B%2B)d%5Be%5D%3Dnew%20Qj(arguments%5Be%5D)%7Delse%20d%3D%5B%5D.slice.call(arguments%2C0)%3Bvar%20f%3Dc.apply(a%2Cd)%3BRj.push.apply(Rj%2Cd)%3Bif(300%3C%0Athis.length)for(J(%22GTM%22%2C4)%3B300%3Cthis.length%3B)this.shift()%3Bvar%20h%3D%22boolean%22!%3D%3Dtypeof%20f%7C%7Cf%3Breturn%20Xj()%26%26h%7D&isTrusted=true&xl8blockcheck=1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin
https://pagesix.com
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
lulu-lemon.png
thenypost.files.wordpress.com/2020/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenypost.files.wordpress.com/2020/04/lulu-lemon.png?w=90&h=60&crop=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f31678374396d27ff2a1ccd5e9264f71af8ea6cadba1db2cb65959db9c8b486d

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Fri, 15 May 2020 05:47:06 GMT
last-modified
Fri, 01 May 2020 19:44:23 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
7164
expires
Sun, 07 Jun 2020 00:25:57 GMT
santizie.png
thenypost.files.wordpress.com/2020/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenypost.files.wordpress.com/2020/05/santizie.png?w=90&h=60&crop=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
131d52b03a30c9f56a0daeace7bd1b9c2942c4dd8337bc85cfc84d58cc24c71e

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Fri, 15 May 2020 05:47:06 GMT
last-modified
Thu, 14 May 2020 14:41:56 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
4592
expires
Mon, 22 Jun 2020 21:25:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Fri, 15 May 2020 05:47:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 699B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 15 May 2020 00:32:52 GMT
expires
Sat, 15 May 2021 00:32:52 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18853
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
load77.exelator.com/ 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-46.datapacket.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 05:47:06 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-edge-ip
195.181.175.44
x-age
498295
accept-ranges
bytes
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ 		0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=4179979878822909&bg=!KSqlKjJYsD_GoJfaJLcCAAAATFIAAAAOmQFzdbiozI4BSSuTUi4lFx-xrL_F_xQ07pO7lhD-gkc1VtdO5kgS27OVfVuhZLCc2s1LLnRv1NNWYQMdXSwA8GvngDpkYxh6wHeKla8BaYDp4vmiPuS5UkK95IdvzFD3iOjerPfNXZoHzc8-qALcL4sBMyH8ReF3esCYBF0WMICi7oImFd-6K92HCvJm3SWfeH2yYnNHuwcVWeRhnYNlbdonfAz3oZSEePdoySRB1DcpXytyGc6GimmVqWxAlTsuw8SHNS55h6kqPHwrlSpBRdRun9wNfnzTuHo3CgPxY1QndIQGFEGxznCRhqraLfYoObkTKoT9ChykbneN6pktzkbKespEEnmxtifRFg7VlqUfqZ-su2sw9fQ3EIZDqV4ySZazVAXGr-Z_cec1h0cT695BIdcd0OQpd8nMwoFxehmGh9LHDBLUJTKSdE4B5fuWqrsCwxEAIZ-Vnx2ghHzDjBkdnD8nGbTJ0pXhI1BFkRAyiJF9eZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 05:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Domain
mid.rkdms.com
URL
https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=NEWSCORP
Domain
quantcount.com
URL
https://quantcount.com/log/error?msg=%5BUSPAPI%5D%20unsuccessful:%20%5Bobject%20Object%5D

Verdicts & Comments Add Verdict or Comment

376 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper string| GoogleAnalyticsObject function| ga object| optimizely number| fcp object| observerFCP object| observerFID number| lcp object| observerLCP function| handleLCPVisibility function| handleAbandonmentVisibility object| apstag function| loadCSS object| lazySizesConfig object| lazySizes object| google_tag_data object| gaplugins function| __cmp function| __tcfapi function| receiveOTMessage object| otStubData function| jsonFeed undefined| msViewportStyle object| mvp number| slideshowVideo string| nypost_screen number| nypost_width object| gaGlobal object| gaData function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed boolean| apstagLOADED object| Typekit undefined| _ object| UA function| addLoadEvent object| nypScripts object| _wpemojiSettings object| wpcom_mobile_user_agent_info function| Krux function| getCookie object| newsId object| googletag object| locdata object| aJC9ha function| aJC9hb object| xop function| 2pkv9xhkcg0 boolean| vjk7ey1xlog object| 69h0d6c17uo string| nypost_dfp_screen object| dfp_ad_slots_desktop object| dfp_ad_slots_mobile object| apstagSlots boolean| have_ad_slots object| definedSlots object| unruly object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| Optanon object| OneTrust object| adWrapper string| ob_id object| OB_element object| OB_elements function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI number| __unrulyPageLoadId object| __otccpaooLocation object| twemoji object| wp function| FlipboardWidgets object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| dlJREa function| dlJREb function| xblocker object| DtK7pa function| DtK7pb function| xblacklist object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| __core-js_shared__ function| setImmediate function| clearImmediate function| UUIDv1 function| clamp object| STR undefined| UUID object| Audit number| google_srt object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google function| maropostInitTracking string| pxSegmentIDs object| nypostGaJs string| dimension21 function| ncgGetCookie object| ncgId string| hasAmazon object| links object| amazonLinks object| nypZephr object| wpcomVipAnalytics object| sharing_js_options undefined| windowOpen function| st_vt object| _tkq object| _stq object| ZERG function| st_go function| ex_go function| re_go function| linktracker_init object| wpcom string| mobileStatsQueryString object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url undefined| $ function| jQuery object| NO_JQUERY function| pm object| pbjs object| prebidLogStorage function| isDebug function| debugMessage function| logMessage function| pbjs_log function| getDomain string| pageDomain object| pb_keywords function| getPageSectionData function| getPageTypeData function| ccpa_opout function| getPrebidPageConfigure number| PREBID_TIMEOUT object| PAGE_LOAD_SETTING object| headertag string| prebidSectionDefault string| prebidDomain string| prebidBrandSafetySegment string| prebidSection function| pbjsChunk function| AppNexusPrebidAnalytics string| prebidDevice object| _pbjsGlobals object| picturefillCFG function| picturefill function| Headroom object| fastdom object| jQuery11240526634940236435 function| pd_callback function| nypostAdRefresh function| applyFocusVisiblePolyfill object| zephr object| __twttrll object| twttr object| __twttr object| regeneratorRuntime undefined| WPCOMSharing object| bouncex function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| Criteo function| doAddFallback object| PARSELY object| json8081988 object| google_tag_manager undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 object| params string| queryString boolean| Moat#EVA object| MoatContent function| reload_campaigns function| setBounceCookie function| getBounceCookie function| getBounceVisitCookie function| setBounceVisitCookie function| clearBounceCookie object| slideControlButtons object| xl8_script object| xl8_config function| fireFBEvent object| products function| kwa object| se object| fs string| ire_o function| impactStat function| parselyStartCallback object| nb object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| _qevents object| LI object| __li__evt_bus object| liQ boolean| msgData undefined| page_name object| _mather object| tp object| _matherq object| tid function| _typeof2 function| __liSync function| snowplowKW function| fbq function| _fbq number| __google_ad_urls_id number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| Moat#G26 object| MoatSuperV26 object| MoatDataJsonpRequest_23896767 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| IRF object| impactMPEventInstance function| ImpactMPEvent function| quantserve function| __qc object| ezt object| _qoptions object| criteo_pubtag function| sendToNielsen function| CT_FORCE_BOOTLOADER_URL function| CT_FORCE_CONSTRAIN_URL function| CTZ_BAC_FORCE_SESSION_CONFIG object| _CTZG object| PINF function| CTI_METRIC function| _cti_backfill_object_create function| _cti_backfill_array_prototype_reduce function| _cti_backfill_function_prototype_bind undefined| module string| _ctzIntegrationVersion string| _ctzSDKVersion object| _CTZS object| _CTZAPI boolean| _ctz_Promise_configured function| ___CTS function| CTI_FORCE_DEBUG function| CTI_FORCE_DYNAMIC_CTZ_OVERRIDE function| CTI_FORCE_DISPLAY_DEBUG_TOOLS function| CTI_FORCE_PLUGIN_STAGE function| CTI_FORCE_SDK_VERBOSE object| _CTZ_CTI_INSTANCES function| CTI_INSPECT object| _ctrt function| CTI_FORCE_INTEGRATION_URL function| CTI_FORCE_PLUGINS function| CTI_FORCE_PLUGIN_SRC function| CTI_FORCE_PLUGIN_LOAD_FROM_IWS function| CTI_FORCE_TARGETING_RESPONSE function| CTI_FORCE_TARGETING_PRODUCT function| CTI_FORCE_PUB_TARGETING_URL function| CTI_FORCE_EXPERIMENT function| CTI_FORCE_FIREWALL_URL function| CTI_FORCE_STAGED_FIREWALL function| CTI_FORCE_CHARSET function| CTI_FORCE_NO_CAPS function| CTI_GATE function| CTI_FORCE_CREATIVES_OVERRIDE function| CTI_FORCE_WINDOW_CTZ_OVERRIDE function| JsMutationObserver function| CTI_FORCE_CTJS_URL function| CTI_FORCE_CLM_BLOCK function| _CTZ_RELOAD boolean| CTI_LOADED function| _ctComps object| _ctPrepopWindows function| _ctPrepop string| _ctcorestagetag function| _ctcorerequire function| CTI_FORCE_ADSERVER object| jsonp_callback_1 function| _ctz_callback_jsonp_17af4dbd2d754c3092a1bd4936736844 object| _ppl_tag function| __jp0 string| bcx_vars object| GoogleGcLKhOms object| xl8image object| google_image_requests

3 Cookies

Domain/Path Name / Value
.krxd.net/ Name: _kuid_
Value: NZ3esnn7
.pagesix.com/ Name: IR_MPS
Value: 1589521612818%7C1589521612818
.pagesix.com/ Name: IR_gbd
Value: pagesix.com

5 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.speedcurve.com/js/lux.js?id=263325431(Line 1)
Message:
SPEEDCURVE LUX ERROR: Account is not active for LUX_ID "263325431".
console-api log URL: https://s0.wp.com/wp-includes/js/jquery/jquery-migrate.min.js?m=1466523978h&ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2(Line 19)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 4)
Message:
ncg:first-view-aapi-ready
console-api log URL: https://secure.quantserve.com/quant.js(Line 2)
Message:
ERROR Fri May 15 2020 07:46:53 GMT+0200 (Central European Summer Time) [USPAPI] unsuccessful: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.nypost.com *.decider.com *.pagesix.com http://www.stumbleupon.com https://www.stumbleupon.com
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66c76e7a351bcebf588a01117b97b87b.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
aol-match.dotomi.com
api.bounceexchange.com
api.rlcdn.com
api.skimlinks.mgr.consensu.org
as-sec.casalemedia.com
assets.bounceexchange.com
aswpsdkus.com
b-code.liadm.com
beacon.krxd.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.cookielaw.org
cdn.exelator.com
cdn.flipboard.com
cdn.keywee.co
cdn.krxd.net
cdn.optimizely.com
cdn.parsely.com
cdn.pprl.io
cdn.speedcurve.com
connect.facebook.net
consumer.krxd.net
d.impactradius-event.com
d1z2jf7jlzjs58.cloudfront.net
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fpn.flipboard.com
fubotv.pxf.io
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
images.outbrainimg.com
imasdk.googleapis.com
img1.zergnet.com
img2.zergnet.com
img4.zergnet.com
img5.zergnet.com
ithinkthereforeiam.net
js.matheranalytics.com
load77.exelator.com
log.ncaudienceexchange.com
log.outbrainimg.com
logx.optimizely.com
match.adsrvr.org
mcdp-chidc2.outbrain.com
mid.rkdms.com
mv.outbrain.com
mydmp.exelator.com
native.sharethrough.com
nypost-d.openx.net
nyppagesix.files.wordpress.com
odb.outbrain.com
p.skimresources.com
p.typekit.net
pagead2.googlesyndication.com
pagesix.com
pixel.advertising.com
pixel.keywee.co
pixel.quantserve.com
pixel.wp.com
platform.twitter.com
prebid.media.net
quantcount.com
r-login.wordpress.com
r.skimresources.com
rb.adnxs.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.skimresources.com
s0.wp.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
sn1.clicktripz.com
srv-2020-05-15-05.pixel.parsely.com
ssum-sec.casalemedia.com
static.clicktripz.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
stats3.unrulymedia.com
t.skimresources.com
tag.bounceexchange.com
tag.pprl.io
tagan.adlightning.com
tags.barrons.com
tags.bluekai.com
tags.decider.com
tags.knewz.com
tags.mansionglobal.com
tags.marketwatch.com
tags.nypost.com
tags.realtor.com
tags.wsj.com
tcheck.outbrainimg.com
thenypost.files.wordpress.com
tpc.googlesyndication.com
us.audience.newscgp.com
us.pixel.newscgp.com
us.tags.newscgp.com
use.typekit.net
video.unrulymedia.com
widgets.outbrain.com
www.clicktripz.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.ncaudienceexchange.com
www.zergnet.com
z-na.associates-amazon.com
z.moatads.com
zephr.pagesix.com
api.rlcdn.com
mid.rkdms.com
quantcount.com
107.178.250.234
147.75.102.200
151.101.114.133
151.101.114.2
151.101.114.217
151.101.14.133
151.139.128.11
172.217.21.226
172.217.22.98
178.250.0.165
18.209.235.124
192.0.72.2
192.0.72.24
192.0.76.3
192.0.77.32
192.0.78.18
192.0.79.33
195.181.175.46
2.16.31.65
2.18.68.31
2.18.70.82
23.210.249.164
23.210.249.83
23.210.250.213
23.210.250.44
23.37.42.132
23.45.237.36
2600:1f18:730:b150:668b:98d8:e278:ef3b
2600:9000:2016:2e00:e:ec66:e40:93a1
2600:9000:2070:bc00:14:85db:2b40:93a1
2600:9000:2070:c000:6:44e3:f8c0:93a1
2600:9000:2093:ac00:e:5a70:ca47:86e1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:10::6814:b944
2606:4700:10::6816:47ab
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:817::2001
2a00:1450:4001:81a::2013
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2004
2a00:1450:4001:81e::200a
2a00:1450:4001:821::2001
2a00:1450:4001:821::200e
2a00:1450:4001:825::2008
2a00:1450:400c:c0b::9c
2a01:4a0:1338:28::c38a:ff0b
2a02:2638::3
2a02:26f0:6c00:284::13b8
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:baf1
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.230.92.60
3.85.246.13
34.107.156.205
34.242.103.69
34.246.123.201
34.249.205.129
34.95.120.147
35.155.25.126
35.156.98.228
35.186.249.72
35.190.40.172
35.190.59.101
35.190.91.160
35.201.67.47
35.201.76.231
35.227.208.151
35.227.229.34
35.241.8.149
37.252.167.201
37.252.172.38
50.31.142.63
52.2.255.108
52.213.155.56
52.216.165.93
52.222.176.82
52.222.178.51
52.222.182.25
52.222.182.38
52.222.182.66
52.222.182.80
52.222.190.25
52.222.190.75
52.222.191.194
52.222.191.67
52.72.240.134
52.84.50.149
52.95.118.60
54.174.232.189
54.208.248.37
54.209.139.223
54.230.183.102
54.230.183.127
54.230.183.14
54.230.183.26
54.230.183.57
54.230.183.59
54.230.183.83
54.88.164.102
54.88.21.30
63.32.141.117
69.173.144.141
70.42.32.95
91.228.74.148
91.228.74.232
93.184.220.66
99.84.230.44
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0505810f3d03dfc1b69826e3062d093e1b11fa2ac2cd28ddee2b9c617077eabd
05dccf62396bae47af03e900cf6d5065156311d26b7592f9dfdd6caf6421c899
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09fbdea26b0bdb325ad6f030209e55440435ef71fdb73b79f0c03df40112d8df
09fe5c64711e319e9afeb75935195f6b98e9d2420a4b59305f5277722973baca
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5ffce3c629e745b11f0ac6649cf2dfc24c1720f1a51fd8ba1ca73d356070e1
0ca8c42a5cf4158cbf67d30368ddef2b1fce7ddd9aaee99ca4c9119485889053
0cb974a93b519a855e821da1be4fc5914067122ed3cd54276aea6ecaf2b9a499
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f23e68d600294853f20f49f867d60cbe3258f2fc8a0ffa9c36dd1fc3a32adee
0f7497ade81ade5d92575a13dfb302ee800ee214b1d0d388db27ab0c021276f3
103f6fd015ad3ad3b43f27e90555fdc78b45e629c92e07c18a9fa249e59aeed8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
129b41910f1bca259f0d9152c3518d04a0637c78418e905faa13ba58ef9bea15
12d975b5d788e1b616ffea4779f1bc0e3eca61da3627a30991b8535338df619b
131d52b03a30c9f56a0daeace7bd1b9c2942c4dd8337bc85cfc84d58cc24c71e
1336a1e668fb7d3226d7abb8e2228408e968bbb71f8f386191897d9175fd8d86
1857417dd8069bdb809a63088d95bf7a2e6e3358ec6dadfad7bcdfaa011a9cdb
18e03d688538ddd8d4c48d29154e5710686b9269eb6896238ddb34865fcc53a1
1a38cdf0e2820c6095ac3ced24cf933a4780554a83a8905a0c70e479e4b425a9
1e9fefc7cc8b149d621fa1910f34691cf9a290615580d80c25f17cbde878b236
1f86855eed5dfa085ca62ef7a301e94d1f82c34f426ddfd54fe66b15d632db90
209cc3a5acdbafd9256770f9577e2ae35abad8877f495eff5656c680bc60be99
21eecef24071930fe32a70e72af2a611f8fe2f97ab49b997eb720ead5ed7bbe4
22cc4307753b7e5cf1e34ef9530a1b0f7175908d4caec8c8b8a180ba1af1ffdf
236fc4df42ee397ce69f8b4db95eae6521d8698ad4e5c2e78c20b8adf8f3df23
26e24278b0a2a1d7a96bed463adca9e4fc5c807d294d130e434efd7279d56382
291a22604b10b26a12670ed8944ed0a475aebcfab4b87640a9c2678a70a684d6
29d35b22bc467de31d6859aeaa7dec16404beba88d7b6287f8ecac52fd806658
2a250727e0d82e2efbfad0b96c90e07bf45b628f272b30d49c27515753d36b51
2c51436bc3b172d5e952adaa84eadd928fc90de0a7444d758ed11d85e20cd4fc
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ccca8ed8371b97ddb9683e043b84ade1b99f74144a54bbfdd2f2a4e1f062b3c
2d3110aacd3225cfb1e63da2aa29eb1778ad7adc08465055a6e23016460d6d9a
2debdd0536ddaa8ed6ca6330f82b73e22245c615cc98c6ae35fb4a0c8613feba
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6a2affaf03fccbc1ef9cc04c4d6bca37740a73edc1c2cd064728ca5e5f4851
2eca8ba3249ef64a990efba92c9bb26cc4cc1e23857a83c4714033ddce3b51d7
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30a3c47704d7854642eb3330f36fb5003e5d6e3db0a8e6e72394d7ec4be7eb25
318b47c0042bbc1bdee2d50b37d8d8b1c2a592978855b9de235dbd1a23ecbab8
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8
369c93dad61cdd247b015fa1f94b93069ebf48327c1a3272729ec2cbcb31caf0
38abe4268828718148217ea158621cbd491f81a5fa3818f9dd62a18d05b638bd
3970aab49c74ed2fb5352c84556a6165defc2a84a63b8a73306e50ca751866e0
3a6a159d0b96f83b9195ee0c180028046b180d048cee4a30619d488df8cb166b
3c049ea432cb3c95043ef58d76b7635592b2a4cd8e0fb6ef5b4bd5cbef573923
3c18a16be79b6c4db237b4377ef214b4e36e813b58e60774823bf2b0a4e91e48
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
3d39593bbb8478e0110a88fd5aee608f2d30d82fa0dc13e28b1cdfc2becf18da
3e5d06096b4612a3cb702db467ff419c701dc056ccd8a387e10b50c43b63220f
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
4114727dde2b921cfbfc577cef45ab356d55765c1d8330e4f9fed328421ff868
428eed2d035e4ed74a1c37e95c7055ac05e7b2e2fac779d08860b9b4e2a3d849
4384e9389e9476aec79b3ac4d27f8fb3f9b1f6e35db36773d45f51b313b70d86
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448edd17d85b0f45d04d16bdd64bcab8ffc962e1dd2183f0e817f2ec42eef4be
45030f99806ac885ab8756f55735acd0f479ee65c1aa210c4ceda892c91f716c
45a67c7ea4320802d7cab80c8df12000bd5ad362ead9aea844c441f2f3862fda
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48f91b42f40863f11d1675b9329cee9fa99d1f791f6a42c50be8a4e76b30116e
4988989cf736a9a88fa52858a321389902bf69e893793fba2558b89d7093728f
4a2a2904fa4a2f46288e110ff0ea44d46cc72243d61e0e6e3619b066d4440d25
4a70a6e4f5b7d2e76b3a5174528403bfde046edd0acb1186b9d8760ea221875e
4ab7357d75156817f5990cb427f9ade60a52b7eab9db7e34c11b4b465f9ef660
4ad5daee7005ddb42919d55a0f0b61ea8250d9073a99546793a8eb19fecdd5c3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c268de28a756d5b23c070de5dff67bf030a5b00216b6f8f40d80ca9509f20c3
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
5014ee7fa028685c5f94f0e46fb28618cd0d2511a1c46c584797b9de05a38baf
5189e14e19906306cbe17692c2c77f9cad749043714f4d5eb95f3b236a6ab16e
520b72e7cfded3d2893de46b2dc9fe1e3ee0906f871182b4d93d2d093acf2db3
54922dfd4913057b2171d1c45c6a0f20491af63413a854513b1880f206f726ef
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5c9265b2dfef9d2b812c13bb1e15620d5dcb3b583d0c8ef32cf7f769b3efbfe9
5eeaf1ee8d663d18e673d37b655cc56ed28cc8e128ad36dcda745d45836748de
5f65e29b8d04a48f628644fbbcc890b1d3e478006b646f92bfb386a2b8b2f0c6
5fbab5c4ef7c1522822aa0afb0a2afc77d8a16dd5f417fb2f1f4d1d82455029b
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
60449f24207319c099ea7f9358db2de6c4f66159315f69c5e2e55b9fe353653b
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63dba5053ef06ad972a8c072344945d749622d58f9e212fdb9d5afad8f35130d
65cddf5c9d9f57578f197e2bfc68308baf66f4484a9ce88b58eee560602404ac
6643e620d05195621f624a26a3fa707d29ba32f660d93a5faa9316c81601e0d9
6823bc13a1c517075767ebf6fa41e448ad7cfc5529f3fd326f6de588e34d930c
6a3ca54f77d4efa225bb8d473c8460fd76c1fd1be46e58c6ea069e6780bafaa9
6aa96e0240875edec8a4590c396e92b2f76694653b1a9e525056624d5fdbb4f8
6ad1dc3b2a55651a98caeccafddbd0db2469f2255c80064797b488d49df73daf
6b6734d324bce4596f3a5f2c1b941f4a0021fde1d6a1d121e9d9c6897992cc2e
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d
6e4645dea52b9b85141c17b741cec2869fab9aaf8b4fc65bf5592f508ca33087
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
6f3a98c73f7cf2e3ddf2057979c8f2d6cb9729526500900a4292fbaf5771ffe9
7017f392691b21df1e66f067e488d5ae131eebc249a8e31da7460ffa641ac059
70628e3700b24d87417f87aad411696ef680a239b04489ae92fd4cc1c90ad5ae
713566c50bdfc813c89d0f19f95ecf61e0c1df36449a8c523e32d05076e3e42a
73531244dfaaf087694392ec070a281073c940e972e7fa5fd32b31474c464eea
736e89d00ae0f422bc6360fe3f3001408104ffb1e09b4833731a835ab4e38cab
743ea2048b4da842bd6fe6626a5513bbc0629af7ef8347b63f02b429cec06ba4
75d2146ad1c333fa5a7377f3a8d84159d1bfebb28c73244c9cd8ab07aa6bbc6b
75e0a476a7d31963e5f5ef16fef90a598663bd3bfb4ed8d967b0f5e17067e2aa
785f3ef00be32c3b3188de1f0a3e3dc3b14d6bbf88ba20097cadaf7898cda4ad
7f75e0144333cf413c5e1b7968a9d5cef6e90534a03927c55319aa25798f7cae
7fe8fc0517d1348c7ac342e1243308e872ee150a60a06c8e9e809de55f508be0
803516ea9032caa4a1025c81c242c38ad53611a444a4956a9ab5e2213f1647c8
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fe72ac836eb13d8d1e690af484cd01b5720ee9551d282e11635af24638423e
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86f2a170bedf99374211e6a25439f8f7b7e6367ce16f07f8211f3074897b8fd0
8827d61817b0bad460b975ce6799a2b17da3097aee4b8d1633d223fb26948ab3
88416ae6ab0b1b800f4434bf36e9901f128160f60c27e1351759774ffa5c604e
8a7be1fb83be077fd5b4bb33d222776309092759f73e93a2fa579399ae631809
8ac8f69a1b0c44b402deeaf4f84d1f4c275313efe637e73bfdbac8a24b3afb81
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de21e093d76131bac32bc6919fece4c9a2e3b31bc1def2c8c0f38ba7bf61065
8e00ebebe053ff93e139bab1a80ced2517b33572ab374ae641e0e1cfed58d8e0
8e7ad8de87781f6ad65b36a7d3243b44d80dc182df6af076484a2bec85051550
8f3e7e5925dc42da4621ce42327d0571887edf39a82e794b709eab7dd57fbeb0
909b1219d6b903a465954b46cf6a3776c787e693e15c8923bc3c07ff8f1c1a7f
911554b5b2df32333c3bc54a4c2980da6ba27b784e926d0db768c79622a719f5
924760b0611f5ffa986a6bd780e443bd251b01e1dc85474e906093dde1da69f7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95e1915afb7cac6226532119114b4c1c4d7df35078ef5e2d142fd3e642aadc10
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
98272ae0cb3a95da5d3fc90a6772e95af0c014ee707e431b9542e3eb7410afc1
984ca2adeff93742479d5031967913c2e8657f7a4976053535611c608cdb5e15
98b36dd59d75325c3b27bd16d542933c7388c6bc21ddd66369de3f22a1344310
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98cc794498727ceaad5c218a9405ec4245a5fa94cff76f769b9018442223b64d
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c5b0b8078712ce85d06fd336ea350a180adc7f749a19948dbf8c2748569e189
9d5f5ab50c7cbdf6e488e184b9ca3d3c1471c50ef6fc4198ae3d7929e3b2e5a7
9d72f9aec4078a81f470b35d029db75b947872eb6d61331ab871d3cf983ce9c7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2f9e618182d3156aeed2dd1fa4606e429e0d5824c3a3bec86740e3292d6fc46
a41285bc84ab29cfe6df95a09dbcf68614b662fd67dcef9ead8de6604e61cd1b
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a56dd58d49ba48da9a4f8a199b9408db62edd26f9686869075d68a42296eb539
a870f8c0efeb6e2f998fdf7dc1c4f9c074f7de696ea4043602e1677d1d34c062
aa098959a8761aadc1d63242d40fbeb4ef25b671a1d5a60abc18f52dc8ce86e3
aa66c534036afacee6243cfc690c77792f7a1d0270fbb43410fd29a0a19e45c0
ace8b501acb8401e63fce2bebd385150c7f6389a4943073437faae749658f719
b03b538a0dda03d3015cf894f7bc9c03ab483d21ed9d9525e79a47c3359effa6
b107ca0bed9d9b3e57732bfaa1b205294b0b7bee38f3d248670155e06cb5c822
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b388addf9c8ba4bc2852132727bd9df68c99db7ca97d22fdb18ad2a426d02a5b
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
b4d5ff43f505f033f786c7619e3064bc190763a415fee842f47408613b6387f3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b677e0fdcbd860cbebc8c37551e05f834c48da20d953fba50345fad6427a8627
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
b8d298fefa44c5df8dc4393e75dfb77fcc5353058d98a25ec962fd4bc0732a62
bb5111a610ebc840dffe29c47d81d30a31f70ddf7d862e194658c1a1847b6cbd
bc88d9584b5158722eaca03f4dd853340a073adadede8b2529b108ce5337b0b0
bcd59b0a6e0b66cc74c40c5cceb90d86b939e051f98b16d9f68906b355491eb1
bd479e1c34219ab4ba5c82776d6b879f6ebca03a7017521c00acb8f538b8f472
bf53bbbf913c52a215c78b84f05c0ed5f3bb2e89ef7e06d4c8c2d6746de25aea
bff41083bbc6e80116d25ea27234d5ccf4b7d6b6f1d121bf29dcdb949a7fa95d
c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0
c03eb721eafef22314905d83ff28cd71aca06ad39bc27e7341f538643af41365
c18a9e0d59a2c6f104523b34aaab6c6ef362a0351b3b9fa500b04a40dda4e1d4
c24ebb7002bc4aec80993d235f628f81fb7fd64602246ce8d67e8b4a286f06d3
c2554a0c3b800f208cc153bcf0801fa55bd70f4011697a82ef1abc323bec6f83
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
c53d6dc81211bf7c4cb78004c5fb4c6d266ede9f72cb899d4c940c2cb89138ab
c76f21a6832b16e5f44c38c837beaf51cc05ba7dfa2ba9d35212b4cfbb4b8311
c795cc787b087b839a86ae383d0d9db44b4eb1d07baa6a48ea4ba7950dafe9ec
c81a65e7c233d7f9a97b4928801bd8bb3db044ec02e2e95b1219da54cfe74704
c99559c3ac45efd861fddf27e0d7353fcf7c7e098760cf237f628612c72a3281
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3
cdac293f3cc0409daf0c6ace00f5fac40baf0749dc37f3c8b6f25eb6631be979
cde1caa3e68efebefa04c718859e21f1eddf1af83cf85d2dcf91fb70bdf8396b
ce0cc1453e5d5a423a6e0ce7210c950573b3a8dec7acf15a22202e33ca401348
cec55c6da0afbefc08eefe25fe36f2ec1b807183f7abadf96351511d7f56102e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9a6890fc807e81b296b1b67618caa66fb465b741a1d96d792a397543c72836
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c
d2c5e0b2ad7bac0634d0cb3bcd97753b2d2ad792719a703cb946a90f3e4dc91d
d36b88ae4f3d2d389d5ae3f0ac6edd690c3db0c99fc423d8ae2d1b34a4a9b00e
d48b7457ceb7ec7f26f1f04927ef6efc28f192d1111313a8bf88d0f921a7030e
d6409005ead5f0503a8ea631b0d1810d79660ee28937169bb707bd1a4e898cb9
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8ea5ecb9df9893a3c2a94e77577f223f67a04f5d4ced41d304a352900ffc324
d9683dc366967b4ebe573a0cf9775f72dba839becbc4f5f916da68e6e7f47901
da74f0952360659013a516d31ad10055703eb723cf523a74215269478c5f2b97
db90249d31d77d19f18c1a0023ee7ebe675cbc1120ff95c079a1f8a065cbba7e
dca171c0563d880b6fee5bda558808df3d9523fa6c0a6f1f2fb4e518bfc194d1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de07a78069141f1c7c6b93c99b4968bac8f3e755a894b16df849788c9ebf9622
ded965a9211a4e3d7551bf6eb237e2c4a42e940d90c713198bebf61863bc2755
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
df7354775f93f55bf04112a5828eba1925bc30af29bc6223eccfed2b94bd2fec
e0df403297be900bbc142d19564a6e7d994e98bba1e2721b6d8ee99b2260f5a0
e1878725fd75b43782558fe84d330e7dadfabac01c69db290d6dd241bffb6416
e223c1d0ff5997fdfa3281f501659eba00d0395638fcc855d255f797bcfce4b4
e26803c74f1f585593385a30d333661dbfa0e62102e965c44963b94900e5cf95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a52e74b5846d73df774c797e2efcbde7d5fb18fe27c9fb8fb0e7576aeaa885
e5cb806d10205c48076caedd39c5b28b4da9c3aa0316933fc672b2f8e98c6843
e64e9f85902dc92f511346aee1958df60afb1036c43d9dbb68a3dd8e2d7f2d2b
e7c9a27a147b6e26fde6d05366a6a62001296592e248ed696849cdbcd8f4b96a
e891f7c4f6d8bed7e8accd954579e237bce77dee93a2b8ec6179a1709dcc9f9b
e8a688e52513d52bd6f1d49e7f2eb411ab7d0a82401e179b4538f1187a7553f0
e9bd7242d735131f3f1c7df744667c0409f90ee1f5530a4ea0a546cba48b1033
eab5593abd1540432ae819c9b55c7b6ae8c1102ac24ed8147edc35b5c289d46a
eaeba89832a1bc5010ba4ac8545b0fb25f7155c70de41f7636e9cf1c32d83f1a
eb5c5f4f289f17d6841844c9dc38df54a9e7176a1498ad8b8bb028cddb71d7ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef42be1417f3bafbf75825ff75ee40f22bb02b7732855bf37448217f974a77fe
effa040425cf8d55b9880966bab7a0d6047cf85514283c6bf1c044922acae952
f0e880c9fa7ded17195ae68e7991c41cfffe8151762457e7018ca3dde6cf1e8e
f0f80720e6b56fd78687a577ad3ab906910d1853f83544a8f474a91952d3e0a8
f1ce99fbfcc16eda46b2613ed30f6cc13906d5d13956ca275e28a7d2d0b1630b
f2d50594fec0b7c273c3554ec222aff74fb5e77f143341f63ea683deb4762f72
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f31678374396d27ff2a1ccd5e9264f71af8ea6cadba1db2cb65959db9c8b486d
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3ff3ffbd8bbdf6316cddcd8a0acf648c0d5bf435c6db618e1f092a75bd751df
f41877a0ab933a78bcdcc75ac9bb88181d1a6d1c1d6da35ac85d0626ae1512dc
f45206737eac638bb52a6adda01ec197e1b62f4e40399fbf2956497308b4b63f
f685d36f3f62589ffc7cb9633a82850958978f8803780ece24c613ca6f8cf563
fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe0b51ed42adf66228c4c92c8f1ae8ac7d06b2a36c7d25f08f52553db3e1f43a
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff2ef90f0bb5bd536ce408a5d301537895f96b634c35a4756ffa8fb27fe444b1
ffe75c2a5e7469d66cca8dd00f766dcf60846ec0080c8aa565645f39db29fac9