www.techtimes.com Open in urlscan Pro
34.111.216.4  Public Scan

28 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://sb.scorecardresearch.com/b?c1=2&c2=19747886&ns__t=1650300070067&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1650300070067&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9=

Request Chain 107

• https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&adnxs_id=$UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8%26adnxs_id%3D%24UID HTTP 302
• https://ids.ad.gt/api/v1/match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&adnxs_id=8651163547569705237

Request Chain 108

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 HTTP 302
• https://ids.ad.gt/api/v1/t_match?tdid=d3f407c3-e210-41a9-9c7c-51bcc9bea0f6&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8

Request Chain 109

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 HTTP 302
• https://ids.ad.gt/api/v1/pbm_match?pbm=DCE445A5-D80E-4068-9363-956F31BE8A1D&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8

Request Chain 110

• https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&google_tc= HTTP 302
• https://ids.ad.gt/api/v1/g_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&google_gid=CAESEKwoncT3j0gh0RzAp9YuUwM&google_cver=1&google_ula=450542624,0

Request Chain 111

• https://ids.ad.gt/api/v1/g_hosted?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=OTRlYTc4YTUtOWVjYy00YWI1LWJjYzktNDZjZDFlMjM0NGU4

Request Chain 113

• https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8%26sas_uid%3D%5bsas_uid%5d HTTP 302
• https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&sas_uid=[sas_uid]&cklb=1

Request Chain 114

• https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 HTTP 302
• https://ids.ad.gt/api/v1/mediamath_match?user_id=4092625d-94a7-4400-a1a5-87272f53477f&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8

Request Chain 141

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Show response www.techtimes.com/articles/274335/20220415/	55 KB 16 KB	388ms 212ms	Document text/html	34.111.216.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.216.4 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 4.216.111.34.bc.googleusercontent.com Software nginx / PHP/7.2.34 Resource Hash 4878b5c1ca5ee503679ea2b648e099298c4b68346922ce6016ec00f1c3d2e9fa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc clear content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 18 Apr 2022 16:41:09 GMT p3p CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" server nginx vary Accept-Encoding via 1.1 google x-powered-by PHP/7.2.34
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/	152 KB 25 KB	36ms 18ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 756 age 7223350 cdn-cachedat 12/27/2021 07:28:05 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:08 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 867e50b305f29178d003e93eb309b85f cf-ray 6fded8ac4f095c62-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css 1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/	20 KB 4 KB	35ms 10ms	Stylesheet text/css	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 9017d6131bbe73a5233e0e86395b5ca524575c599daaf1983ed006d0d31809b4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzX4yzn/3wUFAA x-accel-expires @1651007686 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580b40-4e36" last-modified Thu, 14 Apr 2022 11:53:36 GMT server CDN77-Turbo x-77-nzt-ray Tch8PAbch6Q x-77-cache HIT content-type text/css x-cache HIT x-age 329183 content-encoding br x-77-pop frankfurtDE
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	57ms 19ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:09 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-15d84" vary Accept-Encoding x-hw 1650300069.dop149.am5.t,1650300069.cds223.am5.hn,1650300069.cds312.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	55ms 25ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3447181 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6646 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-520c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsXTmf4V9cLP7ztEoKWNlL0HEM8RQmXSBlsCxajpLiQNQhuKBDalh%2BDCfKwYJJXA4TsCK3BHWykMuW%2FvqhkPmBayutmnsuvKAJNyzczJTjFpDBGBZLgmJNJJtUVZIcs%2B%2FtasRkxLAr7FhukoGUp1Wh9i"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6fded8ac5c9b912a-FRA expires Sat, 08 Apr 2023 16:41:09 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/	57 KB 16 KB	41ms 23ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617 age 7294496 cdn-cachedat 2021-08-02 21:50:12 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:08 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid e03b60bf9ece25bc0a72a7f835d2dd17 cf-ray 6fded8ac4f0a5c62-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	common_v056.js Show response 1111210941.rsc.cdn77.org/common/js/common/	7 KB 3 KB	38ms 14ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://1111210941.rsc.cdn77.org/common/js/common/common_v056.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 564909ae57a774bce3a438e2df0cbe3f8794d33acf6715625e87cb06bfa31908 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXYBFz/OEAFAA x-accel-expires @1650992749 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580b60-1aeb" last-modified Thu, 14 Apr 2022 11:54:08 GMT server CDN77-Turbo x-77-nzt-ray yCCeSL5kP1Q x-77-cache HIT content-type application/javascript x-cache HIT x-age 344120 content-encoding br x-77-pop frankfurtDE
GET H2	200	scripts.js Show response 1111210941.rsc.cdn77.org/static/common/_v1.0.0/js/	5 KB 2 KB	39ms 15ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/js/scripts.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 549112bc130160ae62719497e057e28f50879c18d927de9b411255a20270ba0d Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzUjdxb/69QDAA x-accel-expires @1651085754 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580b27-12fc" last-modified Thu, 14 Apr 2022 11:53:11 GMT server CDN77-Turbo x-77-nzt-ray ZB2ftwG2gr0 x-77-cache HIT content-type application/javascript x-cache HIT x-age 251115 content-encoding br x-77-pop frankfurtDE
GET H2	200	css2 fonts.googleapis.com/	1 KB 909 B	134ms 48ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 18 Apr 2022 16:12:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 18 Apr 2022 16:41:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 18 Apr 2022 16:41:09 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	83 KB 29 KB	151ms 45ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d6447b819f1671061eaef6eb9a388b162c8714aed75720e7e4a579f738e30cb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28592 x-xss-protection 0 server sffe etag "1190 / 426 of 1000 / last-modified: 1650280021" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 18 Apr 2022 16:41:10 GMT
GET H2	200	prebid_sb_202110.js Show response 1111210941.rsc.cdn77.org/common/js/common/	184 KB 54 KB	30ms 26ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://1111210941.rsc.cdn77.org/common/js/common/prebid_sb_202110.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b2cf31ca947be6dd3ff318d66b2a6eb397f2311490ea939ed9a663c7d5e729a4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzW0oUb/57wKAA x-accel-expires @1650633150 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62392345-2de66" last-modified Tue, 22 Mar 2022 01:15:49 GMT server CDN77-Turbo x-77-nzt-ray dE6XTs90K2Q x-77-cache HIT content-type application/javascript x-cache HIT x-age 703719 content-encoding br x-77-pop frankfurtDE
GET H2	200	script.js Show response powerad.ai/	195 KB 43 KB	391ms 194ms	Script application/javascript	18.211.226.152 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://powerad.ai/script.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-211-226-152.compute-1.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Express Resource Hash e992885dab71202942febe0f8b83cee04c5c927bb81945eed17d4e36f0cf42d8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip last-modified Thu, 14 Apr 2022 16:52:41 GMT server nginx/1.10.3 (Ubuntu) x-powered-by Express etag W/"30c39-18028fdc402" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=3600 access-control-allow-credentials true access-control-allow-headers *
GET H2	200	europe-cyberattack-results-to-massive-internet-outage-about-5-800-wind-turbines-went-offline.jpg 1734811051.rsc.cdn77.org/data/images/full/401589/	37 KB 37 KB	216ms 193ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/images/full/401589/europe-cyberattack-results-to-massive-internet-outage-about-5-800-wind-turbines-went-offline.jpg?w=600?w=650 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash b11e900264ac2a22d330f85e58c35c9a5aec2e4c31cea86a09ffdac47a3ecf07 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzUqwFuh x-accel-expires @1650386470 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag b9f9f374567d2e3790ea58e1fbee5238 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray tQc/NqByMzw x-77-cache MISS content-type image/jpeg cache-control max-age=86400, public x-cache MISS x-77-pop frankfurtDE
GET H2	200	hacker.png 1734811051.rsc.cdn77.org/data/images/full/402762/	307 KB 308 KB	87ms 63ms	Image image/png	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/images/full/402762/hacker.png?w=600?w=650 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash 062ecbd849f34c394b50bb3e79020cb66a2092122114ffb6188535f0ba8952a3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXaZ7fvu6EAAA x-accel-expires @1650345066 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag ae9bd2b084227d8c2afb18e4122b7532 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray MStzQYGmJVs x-77-cache HIT content-type png cache-control max-age=86400, public x-cache HIT x-age 41403 x-77-pop frankfurtDE
GET H2	200	5-2-billion-us-crypto-transactions-tied-to-common-ransomware-attacks-btc-as-the-most-used-cryptocurrency-fincen-says.jpg 1734811051.rsc.cdn77.org/data/images/full/394408/	90 KB 90 KB	217ms 193ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/images/full/394408/5-2-billion-us-crypto-transactions-tied-to-common-ransomware-attacks-btc-as-the-most-used-cryptocurrency-fincen-says.jpg?w=594?w=650 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash 6d35330fc69576358ebe546213c8e70b44fe1309e82f23b2a7955094ae2e9a24 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzW0c4Kh x-accel-expires @1650386470 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag aa0e69fbc01f38901f59792cbd91f865 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray D9bmm2dRt1M x-77-cache MISS content-type image/jpeg cache-control max-age=86400, public x-cache MISS x-77-pop frankfurtDE
GET H2	200	techtimes.com.1119383.js Show response jsc.mgid.com/t/e/	2 KB 1 KB	68ms 28ms	Script text/javascript	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/t/e/techtimes.com.1119383.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6269ba7af84361388f3b6e85d9f0b5d89fbee738f358260665d99c00bbcc0a17 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:09 GMT content-encoding br cf-cache-status HIT age 4249 last-modified Wed, 06 Apr 2022 12:34:55 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id DA0XVX4WBT3FN3MX x-amz-id-2 r4PWapOzV0let3B+whCY0EoyeEAFLN6jjmDVk4WnNMKUYY9TuCrDbbMc3iFCqJqnf2Gclpf20os= cf-bgj minify server cloudflare etag W/"2bb851dc8f203281ccea94daed65268f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6fded8ad5af39bcb-FRA expires Mon, 18 Apr 2022 19:41:09 GMT
GET H2	200	moon-wobble-2030-alarms-nasa-as-it-can-lead-to-extreme-floods-new-framework-can-predict-60-year-sea-level-scenarios.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/403609/330/186/50/40/	8 KB 8 KB	87ms 65ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/403609/330/186/50/40/moon-wobble-2030-alarms-nasa-as-it-can-lead-to-extreme-floods-new-framework-can-predict-60-year-sea-level-scenarios.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash 80817762a9d076e635e1eab0707b5a9d2c660dd6aeb0fa96f175afaed56f062e Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXT1///SToAAA x-accel-expires @1650371548 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag 0ed4b3ddf871626fa0f2b067b6e40394 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray GtU5Ha6IEf8 x-77-cache HIT content-type image/jpeg cache-control max-age=86400, public x-cache HIT x-age 14921 x-77-pop frankfurtDE
GET H2	200	google-quietly-launched-switch-to-android-iphone-app-for-apple-users-teasing-24-7-security-and-new-privacy-tools.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/403608/330/186/50/40/	25 KB 25 KB	87ms 64ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/403608/330/186/50/40/google-quietly-launched-switch-to-android-iphone-app-for-apple-users-teasing-24-7-security-and-new-privacy-tools.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash fc21700b0b409748bd305ca9c4ee3ef3069bc1c50a286de7411bbf14b3294a83 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzW5phv/fiABAA x-accel-expires @1650312615 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag 04d6d9869ae8f4e63d663ee339e29b41 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray Nk8n3EWOqqs x-77-cache HIT content-type image/jpeg cache-control max-age=86400, public x-cache HIT x-age 73854 x-77-pop frankfurtDE
GET H2	200	elon-musk-shares-how-ukrainians-can-protect-starlink-terminals-as-spacexs-comms-systems-likely-targeted.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/401514/330/186/50/40/	14 KB 14 KB	88ms 65ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/401514/330/186/50/40/elon-musk-shares-how-ukrainians-can-protect-starlink-terminals-as-spacexs-comms-systems-likely-targeted.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash e3b8b516725604d41a81c6a759bfc24b93daba139d712e6ad35e2ba4a8185e7d Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXOwwL/SKAAAA x-accel-expires @1650345437 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag 4538b44a89e4fdad25e29528efbb87ff server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray T+CNbISgjl0 x-77-cache HIT content-type image/jpeg cache-control max-age=86400, public x-cache HIT x-age 41032 x-77-pop frankfurtDE
GET H2	200	samsung-galaxy-s22-ultras-zoom-feature-a-downgrade-compared-to-s21-ultra-heres-the-image-outputs.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/403605/330/186/50/40/	17 KB 17 KB	39ms 38ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/403605/330/186/50/40/samsung-galaxy-s22-ultras-zoom-feature-a-downgrade-compared-to-s21-ultra-heres-the-image-outputs.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash ee47bfb6903b6360309f6ef74fba22799ead87bb8a72cbc317dcd4b3fdf75fbc Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzVAs7j/DJ0AAA x-accel-expires @1650346265 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag 10252415d9b2d6025e64b506e47eebd5 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray Tb8zodJqEMM x-77-cache HIT content-type image/jpeg cache-control max-age=86400, public x-cache HIT x-age 40204 x-77-pop frankfurtDE
GET H2	200	google.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/357772/330/186/50/40/	11 KB 11 KB	39ms 38ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/357772/330/186/50/40/google.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash d41678a7cf1b53173fe95f15735b5163c678e84455ae595bf8b68e114d60aebe Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzW0lVf/fJwAAA x-accel-expires @1650346409 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag 0a958462469f8bbe5ce3e51d3bb50d37 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray 9nFjGjB0BaI x-77-cache HIT content-type image/jpeg cache-control max-age=86400, public x-cache HIT x-age 40060 x-77-pop frankfurtDE
GET H2	200	draganfly-chairman-and-ceo-cameron-chell-on-tech-times-exclusives-37-find-out-how-drones-change-the-way-of-rescue-mission.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/403428/295/166/50/40/	18 KB 18 KB	9ms 8ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/403428/295/166/50/40/draganfly-chairman-and-ceo-cameron-chell-on-tech-times-exclusives-37-find-out-how-drones-change-the-way-of-rescue-mission.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash ff1f3fa12eef47fe065fa8cc8d7b6f313682db4f3b09bb32fd71561e93435d41 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXWFjj/HwcAAA x-accel-expires @1650384647 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag cb5aedc24c6f907474d35b0ff096d445 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray yjy3bHq4irI x-77-cache HIT content-type image/jpeg cache-control max-age=86400, public x-cache HIT x-age 1823 x-77-pop frankfurtDE
GET H2	200	mytaverses-enhanced-amphitheater-for-large-scale-meetings-in-the-metaverse.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/403666/295/166/50/40/	19 KB 19 KB	129ms 129ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/403666/295/166/50/40/mytaverses-enhanced-amphitheater-for-large-scale-meetings-in-the-metaverse.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash 94ae3d4d194084341bb2d72fbefbb7f9a71aaad12e943dacf31420afba7f9e25 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzUeWRXB x-accel-expires @1650386470 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag 75f9314859ff6e4bb1a528f8beca9514 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray uzBJEYGTY0Q x-77-cache MISS content-type image/jpeg cache-control max-age=86400, public x-cache MISS x-77-pop frankfurtDE
GET H2	200	cyberpunk-2077.png 1734811051.rsc.cdn77.org/data/thumbs/full/374653/295/166/50/40/	98 KB 98 KB	8ms 7ms	Image image/png	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/374653/295/166/50/40/cyberpunk-2077.png Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash 645ee12061794b2ae46fb95c147afb5ef99fd88a9d2f1d871fa48a4be86b0792 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzVzN4f/cKMAAA x-accel-expires @1650344630 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag 50345454e1ac0241ffc3c2ee95438768 server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray 0Xon+HVfdqE x-77-cache HIT content-type png cache-control max-age=86400, public x-cache HIT x-age 41840 x-77-pop frankfurtDE
GET H2	200	paper-free-2022-guide-here-are-some-eco-friendly-digital-tricks-you-can-do.jpg 1734811051.rsc.cdn77.org/data/thumbs/full/403614/295/166/50/40/	18 KB 19 KB	9ms 8ms	Image image/jpeg	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1734811051.rsc.cdn77.org/data/thumbs/full/403614/295/166/50/40/paper-free-2022-guide-here-are-some-eco-friendly-digital-tricks-you-can-do.jpg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / PHP/7.2.34 Resource Hash 19eee3da5d563e591962bef3ca132caf6ef1fd0a96ffc5412d291f02ad94938f Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzX93rL/cKMAAA x-accel-expires @1650344630 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag 54294bc6405bc9b2aac677ada32d260a server CDN77-Turbo x-powered-by PHP/7.2.34 x-77-nzt-ray auCQrQjDZJY x-77-cache HIT content-type image/jpeg cache-control max-age=86400, public x-cache HIT x-age 41840 x-77-pop frankfurtDE
GET H2	200	badge.gif static.getclicky.com/media/links/	241 B 382 B	24ms 22ms	Image image/gif	2606:4700::6810:dd1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.getclicky.com/media/links/badge.gif Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:09 GMT cf-cache-status HIT age 169575 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 241 last-modified Wed, 13 Apr 2016 00:13:35 GMT server cloudflare etag "570d8f2f-f1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control max-age=604800 accept-ranges bytes cf-ray 6fded8ad1ca19143-FRA x-proxy-cache HIT expires Sat, 23 Apr 2022 17:34:54 GMT
GET H2	200	js Show response static.getclicky.com/	15 KB 6 KB	66ms 23ms	Script text/javascript	2606:4700::6810:dd1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.getclicky.com/js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ba72bbecea40fb39b1407b46add5eaa6674ad97e44426b2ac4b73025338b75e Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:09 GMT content-encoding gzip cf-cache-status HIT last-modified Sat, 16 Apr 2022 17:34:46 GMT server cloudflare age 169583 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * expires Sat, 23 Apr 2022 17:34:46 GMT cache-control max-age=604800 cf-ray 6fded8acec529143-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-proxy-cache HIT
GET H2	200	counter_ssl.js Show response 1111210941.rsc.cdn77.org/common/js/stat/	743 B 591 B	14ms 14ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://1111210941.rsc.cdn77.org/common/js/stat/counter_ssl.js?v=11 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 08895426c0d9a9330b4b4988d244fb0f964082f78b8a929db01792481c508e49 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXJtrD/CmsKAA x-accel-expires @1650654107 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62392348-2e7" last-modified Tue, 22 Mar 2022 01:15:52 GMT server CDN77-Turbo x-77-nzt-ray ByeUyuqCDtA x-77-cache HIT content-type application/javascript x-cache HIT x-age 682762 content-encoding br x-77-pop frankfurtDE
GET H2	200	article_counter.js Show response 1111210941.rsc.cdn77.org/static/js/common/	398 B 461 B	11ms 7ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://1111210941.rsc.cdn77.org/static/js/common/article_counter.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash a969f23d2a86a8fbe27e34999a42c0aae9d7b7c46f33113e040cf123077c5a8b Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzWJvO//tlYFAA x-accel-expires @1650986991 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580b40-18e" last-modified Thu, 14 Apr 2022 11:53:36 GMT server CDN77-Turbo x-77-nzt-ray K0LnAJS2WX4 x-77-cache HIT content-type application/javascript x-cache HIT x-age 349878 content-encoding br x-77-pop frankfurtDE
GET H2	200	request.js Show response script.anura.io/	49 KB 17 KB	126ms 63ms	Script application/javascript	3.10.25.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1754899507438&callback=_anuraResFun&912362964487 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.10.25.26 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-10-25-26.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash 50cfdc3b358da88e4cdc771f0bb270b88d3d83f7dc0cb005fa3fed0763bb5550 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	135 KB 37 KB	64ms 7ms	Script application/javascript	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software Server / Resource Hash 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-amz-version-id STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3 content-encoding gzip etag 4abd427e43cd6822329a2c05539e321f age 249 x-cache Hit from cloudfront server Server x-amz-rid 1GE8W4NG9XCZH1A01TD6 date Mon, 18 Apr 2022 16:37:08 GMT vary Accept-Encoding content-type application/javascript via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop FRA50-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id G2COXn31TM2c9S5feF4ONo9mad1gSQhB6VJwwHsj3L1F9HHVdiU42Q==
GET H2	200	logo.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	2 KB 1 KB	82ms 82ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/logo.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 5b20151a1f3855739a388f05074c181072566416c06693a7d8c8fddacbd157f9 Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzW8Nnv/sMcDAA x-accel-expires @1651089141 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580b40-878" last-modified Thu, 14 Apr 2022 11:53:36 GMT server CDN77-Turbo x-77-nzt-ray 7pq32PaUCUY x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 247728 content-encoding br x-77-pop frankfurtDE
GET H2	200	social_facebook.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	591 B 633 B	83ms 82ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_facebook.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash eaa1d2a49cd9fb20ef40d866d1deecabee82db7146e40de17753c145bd557ea3 Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXmW0n/Us4DAA x-accel-expires @1651087443 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580e4f-24f" last-modified Thu, 14 Apr 2022 12:06:39 GMT server CDN77-Turbo x-77-nzt-ray HlKHsILmvX8 x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 249426 content-encoding br x-77-pop frankfurtDE
GET H2	200	social_twitter.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	1 KB 910 B	83ms 82ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_twitter.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ec928563715656ae5bdf56bcc7215a4d1723c52158709bc2cc36e02af142d089 Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzWxn7D/sMcDAA x-accel-expires @1651089141 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580b3f-461" last-modified Thu, 14 Apr 2022 11:53:35 GMT server CDN77-Turbo x-77-nzt-ray C/2KLFC5zlw x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 247728 content-encoding br x-77-pop frankfurtDE
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v22/	23 KB 24 KB	140ms 40ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 19:30:30 GMT x-content-type-options nosniff age 421840 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:14:03 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 13 Apr 2023 19:30:30 GMT
GET H2	200	icon_search2.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	303 B 462 B	79ms 79ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon_search2.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash f1f8e52f3acb8c8ab4998465bbe11b70f7384ecd29c8f6450c9228a6ca2d0a65 Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzW8N+3/sMcDAA x-accel-expires @1651089141 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580e57-12f" last-modified Thu, 14 Apr 2022 12:06:47 GMT server CDN77-Turbo x-77-nzt-ray tzasx/FTeP0 x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 247728 content-encoding br x-77-pop frankfurtDE
GET H2	200	icon_search.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	303 B 462 B	79ms 79ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon_search.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 9751f0e58ee1b5a83930fa22bf3b4562a3dd3d0424d2adb17423cc38d5cb847f Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzUiWD3/nsIDAA x-accel-expires @1651090439 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag W/"62580b3f-12f" last-modified Thu, 14 Apr 2022 11:53:35 GMT server CDN77-Turbo x-77-nzt-ray LFfcuxpewlo x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 246430 content-encoding br x-77-pop frankfurtDE
GET H2	200	social_desktop.gif 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	6 KB 6 KB	79ms 79ms	Image image/gif	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_desktop.gif Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4295a34f0395dfae8f8c9e24f12de869d9f7cadd1853f4888c09fba2cce1ca8d Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzV360n/sMcDAA x-accel-expires @1651089141 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag "62580b3f-1793" last-modified Thu, 14 Apr 2022 11:53:35 GMT server CDN77-Turbo x-77-nzt-ray 6qSHPDPvQk8 x-77-cache HIT content-type image/gif x-cache HIT x-age 247728 accept-ranges bytes x-77-pop frankfurtDE content-length 6035
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v22/	23 KB 23 KB	172ms 75ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 01:31:09 GMT x-content-type-options nosniff age 313801 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:21:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 15 Apr 2023 01:31:09 GMT
GET H2	200	icon-split.png 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	16 KB 16 KB	65ms 65ms	Image image/png	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon-split.png Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 55937ee52d6d7e8746015398bf3a77e7a3d0c62c622766b9707402368d3181bc Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzWPSDT/sMcDAA x-accel-expires @1651089141 date Mon, 18 Apr 2022 16:41:09 GMT via 1.1 google etag "62580b27-3e9b" last-modified Thu, 14 Apr 2022 11:53:11 GMT server CDN77-Turbo x-77-nzt-ray o6CL0Xb01+s x-77-cache HIT content-type image/png x-cache HIT x-age 247728 accept-ranges bytes x-77-pop frankfurtDE content-length 16027
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	50ms 8ms	Script application/javascript	2620:116:800d:21:ee05:6a01:4b41:8c89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip etag "u2JtyZzqnTXwzBUswy2r+w==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Mon, 25 Apr 2022 16:41:10 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	59ms 11ms	Script application/javascript	143.204.98.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-82.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 02:43:28 GMT content-encoding gzip etag W/"1827f116c73f319409b97f10b8a58ade" last-modified Fri, 26 Feb 2021 14:35:05 GMT server AmazonS3 age 50262 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id YRFMLrd3Aw0UmBTeHDYk-T58a1r4HcnBNUf1xuHuSuud71SaqCuC2A==
GET H2	200	counter_gif.gif stat.techtimes.com/stat/	180 B 180 B	187ms 123ms	Image image/gif	35.190.31.133 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stat.techtimes.com/stat/counter_gif.gif?article_id=274335&w=1600&h=1200&ref= Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.31.133 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 133.31.190.35.bc.googleusercontent.com Software nginx/1.14.2 / PHP/7.2.18 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google content-type image/gif server nginx/1.14.2 x-powered-by PHP/7.2.18 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
GET H2	200	js Show response www.googletagmanager.com/gtag/	97 KB 38 KB	142ms 53ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-41574041-1 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ef89d02c630618782c192f51f7a2e05648009e950f6417ad26da708edef62645 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38603 x-xss-protection 0 last-modified Mon, 18 Apr 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 18 Apr 2022 16:41:10 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	30ms 11ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fe6862ab4d1a39504d0572f438090571e77674f60d7074b2f61b4e9aa81064bc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 90jJNpnW2CSqZoUG8ZXurA== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Mon, 18 Apr 2022 16:53:07 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1686 x-fb-rlafr 0 x-fb-debug SETBCGvvuOKLNoQONcutlUkkw5Xu9wI0y/H4oa47CYXd91fIZ6fIyxt61TCojaw9Czzjx9yzKq3SQykxvwjRHA== x-fb-trip-id 686109401 x-fb-content-md5 8845bad9e653af2f16c1b28d585d4cd9 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 18 Apr 2022 16:41:10 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "99baf857ca5a3db47f45fb27c0332e06" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	logo2.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	2 KB 1 KB	35ms 35ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/logo2.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b37528b8edfca9b4c56e243195e0f48b6a83878d30dca3c4eb67e530ad3b4428 Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzXadRX/QccDAA x-accel-expires @1651089253 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag W/"62580b27-861" last-modified Thu, 14 Apr 2022 11:53:11 GMT server CDN77-Turbo x-77-nzt-ray Dsfok7PvzcM x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 247617 content-encoding br x-77-pop frankfurtDE
GET H2	200	social_facebook2.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	591 B 629 B	35ms 35ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_facebook2.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4d6c0441395a79f993612963489cf57d905fd2e938df3847cb5aa4595ac8e75b Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzVDhub/U84DAA x-accel-expires @1651087443 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag W/"62580b26-24f" last-modified Thu, 14 Apr 2022 11:53:10 GMT server CDN77-Turbo x-77-nzt-ray 8c9LPmMG5jE x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 249427 content-encoding br x-77-pop frankfurtDE
GET H2	200	social_twitter2.svg 1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/	1 KB 910 B	35ms 35ms	Image image/svg+xml	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_twitter2.svg Requested by Host: 1111210941.rsc.cdn77.org URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 99a5efd3d1c088c308da63f299791db08c40cf8e1da421f30399ce8a9bed36ab Request headers accept-language de-DE,de;q=0.9 Referer https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-77-nzt AcO1rzX5fzT/U84DAA x-accel-expires @1651087443 date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 google etag W/"62580b40-461" last-modified Thu, 14 Apr 2022 11:53:36 GMT server CDN77-Turbo x-77-nzt-ray Fgx18/tjbfU x-77-cache HIT content-type image/svg+xml x-cache HIT x-age 249427 content-encoding br x-77-pop frankfurtDE
GET H3	200	techtimes.com.1119383.es6.js Show response jsc.mgid.com/t/e/	234 KB 69 KB	76ms 44ms	Script text/javascript	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 933fef7833027f0987904ee28c6e8f4cc94a72ecb28f94657316253c8102fe23 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding br cf-cache-status HIT age 499 last-modified Fri, 15 Apr 2022 10:31:05 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id EJQ48C4Z1ER40N7N x-amz-id-2 KxZPZ2kZd+piUTBGbThXf15BAmjb+FPm/+RQb5qgzIoNAv5NGDtA9xnJHUYXjnOOF8Z2YK4MiPE= cf-bgj minify server cloudflare etag W/"c82a86016c9f66c4b310990024fc95d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6fded8adb9649066-FRA expires Mon, 18 Apr 2022 19:41:10 GMT
GET H2	200	rules-p-LfaarYPdxYFdP.js Show response rules.quantcount.com/	3 B 429 B	39ms 9ms	Script application/javascript	2600:9000:2156:ea00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-LfaarYPdxYFdP.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 03:50:43 GMT via 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront) age 46228 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 20:29:28 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id DQHddzR3hCU7KJOqF6h20eBtT7j9aqT0UEh-SuRFqWa-GjdJtwdq3A==
GET H2	204	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=19747886&ns__t=1650300070067&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3... https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1650300070067&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%...	0 189 B	12ms 11ms	Image text/plain	143.204.98.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1650300070067&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9= Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Server 143.204.98.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-82.fra50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id duE869e33d9qzRAYb_Ygv7BaWgRW044CCd3sw1Ky2pTaHw9XmAyoKw== x-cache Miss from cloudfront Redirect headers location /b2?c1=2&c2=19747886&ns__t=1650300070067&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9= date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 content-length 0 x-amz-cf-id QlvwIscKiVOi5H6pUSyawcyVLEieFBW-4it9Ayw2hGbnBz0u1t4sZw== x-cache Miss from cloudfront
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 311 B	9ms 8ms	XHR text/plain	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.techtimes.com&pubid=10f2e1c5-d495-4ec1-a8e3-2556d5c64ce9 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:11:52 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) server Server age 1758 x-cache Hit from cloudfront access-control-allow-origin https://www.techtimes.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 x-amz-cf-id ITKhx7iAKJVIoO85nJX9to5Yldc1vHdBzrlFtGj3idZlU7W29bry6w==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 493 B	54ms 53ms	XHR text/javascript	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&pid=pRbouELMnbt4Z&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22400x300%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%5D&pubid=10f2e1c5-d495-4ec1-a8e3-2556d5c64ce9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA50-C1 x-amz-rid SRC329XQCG5ZMF3QNJ5Z vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.techtimes.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id xGYdcbAuZLutLwoG3Xj3XI7xBDw4vHu5Yar7ENBdT2xF2SE94Bs_rA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	29ms 8ms	XHR application/javascript	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-amz-version-id khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc. content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 50293 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Thu, 17 Mar 2022 02:21:48 GMT server AmazonS3 date Mon, 18 Apr 2022 02:42:57 GMT vary Origin access-control-allow-methods GET content-type application/javascript via 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id tUdyuKd2XVLLcQowsKyIC02N3pyIlG1yN4ngzw-H3fUeLVBXxIgftw==
GET H2	200	showads.js Show response ads.anura.io/	0 349 B	34ms 7ms	XHR application/javascript	18.66.139.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.anura.io/showads.js?138306454745 Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1754899507438&callback=_anuraResFun&912362964487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-99.fra60.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 14:51:58 GMT content-encoding gzip server nginx age 6552 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET x-amz-cf-pop FRA60-P4 x-amz-cf-id rq0GwIfx-7-GGLJ_rjQsUqv0pb4yfCr8F7wd8at36A0AGgQ8ryK7Xw== via 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
GET H2	200	in.php Show response in.getclicky.com/	132 B 355 B	452ms 150ms	Script text/javascript	198.145.13.13 DF-PTL01
General Check archive.org Show headers Download Go to Full URL https://in.getclicky.com/in.php?site_id=100661543&type=pageview&href=%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&title=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.04929651625733822 Requested by Host: static.getclicky.com URL: https://static.getclicky.com/js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.145.13.13 Portland, United States, ASN2044 (DF-PTL01, US), Reverse DNS getclicky.com Software nginx / Resource Hash d9158096f4674f0332f1a8f679bfe1c291ece19c4ad15ad7b7174efb4e3b12e2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, must-revalidate, post-check=0, pre-check=0 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	283 KB 81 KB	17ms 8ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=3b7b3a300b9d6b146593e58eec946c21 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b862df29f3366b87b660e15a0bcf10e3d3c94b33c39b3add7115345b362aecad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 h67EyrUYVydawCABb0MysA== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Tue, 18 Apr 2023 15:11:59 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 82876 x-fb-rlafr 0 x-fb-debug EU2kBjDrUcMrQxuWKzvMfBLOiSvPnBmN6Y0EooLPs4wd7fBkl+GIBUMyS9AsWH9JSoLzWfMX05x58AtWxlmd9A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 78aceb8db05ddd91c276dfec07111c95 cross-origin-opener-policy same-origin-allow-popups date Mon, 18 Apr 2022 16:41:10 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "a824829ab541db4def28d28e77a4ebee" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	pixel;r=1057847396;rf=0;a=p-LfaarYPdxYFdP;url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm;uh=a3b95c38a4fe7929a713... pixel.quantserve.com/	35 B 371 B	14ms 13ms	Image image/gif	2620:116:800d:21:ee05:6a01:4b41:8c89 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1057847396;rf=0;a=p-LfaarYPdxYFdP;url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm;uh=a3b95c38a4fe7929a7139a63870af8a02e7a0d898d428d1fe62837e32fd6c97c;uht=0;fpan=1;fpa=P0-1348200017-1650300070230;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=techtimes.com;je=0;sr=1600x1200x24;dst=0;et=1650300070230;tzo=0;ogl=type.article%2Curl.https%3A%2F%2Fwww%252Etechtimes%252Ecom%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attack%2Csite_name.Tech%20Times%2Cimage.https%3A%2F%2F1734811051%252Ersc%252Ecdn77%252Eorg%2Fdata%2Fimages%2Ffull%2F401589%2Feurope-cyberattack-resu%2Ctitle.Wind%20Turbine%20Company%20Nordex%20Is%20The%20Latest%20Victim%20Of%20The%20Conti%20Ransomware%20Group%2Cdescription.The%20Conti%20ransomware%20group%20has%20targeted%20wind%20turbine%20company%20Nordex%20in%20a%20recent%20 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	pubads_impl_2022041201.js Show response securepubads.g.doubleclick.net/gpt/	369 KB 126 KB	106ms 32ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:00:46 GMT content-encoding gzip x-content-type-options nosniff age 2424 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127945 x-xss-protection 0 last-modified Tue, 12 Apr 2022 08:36:14 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 18 Apr 2023 16:00:46 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	462 B 830 B	110ms 38ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.techtimes.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 6949cfebe4764b7ccc671e10c550b3c7e0c58a139444513d6d8afe4a92fbe92c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 193 x-xss-protection 0 expires Mon, 18 Apr 2022 16:41:10 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	125ms 38ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-41574041-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1439 date Mon, 18 Apr 2022 16:17:11 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 18 Apr 2022 18:17:11 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	92ms 46ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=173945056&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ul=en-us&de=UTF-8&dt=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=200994522&gjid=1573132984&cid=418707075.1650300070&tid=UA-41574041-1&_gid=1658912181.1650300070&_r=1&gtm=2ou4d0&z=1907736917 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.techtimes.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	83ms 38ms	Image image/gif	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=173945056&t=event&_s=2&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ul=en-us&de=UTF-8&dt=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article&ea=article3&_u=4GBAAUABAAAAAC~&jid=&gjid=&cid=418707075.1650300070&tid=UA-41574041-1&_gid=1658912181.1650300070&gtm=2ou4d0&cd1=Raphel%20Barnachia&cd2=News&cd3=Tech&cd4=article&cd5=&cd6=274335&z=2038831448 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 15:03:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 5868 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ reporting.powerad.ai/	2 B 272 B	291ms 96ms	Ping text/plain	54.234.151.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://reporting.powerad.ai/ Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-234-151-247.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://www.techtimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Apr 2022 16:41:10 GMT server nginx/1.14.0 (Ubuntu) x-powered-by Express etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers * content-length 2
GET H2	200	detect-aau Show response powerad.ai/	2 B 214 B	289ms 96ms	Fetch text/plain	18.211.226.152 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://powerad.ai/detect-aau?ch=2 Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-211-226-152.compute-1.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT server nginx/1.10.3 (Ubuntu) x-powered-by Express etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers * content-length 2
GET H2	200	detect-aau Show response powerad.ai/	2 B 214 B	289ms 95ms	Fetch text/plain	18.211.226.152 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://powerad.ai/detect-aau?ch=1 Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-211-226-152.compute-1.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT server nginx/1.10.3 (Ubuntu) x-powered-by Express etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers * content-length 2
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 25D4	178 KB 58 KB	69ms 19ms	Script text/javascript	104.102.28.254 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-28-254.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip last-modified Tue, 02 Nov 2021 19:14:10 GMT server Apache/2.2.15 (CentOS) etag "10a1110-2c888-5cfd3192c4545" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control public, max-age=141076 accept-ranges bytes content-type text/javascript content-length 58379 expires Wed, 20 Apr 2022 07:52:26 GMT
GET H2	200	pbjs_wrapper.v1.1.js Show response hb.brainlyads.com/ Frame DD1D	38 KB 12 KB	307ms 100ms	Script application/javascript	23.20.158.212 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://hb.brainlyads.com/pbjs_wrapper.v1.1.js Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-20-158-212.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 7852ee64c59c579042dca0b1136eae6d5f044e5e6c17323d9a091d23e51294b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip last-modified Wed, 06 Apr 2022 09:08:13 GMT server nginx/1.18.0 (Ubuntu) etag W/"624d587d-96aa" vary Accept-Encoding content-type application/javascript cache-control max-age=172800 strict-transport-security max-age=31536000; includeSubDomains; preload expires Wed, 20 Apr 2022 16:41:10 GMT
GET H2	200	pbjs_wrapper.v2.0.js Show response hb.brainlyads.com/ Frame 19B0	44 KB 13 KB	400ms 197ms	Script application/javascript	23.20.158.212 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://hb.brainlyads.com/pbjs_wrapper.v2.0.js Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-20-158-212.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 6837ee5bbfe3f66ce807e7273d8c022f1e3e64cae80fb2172b1a28ec2758086c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip last-modified Mon, 28 Mar 2022 15:20:39 GMT server nginx/1.18.0 (Ubuntu) etag W/"6241d247-b053" vary Accept-Encoding content-type application/javascript cache-control max-age=172800 strict-transport-security max-age=31536000; includeSubDomains; preload expires Wed, 20 Apr 2022 16:41:10 GMT
GET H2	200	/ Show response powerad.ai/pubPls/	17 KB 3 KB	103ms 103ms	XHR text/html	18.211.226.152 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-211-226-152.compute-1.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Express Resource Hash 4994ee56e5bc27636d5757b2f566a11a4e293ae290b78426175a5c556a3257f4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip server nginx/1.10.3 (Ubuntu) x-powered-by Express etag W/"440e-vtMm6S5TQpirM7j9Wpf0JFHAE9w" vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin https://www.techtimes.com access-control-allow-credentials true access-control-allow-headers *
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	137ms 49ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.techtimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	136ms 48ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.techtimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	367 KB 68 KB	722ms 681ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3509892383777315&correlator=1660115569909322&eid=31063377%2C21068767%2C31065642%2C31065787%2C31060032&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=21697271410%2Ctechtimes%2Cpersonaltech%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C400x300%2C300x250%7C300x600%7C160x600%7C300x1050%2C300x250%7C300x600%7C160x600%2C728x90%2C1x1%2C1x1&ifi=1&adks=1577784758%2C3836433192%2C2595408385%2C3351343851%2C1583772871%2C1492474528%2C1492474529&sfv=1-0-38&ecs=20220418&ists=3&fsapi=false&prev_scp=pos%3Dtop%7Cpos%3Dright1%7Cpos%3Dright2%7Cpos%3Dright3%7Cpos%3Dbottom%7Cpos%3Doop1%7Cpos%3Doop2&eri=1&cust_params=article_id%3D274335%26NoPassAN%3DN&sc=1&cookie_enabled=1&abxe=1&dt=1650300070491&lmt=1650300070&dlt=1650300069770&idt=691&biw=1600&bih=1200&adxs=315%2C1032%2C-9%2C-9%2C-9%2C0%2C165&adys=130%2C362%2C-9%2C-9%2C-9%2C4554%2C3778&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&frm=20&vis=1&scr_x=0&scr_y=0&psz=1270x0%7C403x0%7C0x-1%7C0x-1%7C0x-1%7C1600x0%7C836x0&msz=970x0%7C403x0%7C0x-1%7C0x-1%7C0x-1%7C1600x0%7C836x0&fws=0%2C0%2C2%2C2%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=418707075.1650300070&ga_sid=1650300070&ga_hid=173945056&ga_fc=true&btvi=0%7C0%7C-1%7C-1%7C-1%7C1%7C2&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash b7fea536add509ff63751de4dbc7ab997df411f07167914c21c827160b310f54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 69429 x-xss-protection 0 google-lineitem-id -1,-1,-1,-1,-1,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,-1,-1,-1,-1,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.techtimes.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 85a2ecc1302f8b7a8b966cfd378d689a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1508	6 KB 4 KB	167ms 44ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://85a2ecc1302f8b7a8b966cfd378d689a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.techtimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 18 Apr 2022 16:41:10 GMT expires Tue, 18 Apr 2023 16:41:10 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	57ms 18ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41574041-1&cid=418707075.1650300070&jid=200994522&gjid=1573132984&_gid=1658912181.1650300070&_u=4GBAAUAAAAAAAC~&z=1571817238 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 18 Apr 2022 16:41:10 GMT content-type text/plain access-control-allow-origin https://www.techtimes.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	response.json Show response script.anura.io/	80 B 429 B	210ms 171ms	XHR application/json	3.10.25.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/response.json Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1754899507438&callback=_anuraResFun&912362964487 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.10.25.26 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-10-25-26.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash f27a815e5f1fb7d7bd5da1bad23bd5ef3c3bb4249c154c9e38734427151ab3b3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	Hc6PdfQeAi.js Show response pixel.zprk.io/v5/pixeljs/	3 KB 3 KB	516ms 165ms	Script text/plain	18.136.115.17 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1 Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.136.115.17 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-136-115-17.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT access-control-allow-credentials true access-control-allow-headers Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers content-length 2753 access-control-max-age 3600 access-control-allow-methods POST, GET, DELETE, PUT content-type text/plain;charset=UTF-8
GET H3	200	js Show response www.googletagmanager.com/gtag/	97 KB 38 KB	98ms 51ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-167135943-23 Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dae027d014879700323337e31b22eec7b2472fe7a95b806a6c45efa82e2cf304 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38561 x-xss-protection 0 last-modified Mon, 18 Apr 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 18 Apr 2022 16:41:10 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	97 KB 38 KB	102ms 55ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-167135943-23&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-41574041-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 75c1f98f7ca90245873a61f1b4546df63c0f72855f5fd2be0ec9e323c3c5210b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38570 x-xss-protection 0 last-modified Mon, 18 Apr 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 18 Apr 2022 16:41:10 GMT
GET H2	200	251 Show response a.ad.gt/api/v1/u/matches/	3 KB 4 KB	536ms 185ms	Script application/javascript	35.84.228.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ref= Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.84.228.30 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-84-228-30.us-west-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 649ab18611f8698a5ab100cdad2cbfab7bf1c27307e6eb8824cee2602df799d2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-origin * date Mon, 18 Apr 2022 16:41:11 GMT cross-origin-resource-policy cross-origin server nginx/1.18.0 content-length 3205 content-type application/javascript
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	262ms 177ms	Image image/gif	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41574041-1&cid=418707075.1650300070&jid=200994522&_u=4GBAAUAAAAAAAC~&z=1879491040 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	162ms 75ms	Image image/gif	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41574041-1&cid=418707075.1650300070&jid=200994522&_u=4GBAAUAAAAAAAC~&z=1879491040 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	prebid.js Show response hb.brainlyads.com/ Frame 25D4	562 KB 167 KB	276ms 199ms	Script application/javascript	23.20.158.212 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://hb.brainlyads.com/prebid.js Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-20-158-212.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash fbf61190d1dead1c640200707864416b7c7a73fffd52061f62909740490c5561 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding gzip last-modified Mon, 11 Apr 2022 10:40:26 GMT server nginx/1.18.0 (Ubuntu) etag W/"6254059a-8c65b" vary Accept-Encoding content-type application/javascript cache-control max-age=172800 strict-transport-security max-age=31536000; includeSubDomains; preload expires Wed, 20 Apr 2022 16:41:10 GMT
GET H2	200	/ Show response c.mgid.com/pv/	0 36 B	148ms 138ms	Script text/plain	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/pv/?pv=5&cbuster=1650300070721988042468&uniqId=0e3cc&childs=1121456&lct=1649980800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&lu=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&sessionId=625d94a7-0b691&pageView=1&pvid=1803d8cab42876cc3d4&site=703692&implVersion=11&dpr=1 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6fded8b21d699bcb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	47ms 47ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=173945056&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ul=en-us&de=UTF-8&dt=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUABAAAAAC~&jid=2101877513&gjid=1122729780&cid=418707075.1650300070&tid=UA-167135943-23&_gid=1658912181.1650300070&_r=1&gtm=2ou4d0&z=1412633721 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.techtimes.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	mgid_ua.svg cdn.mgid.com/images/mgid/	2 KB 1 KB	53ms 24ms	Image image/svg+xml	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/mgid_ua.svg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding br cf-cache-status HIT age 6811 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id DJP53ZYSPQZJQ8M6 x-amz-id-2 ysHw1O6duzB7ZE1fUAv4y9Avt3WRc5vfuKOPpRCQKby6eE/YhpiU200FHeVTjX2acfJ3jWdXzDY= last-modified Tue, 08 Mar 2022 17:05:01 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root etag W/"617c205137825561208ef7c1a2d8f319" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6fded8b26e109bcb-FRA expires Tue, 19 Apr 2022 16:41:10 GMT
GET H2	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 815 B	53ms 24ms	Image image/svg+xml	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding br cf-cache-status HIT age 6814 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id DJPBH701XZ5SZMB2 x-amz-id-2 r0xdGP+VYTQiGwsdQATEKsfbNDNmDD4jh/k2Rvm1N+DGE0SGmfJZSmDceV8zIHMnYvYLfPZp5k8= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6fded8b26e0e9bcb-FRA expires Tue, 19 Apr 2022 16:41:10 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	1 B 22 B	38ms 18ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-167135943-23&cid=418707075.1650300070&jid=2101877513&gjid=1122729780&_gid=1658912181.1650300070&_u=6GDAAUABAAAAAC~&z=29583485 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techtimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 18 Apr 2022 16:41:10 GMT content-type text/plain access-control-allow-origin https://www.techtimes.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response servicer.mgid.com/1119383/	12 KB 4 KB	54ms 46ms	Script application/x-javascript	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1119383/1?pv=5&cbuster=1650300070812372058683&uniqId=0e3cc&childs=1121456&lct=1649980800&niet=4g&nisd=false&jsv=es6&w=836&h=5756&maxw_7=336&maxh_7=370&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&lu=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&sessionId=625d94a7-0b691&pageView=1&pvid=1803d8cab42876cc3d4&implVersion=11&dpr=1 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc7be12e01322cd79804601208a18c7f817904ff692bb6736cc65ddbed9d05c5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cf-ray 6fded8b2beb29bcb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvMTUyZTRhOTZlZmFhNjJjZ... s-img.mgid.com/g/11533473/680x385/-/	118 KB 118 KB	77ms 32ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/11533473/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvMTUyZTRhOTZlZmFhNjJjZmJjZDJlYjQzOTIzM2Q5MmEuanBlZw.webp?v=1650300070-pXg6Da9A7Epzp1aZzZ4_-hKKqIK79RXkpvRPUK3ZNvo Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f4155e5de3dfb0c54213be924f2ccf1bdec9989c01af3fd3e6b7104b73f043e Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT cf-cache-status HIT last-modified Wed, 01 Dec 2021 12:37:27 GMT x-mg-request-uuid 37a67389-e2bd-427b-8946-e8bb7d9d6517 age 1236366 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b35fd95b9e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 120624 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzNkNzE5MzI2Y2FhZjA4NTQ0YmVlM2JlMDQ4NDYwOGIxLmpwZWc.webp s-img.mgid.com/g/10881030/680x385/44x0x1078x718/	15 KB 16 KB	92ms 47ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/10881030/680x385/44x0x1078x718/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzNkNzE5MzI2Y2FhZjA4NTQ0YmVlM2JlMDQ4NDYwOGIxLmpwZWc.webp?v=1650300070-k8OzDpvN2Rqtfv_c8cTZQvhyCGfEKfwy1Oa_P9Dp7W0 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7daf9dad4ef634cfe05e66ef899b84742680f611025d00b823a2348d4a45135 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 16:01:28 GMT x-mg-request-uuid a7edd1eb-a336-4958-89cb-f42349c21a73 age 1237753 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b35fda5b9e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15606 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvMDhmNjA4Y2U2YWQ4ODM3M... s-img.mgid.com/g/12578242/680x385/-/	20 KB 21 KB	92ms 47ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/12578242/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvMDhmNjA4Y2U2YWQ4ODM3MWQyMzdhOTA3YTdlMzI3NTQuanBlZw.webp?v=1650300070-8Sw3gUioYaMHOxJTvvTZG6n8-EYSDm0xa-K4JJL_k8k Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a62a429e60b3fe49b2b2bf47ce6d7917c9709f2f57bf0be5689fd0c281fbed9 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT cf-cache-status HIT last-modified Tue, 29 Mar 2022 07:02:08 GMT x-mg-request-uuid 14c8a1e8-8b17-4a0d-b9d0-9cf8d481b4fc age 1238002 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b35fdb5b9e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20746 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc.webp s-img.mgid.com/g/3931461/680x385/0x65x546x364/	16 KB 17 KB	91ms 46ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3931461/680x385/0x65x546x364/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc.webp?v=1650300070-Eqgk_0VuybRcKW33Z50rhIPkMjGH8AAmZT4GIoWBhkY Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a9a6a9fee165a1a811a34ae3488817de9f3991e7fa5c2f7a970873f91499951 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 16:39:35 GMT x-mg-request-uuid ea9c013f-3e1f-4b5a-a658-4fed87b3b19c age 383956 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b35fdd5b9e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16776 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2QyNzY3OGZkNDVjOGJjMGU3MjhiMTQwZTkxZmE3NjQwLmpwZWc.webp s-img.mgid.com/g/5523136/680x385/87x0x866x577/	19 KB 19 KB	92ms 47ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/5523136/680x385/87x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2QyNzY3OGZkNDVjOGJjMGU3MjhiMTQwZTkxZmE3NjQwLmpwZWc.webp?v=1650300070-oGHaSDI8T5b0XS5WKpZjo-dTmQTDgw0yjhkSWbecB8Y Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ea20647445a59ae7c2c142a5565947b06af167e5d6c5f3d82825a866dcbd3c2 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 16:24:30 GMT x-mg-request-uuid 3c62cc90-57c9-4b9b-a211-4786e2ffc2b5 age 1236476 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b35fde5b9e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19124 server cloudflare
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvMDBmOGU3ZGI5NmRiMTlkY... s-img.mgid.com/g/11533487/680x385/-/	26 KB 27 KB	91ms 46ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/11533487/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvMDBmOGU3ZGI5NmRiMTlkYjZjNWNhNGEyMzQyNzg1NzguanBlZw.webp?v=1650300070-av2IODJwX9aHYIbvl_A-KqmLQy-hOkBIrIbRdBOBFjI Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b424c1dac6945532c3e99a54e251ae61659656724b6d95bc261b1a003bc0574 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:10 GMT cf-cache-status HIT last-modified Wed, 01 Dec 2021 12:44:12 GMT x-mg-request-uuid cb52a949-5fcf-4348-aa9d-386dcbbaa18f age 378109 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b35fdf5b9e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26816 server cloudflare
GET H3	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC9lMmJjOTg3N... s-img.mgid.com/g/12578218/680x385/-/	3 MB 3 MB	102ms 82ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/12578218/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC9lMmJjOTg3Nzg5MTIwNTcxM2YyZGVhNTQyOGVlNTIyMC5naWY.gif?v=1650300070-WuOHGBfQMO-4kEXHQiUDbqACTiReO9cN4b4OXFdyqDo Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be47c703720c7c58f80bf795bc248ac9654ec15b87d380ae0fb75a1f9080848f Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT x-mg-request-uuid 0b544e36-491d-47e7-9b6c-82810c712b9c age 1237676 cf-polished status=not_needed alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2718045 last-modified Tue, 29 Mar 2022 06:39:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d8559a41-FRA cf-bgj imgq:100,h2pri
GET H3	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2F0dXJhdGlvbjo0MCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF84OTYseV8xMzE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZ... s-img.mgid.com/g/11739852/680x385/-/	23 KB 23 KB	223ms 204ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/11739852/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2F0dXJhdGlvbjo0MCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF84OTYseV8xMzE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZmM2MTFlODU0ODQ3Njc1Yjk3MzM3MDdiMGQ4MjQwMy5qcGVn.webp?v=1650300070-vevcU8a81UpMvucWWjjcJV15uGQ4Z-0teApwFKauAQA Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c6f412d11b2a23a175df79464f756ce16e9013340a96203b3c6521a2557f518 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT last-modified Tue, 21 Dec 2021 19:52:33 GMT x-mg-request-uuid 150393cc-7d7d-4dd4-b07b-687e7b02f865 age 378401 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d85a9a41-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23334 server cloudflare
GET H3	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMDE5MjQvMzIzMGIyODEzN2RkMTNkN... s-img.mgid.com/g/12578249/680x385/-/	19 KB 19 KB	70ms 51ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/12578249/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMDE5MjQvMzIzMGIyODEzN2RkMTNkNjIxNzk3MGNjNTZkN2M0M2YuanBlZw.webp?v=1650300070-kSXFE5ojPeEeYgs0eFjhV7KTDNqHDgjKxP2aE6QX7EA Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7db71fd704549d0d9cdff51546ef5f3c23f6a45b9b066d3f984c98c533787afc Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT last-modified Tue, 29 Mar 2022 07:10:41 GMT x-mg-request-uuid 7888814d-1637-49e1-8469-5d5dc59b874e age 1238024 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d85b9a41-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19388 server cloudflare
GET H3	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMDE5MjQvMGYwMWQyMmVlMTUwOTJhO... s-img.mgid.com/g/12581119/680x385/-/	52 KB 52 KB	57ms 38ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/12581119/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMDE5MjQvMGYwMWQyMmVlMTUwOTJhOGFiMjM2NTBjMmY2NWJhNmIuanBlZw.webp?v=1650300070-zx4wVdn_Lw0hLA4gD3_rsXq0Gu8bbRhT-yNxnPptlow Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e929e4d60632fd191bd9efe3302d8423178a8015e1c786d4fad97073340e6db1 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT last-modified Tue, 29 Mar 2022 09:57:30 GMT x-mg-request-uuid dc11b82d-a575-4d7e-9700-4131ae257965 age 155123 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d85c9a41-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 53068 server cloudflare
GET H3	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp s-img.mgid.com/g/3805658/680x385/0x0x902x601/	51 KB 52 KB	245ms 226ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3805658/680x385/0x0x902x601/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp?v=1650300070-cG-og71vXuUy0LWo_3LH8ovHwyMd-WhDQoiSEuLPpOk Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23b5e205ea1f5ea78524728dc1f414f2711d63dea7cbf24e1072be9551130f85 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 16:03:25 GMT x-mg-request-uuid 1d94dc80-ea3b-4a99-a1ec-b52f875ab27f age 1237871 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d8609a41-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 52676 server cloudflare
GET H3	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9iNTNmNjZkN... s-img.mgid.com/g/12578188/680x385/-/	646 KB 647 KB	86ms 67ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/12578188/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9iNTNmNjZkNjU0YWFkZDRmMDVlODFjZTg4ZDNlYTFiNS5naWY.gif?v=1650300070-jzxAzJb7aHBEYec0eRaye7dVXXFnN9ysGtspgM_hAfw Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc7c11be9132c73c86b0a3711f94b189618e2208b2d39d9ae40afc293376ad9a Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT x-mg-request-uuid 38dc8a7a-24aa-4ce3-be43-bccc8ac7bfd8 age 1237591 cf-polished status=not_needed alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 661496 last-modified Tue, 29 Mar 2022 06:39:42 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d85f9a41-FRA cf-bgj imgq:100,h2pri
GET H3	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA5LzEwMTkyNC82YWZmZjRhN2ZhZmIxZjZkYmVkNDBlN2YyOGM3ZjczOS5qcGc.webp s-img.mgid.com/g/12578225/680x385/0x115x2000x1333/	34 KB 35 KB	56ms 37ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/12578225/680x385/0x115x2000x1333/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA5LzEwMTkyNC82YWZmZjRhN2ZhZmIxZjZkYmVkNDBlN2YyOGM3ZjczOS5qcGc.webp?v=1650300070-JLeo5jq7ghRDyNiUe5nDqlDMrjC_hisgquD4pi5sItg Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7644987dd287bf034cc37b0a7228e80c5b5d18847e7a2da0f2d17dbdfc48085 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT last-modified Tue, 29 Mar 2022 08:56:11 GMT x-mg-request-uuid 8f20c871-0f84-4394-9eb2-b6188a1eaff1 age 1237876 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d8619a41-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35172 server cloudflare
GET H3	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp s-img.mgid.com/g/8193529/680x385/0x12x597x398/	12 KB 13 KB	247ms 228ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8193529/680x385/0x12x597x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1650300070-is_pCv_Epk08uWfW7YpLUjT67NM-Dza4kXn3OP6cDAc Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7df37952f1ae145921b6eec313b3d11b9d3f9b41583750355d7c5182b216ee3 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 16:07:43 GMT x-mg-request-uuid c62bedd6-c283-43d8-b6bd-a279d54f071d age 1237281 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d8639a41-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12534 server cloudflare
GET H3	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDcxLHlfMTMxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9iMzIxM... s-img.mgid.com/g/12581075/680x385/-/	25 KB 25 KB	42ms 23ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/12581075/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDcxLHlfMTMxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9iMzIxMDM4OTI2ODRlZTFhMzEzYTRmMzg1OWZjMTJjNS5qcGVn.webp?v=1650300070-f3l4uas4zH_Uo_PYIiEgcZP5i7WNl9C9rS4HDUIOhAQ Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31383fa78da34e247b6838cd08489fb02f9e15923656ea8e8867f960eafb49e5 Request headers Referer https://www.techtimes.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status HIT last-modified Tue, 29 Mar 2022 10:11:07 GMT x-mg-request-uuid 4a7ee1f7-7708-46db-8619-c6bbe0f27f9b age 658282 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6fded8b3d85d9a41-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 25320 server cloudflare
GET H2	200	i.js Show response cm.mgid.com/	0 125 B	119ms 108ms	Script application/javascript	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?&cbuster=1650300070914999736035 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 6fded8b348099bcb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	i-noref.js Show response cm.mgid.com/ Frame A049	0 38 B	122ms 121ms	Script application/javascript	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1650300070930510138647 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:11 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 6fded8b3b8db9bcb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	haloid Show response id.halo.ad.gt/api/v1/	6 KB 3 KB	536ms 170ms	Script text/javascript	35.85.185.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.halo.ad.gt/api/v1/haloid Requested by Host: a.ad.gt URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ref= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.85.185.37 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-85-185-37.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash c5d5e7f685c3bb91e84b94b6738310b8e2de4056b4668c42131ec64b3f014e40 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT content-encoding gzip origin-trial server nginx/1.20.0 content-type text/javascript; charset=UTF-8
GET H2	200	251 Show response p.ad.gt/api/v1/p/	26 KB 8 KB	535ms 175ms	Script application/javascript	34.213.88.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.ad.gt/api/v1/p/251 Requested by Host: a.ad.gt URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ref= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.213.88.197 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-213-88-197.us-west-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 9d6d1d907a02a5efc58c3730cf1abb56714427921566cf6a322d9ab77a3239bb Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT content-encoding gzip last-modified Fri, 15 Apr 2022 13:40:06 GMT server nginx/1.18.0 etag W/"1650030006.0-27076-2710964840" content-type application/javascript access-control-allow-origin * cache-control public, max-age=43200 expires Tue, 19 Apr 2022 04:41:11 GMT
GET H2	200	match ids.ad.gt/api/v1/ Redirect Chain https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&adnxs_id=$UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8%26adnxs_id%3D%24UID https://ids.ad.gt/api/v1/match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&adnxs_id=8651163547569705237	43 B 469 B	427ms 170ms	Image image/gif	44.239.49.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&adnxs_id=8651163547569705237 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Server 44.239.49.199 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-239-49-199.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cache-control public, max-age=43200 server nginx/1.20.0 content-type image/gif expires Tue, 19 Apr 2022 04:41:11 GMT Redirect headers Pragma no-cache Date Mon, 18 Apr 2022 16:41:11 GMT X-Proxy-Origin 185.213.155.169; 185.213.155.169; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com AN-X-Request-Uuid 62a79513-6bda-4aff-91a9-dd1ba9d52be6 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ids.ad.gt/api/v1/match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&adnxs_id=8651163547569705237 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	t_match ids.ad.gt/api/v1/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 https://ids.ad.gt/api/v1/t_match?tdid=d3f407c3-e210-41a9-9c7c-51bcc9bea0f6&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8	43 B 465 B	534ms 332ms	Image image/gif	44.239.49.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/t_match?tdid=d3f407c3-e210-41a9-9c7c-51bcc9bea0f6&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Server 44.239.49.199 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-239-49-199.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cache-control public, max-age=43200 server nginx/1.20.0 content-type image/gif expires Tue, 19 Apr 2022 04:41:11 GMT Redirect headers pragma no-cache date Mon, 18 Apr 2022 16:41:11 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ids.ad.gt/api/v1/t_match?tdid=d3f407c3-e210-41a9-9c7c-51bcc9bea0f6&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 cache-control private,no-cache, must-revalidate content-type text/html content-length 259
GET H2	200	pbm_match ids.ad.gt/api/v1/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 https://ids.ad.gt/api/v1/pbm_match?pbm=DCE445A5-D80E-4068-9363-956F31BE8A1D&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8	43 B 466 B	211ms 170ms	Image image/gif	44.239.49.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/pbm_match?pbm=DCE445A5-D80E-4068-9363-956F31BE8A1D&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Server 44.239.49.199 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-239-49-199.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cache-control public, max-age=43200 server nginx/1.20.0 content-type image/gif expires Tue, 19 Apr 2022 04:41:11 GMT Redirect headers location https://ids.ad.gt/api/v1/pbm_match?pbm=DCE445A5-D80E-4068-9363-956F31BE8A1D&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 date Mon, 18 Apr 2022 16:41:10 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	g_match ids.ad.gt/api/v1/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&google_tc= https://ids.ad.gt/api/v1/g_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&google_gid=CAESEKwoncT3j0gh0RzAp9YuUwM&google_cver=1&google_ula=450542624,0	43 B 466 B	306ms 169ms	Image image/gif	44.239.49.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/g_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&google_gid=CAESEKwoncT3j0gh0RzAp9YuUwM&google_cver=1&google_ula=450542624,0 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Server 44.239.49.199 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-239-49-199.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cache-control public, max-age=43200 server nginx/1.20.0 content-type image/gif expires Tue, 19 Apr 2022 04:41:11 GMT Redirect headers pragma no-cache date Mon, 18 Apr 2022 16:41:11 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ids.ad.gt/api/v1/g_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&google_gid=CAESEKwoncT3j0gh0RzAp9YuUwM&google_cver=1&google_ula=450542624,0 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 357 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Redirect Chain https://ids.ad.gt/api/v1/g_hosted?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=OTRlYTc4YTUtOWVjYy00YWI1LWJjYzktNDZjZDFlMjM0NGU4	170 B 188 B	42ms 42ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=OTRlYTc4YTUtOWVjYy00YWI1LWJjYzktNDZjZDFlMjM0NGU4 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:11 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=OTRlYTc4YTUtOWVjYy00YWI1LWJjYzktNDZjZDFlMjM0NGU4 date Mon, 18 Apr 2022 16:41:11 GMT server nginx/1.20.0 content-length 473 content-type text/html; charset=utf-8
GET H2	200	cm u.openx.net/w/1.0/	43 B 305 B	102ms 28ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8%26auid%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/18.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:11 GMT content-encoding gzip server OXGW/18.0.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" via 1.1 google cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	getuid sync.smartadserver.com/ Redirect Chain https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8%26sas_uid%3D%5bsas_uid%5d https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&sas_uid=[sas_uid]&cklb=1	0 75 B	16ms 16ms	Image text/plain	185.86.137.131 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&sas_uid=[sas_uid]&cklb=1 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol HTTP/1.1 Server 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT content-length 0 Redirect headers location https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&sas_uid=[sas_uid]&cklb=1 pragma no-cache date Mon, 18 Apr 2022 16:41:10 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H2	200	mediamath_match ids.ad.gt/api/v1/ Redirect Chain https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 https://ids.ad.gt/api/v1/mediamath_match?user_id=4092625d-94a7-4400-a1a5-87272f53477f&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8	43 B 377 B	170ms 170ms	Image image/gif	44.239.49.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/mediamath_match?user_id=4092625d-94a7-4400-a1a5-87272f53477f&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Server 44.239.49.199 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-239-49-199.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cache-control public, max-age=43200 server nginx/1.20.0 content-type image/gif expires Tue, 19 Apr 2022 04:41:11 GMT Redirect headers Date Mon, 18 Apr 2022 16:41:11 GMT Server MT3 4335 2c68c00 master ord-pixel-x1 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ids.ad.gt/api/v1/mediamath_match?user_id=4092625d-94a7-4400-a1a5-87272f53477f&id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Mon, 18 Apr 2022 16:41:10 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012203150226000/ Frame 8CB3	222 KB 62 KB	161ms 40ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62084 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "fa1474a6dd6481f4" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8CB3	16 KB 6 KB	261ms 141ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5728 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d91e62368f79b48d" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8CB3	96 KB 29 KB	148ms 143ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29618 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9a9baa9802fa29d2" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8CB3	5 KB 2 KB	146ms 145ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1900 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "3393210d007db9ca" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8CB3	42 KB 13 KB	147ms 146ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13669 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "565eca32a909292d" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H3	200	css fonts.googleapis.com/ Frame 8CB3	8 KB 892 B	97ms 48ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 18 Apr 2022 15:24:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 18 Apr 2022 16:41:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 18 Apr 2022 16:41:11 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8CB3	2 KB 3 KB	96ms 42ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 09:41:38 GMT x-content-type-options nosniff server cafe age 25173 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Tue, 19 Apr 2022 09:41:38 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8CB3	295 B 353 B	93ms 40ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 09:53:05 GMT x-content-type-options nosniff server cafe age 24486 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Tue, 19 Apr 2022 09:53:05 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 8CB3	0 0	91ms 44ms	Image text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSj9Q1h75r4nV4rWDWAdZmIF02rtIEaiYZ_qcP5hKMt-SRhFaZr3JyaLmudy3tD6IANxcW2 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 8CB3	0 0	78ms 76ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Cex3JppRdYqWfJJa_3gO_sJPQBYfA7Npp69yry9QP__WQ49cCEAEg3vWGhAFgleKQgqAHoAGr1bS7AsgBCeACAKgDAcgDCqoExwJP0BHdh1pDbGMul7S_eLJeoQS8OfBhrzn2Ugk51IakJ-VgGYadztwcaHn4BgZ32vQnjgm-cK1u6rXtLMVPB6gFY_NnJNKkLPQa18E01HIsxYKc9fUHSaOjCk-v5VPeYFs5NvMrArvaq25UyipTnVN5DENB3zJp8dwnrLLUd5c_i5cF0lufXx8dxKgcWzn6lb2osliVXjOgPZsvS6hv4xWLhCChu9W-VK0pgH3O-faGcuHg4Uuo3LQSJNUhIBDh35841sgC4zEgzWTi9h4rlMGiUxK1ib663WH0b4m6yCM1zbJCbFneZHSxGhesLRnBOlFYJxxwRqo1xfHr3o-hnLK_BRm2lnXmOA3T0DkHed92eExuLr2_ZNFeB5LBzUCsFNcR436Jz1LM8WvXV_Yj66TvvocWBLcnfh1F3nB8S5cui2k1RCFwea7ABO20p5W1A-AEAZIFBAgEGAGSBQQIBRgEoAYugAfFtJPJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELzcPtIICQiI4YBwEAEYHYAKA8gLAbgTiCfYEwzQFQGAFwGyFx4KHAgAEhRwdWItNDk3MTk0OTQwMzYwMjUwORi-lWw&sigh=EZp7naV0bUo&uach_m=[UACH]&cid=CAQSLgCNIrLMgrx49rnKMl8jsm7-q1VyvxUmIYZd9RgPY5WTt_Q-o69okxHIu44XNsIYAQ&template_id=5000 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012203150226000/ Frame 8BC4	222 KB 61 KB	157ms 83ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62084 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "fa1474a6dd6481f4" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8BC4	16 KB 6 KB	150ms 149ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5728 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d91e62368f79b48d" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8BC4	96 KB 29 KB	152ms 151ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29618 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9a9baa9802fa29d2" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8BC4	5 KB 2 KB	159ms 159ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1900 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "3393210d007db9ca" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8BC4	42 KB 13 KB	160ms 160ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 191942 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13669 x-xss-protection 0 server sffe date Sat, 16 Apr 2022 11:22:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "565eca32a909292d" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 16 Apr 2023 11:22:09 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BC4	2 KB 3 KB	123ms 40ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 09:41:38 GMT x-content-type-options nosniff server cafe age 25173 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Tue, 19 Apr 2022 09:41:38 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BC4	295 B 757 B	122ms 39ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 09:53:05 GMT x-content-type-options nosniff server cafe age 24486 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Tue, 19 Apr 2022 09:53:05 GMT
GET DATA	200 OK	truncated / Frame 8BC4	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb40da2c58897d2512c5762fc08913e06774179602f8d71ff627fa7ea96d4b77 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H2	200	1308135214687776906 tpc.googlesyndication.com/simgad/ Frame 8BC4	93 KB 93 KB	171ms 88ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1308135214687776906?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlmM_0exsJMlXeshY5-IkuYKn7gBA Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1438e4730c018c9118a8c7860200a321ccd5b0c6e637c08367859dbe8aaff729 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 21:04:37 GMT x-content-type-options nosniff age 329794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95149 x-xss-protection 0 last-modified Tue, 01 Mar 2022 13:38:43 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 14 Apr 2023 21:04:37 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 8BC4	0 0	44ms 44ms	Image text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMiCloUumosdLYKqdNFSM2gjWzqFEfIEYvm2ilIzOEz-OxVCNnn4AN2Y_WIF-pQe5Dn834 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 8BC4	0 0	78ms 78ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CTOzjppRdYqafJJa_3gO_sJPQBb3K-Mxpy8ehvuIP2tkeEAEg3vWGhAFgleKQgqAHoAHGwf6TA8gBAuACAKgDAcgDCKoEyQJP0PV9BnL-ID0NsvyebHezB-wOHMYMopNNvpJdWxQGAq-qWKpNdf97qtfq2VGVNzpj7nk1nZnTy1vMArzehzIaGDLCr2ebrwufRBwf2AZZFKAkYhvv6zWWculhpZuAtNspPaZ0OY03DPGCpcBvzSUEZ9fBmsb3P9wsC908L9caywmSfDAssGmVy5kTgKOpmEnFkJAM9n_dWR6dpWrBcrWwTk10geAFjjWpvjYgOXkf4mNkdkWcseLO6x9CA0R_xnjP631TzGoqBajsJHGOQYcHfR2mRj22EGPs0I90ZcNLaG2qu7Y6sVaQvsB4KF5g5w-TN3NGIeQTp91TZ14Dt-gwE-IcTDO82jMAgZubkwWy4UJfsbZoIr2mApNqnHEkYVcUf0LR1JoyIIt6evQqlKXDa24-dUQDZrmR-SpU91LZ0ceZp4e4MquqwMAEosXH_PID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6K-gWyoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDv6jfSCAkIiOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDk3MTk0OTQwMzYwMjUwORi-lWw&sigh=15Xl-7ZTWXA&uach_m=[UACH]&cid=CAQSLgCNIrLMgrx49rnKMl8jsm7-q1VyvxUmIYZd9RgPY5WTt_Q-o69okxHIu44XNsIYAQ Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H2	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/15665637853121602904/ Frame 8CB3	25 KB 26 KB	98ms 44ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15665637853121602904/downsize_200k_v1?w=600&h=314 Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53d7523b92efee725dbc5dd9c6578c9b08a9bbac4d5d9f95ee9ead2db6497956 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 00:49:27 GMT x-content-type-options nosniff age 575504 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25984 x-xss-protection 0 last-modified Thu, 10 Mar 2022 20:44:01 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 12 Apr 2023 00:49:27 GMT
GET DATA	200 OK	truncated / Frame 8CB3	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 8CB3	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 8CB3	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a02fa699d2d70ab20123f4c9fedc23b9df77e330c120adde3f00a46fbdc05151 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v42/ Frame 8CB3	28 KB 28 KB	82ms 37ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.techtimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 22:46:42 GMT x-content-type-options nosniff age 496469 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28328 x-xss-protection 0 last-modified Tue, 01 Mar 2022 21:57:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Apr 2023 22:46:42 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 8BC4 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	201ms 114ms	Image text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Redirect headers date Mon, 18 Apr 2022 16:41:11 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	halo_match ids.ad.gt/api/v1/	43 B 470 B	173ms 173ms	Image image/gif	44.239.49.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/halo_match?id=94ea78a5-9ecc-4ab5-bcc9-46cd1e2344e8&halo_id=02018hqkt607jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.239.49.199 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-239-49-199.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT cache-control public, max-age=43200 server nginx/1.20.0 content-type image/gif expires Tue, 19 Apr 2022 04:41:11 GMT
GET H2	204	getpixels Show response pixels.ad.gt/api/v1/	0 52 B	733ms 182ms	Script text/plain	44.240.45.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixels.ad.gt/api/v1/getpixels?tagger_id=a93fd1fa7ac5c0e4e32ba49169e553c4&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&code=%27none%27 Requested by Host: p.ad.gt URL: https://p.ad.gt/api/v1/p/251 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.45.112 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-45-112.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:12 GMT server nginx/1.20.0
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 26 KB	16ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: p.ad.gt URL: https://p.ad.gt/api/v1/p/251 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26311 x-xss-protection 0 pragma public x-fb-debug 5Dz+WZlnUFQht8vFFAuTlO3dD5hBi+c5E1HxNn68LegcKOgzhiYrObQOEYP1eiAYaQSPojMBynOlQo+i8bOujw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 18 Apr 2022 16:41:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 763 B	39ms 39ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:04:43 GMT content-encoding gzip x-content-type-options nosniff age 2188 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 18 Apr 2022 17:04:43 GMT
GET H3	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:50:21 GMT content-encoding br x-content-type-options nosniff age 3050 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1129 x-xss-protection 0 last-modified Thu, 30 Dec 2021 12:48:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 18 Apr 2022 16:50:21 GMT
GET H3	200	1853083501571805 Show response connect.facebook.net/signals/config/	308 KB 88 KB	11ms 10ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1853083501571805?v=2.9.57&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 348c71eeac55953c593ec776b2402cb357a18bd94259e323977e9928f1c77624 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 90221 x-xss-protection 0 pragma public x-fb-debug oT5PhvHF0DHBYa3LDpdYY1tHVv2ApgjfEo21HzJGi9N3n565VtEh09po3LMH2Y/56cUVsdquiYbUe/lTe/QVcg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 18 Apr 2022 16:41:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	23ms 7ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&rl=&if=false&ts=1650300071746&cd[partner_id]=251&cd[tagger_id]=a93fd1fa7ac5c0e4e32ba49169e553c4&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650300071744.1813974430&it=1650300071696&coo=false&tm=1&rqm=GET Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:11 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Mon, 18 Apr 2022 16:41:11 GMT
POST H2	200	/ reporting.powerad.ai/	2 B 271 B	98ms 97ms	Ping text/plain	54.234.151.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://reporting.powerad.ai/ Requested by Host: powerad.ai URL: https://powerad.ai/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-234-151-247.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://www.techtimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Apr 2022 16:41:12 GMT server nginx/1.14.0 (Ubuntu) x-powered-by Express etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers * content-length 2
POST H3	200	/ Show response www.facebook.com/tr/ Frame 59D2	0 18 B	17ms 7ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: www.techtimes.com URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.techtimes.com Referer https://www.techtimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.techtimes.com alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Mon, 18 Apr 2022 16:41:12 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	140ms 54ms	XHR application/json	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2367dbe59f98fba3961d5657b4c30f221b55296e349a229b470edb4fe71ec566 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Mon, 18 Apr 2022 16:41:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10664 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	102ms 52ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Apr 2022 16:41:12 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 8CB3	42 B 64 B	123ms 75ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoDFYVIrvA_OLcdFWyhFoDumJig-yeZV1-MwnaRUuKS6IcY--9WYx8dX0H8AQJ4KnPY-HQuTzWtjJlfILSkxZp-ONx1ADF_XDFXJzBmzL97SYFJ0AdBQ&sai=AMfl-YRmONkQOkQ2yVkfE5eeBbIAyDekfcakv8cdpRE6fmTvNYLqeEDMvs8qsS7oxyLmbQQEhpX0Lcsx58a4j53qnP_CjmeaiNCmLiheuAyJbw&sig=Cg0ArKJSzBhwxA_plgeXEAE&cid=CAQSLgCNIrLMgrx49rnKMl8jsm7-q1VyvxUmIYZd9RgPY5WTt_Q-o69okxHIu44XNsIYAQ&id=ampim&o=315,130&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=362&tls=1363&g=100&h=100&tt=1363&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1577784758 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 8BC4	42 B 64 B	120ms 76ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH29QdE-Jo_ANsJegOO9-hnca8lI3-9j-n5iN420UVgSc2i1A7dS8ixlIs9sDWi_0palr5vaxNoyjOEOXNcPSQYkdQwiErZrem8VDUWNTDbc7hiJCvESznTGKD8p9m6qa3EGHbln51Vn5G&sai=AMfl-YRy37n3BqUlx7ypjlgdiEPwVgueIevZwWl7qL85YdwJBaiz65ttpmYUV1dxtuNZ7T2VKh7oTiOBMVbn6MLrU8pVMbIawJWGF5a-OZuiSA&sig=Cg0ArKJSzEuAWClB2aeLEAE&cid=CAQSLgCNIrLMgrx49rnKMl8jsm7-q1VyvxUmIYZd9RgPY5WTt_Q-o69okxHIu44XNsIYAQ&id=ampim&o=1083,577&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=320&tls=1324&g=100&h=100&tt=1324&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3836433192 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 18 Apr 2022 16:41:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 381D	13 KB 5 KB	39ms 39ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.techtimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3589 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 18 Apr 2022 15:41:23 GMT expires Tue, 18 Apr 2023 15:41:23 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 7094	783 B 536 B	46ms 46ms	Document text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e02bf452a42b34003ebc86d188d5513f4f3af57b8ad0f062f26f4976789463a8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-K31tyruq3fOhgDVNR5jIBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.techtimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-K31tyruq3fOhgDVNR5jIBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 18 Apr 2022 16:41:12 GMT expires Mon, 18 Apr 2022 16:41:12 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 7094	0 0	88ms 88ms	Image text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=3509892383777315&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response pagead2.googlesyndication.com/bg/ Frame 381D	35 KB 13 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 17 Apr 2022 21:02:46 GMT content-encoding br x-content-type-options nosniff age 70706 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13566 x-xss-protection 0 last-modified Mon, 11 Apr 2022 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 17 Apr 2023 21:02:46 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 381D	0 9 B	39ms 39ms	Image text/plain	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?1O2sPg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 16:41:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	91ms 91ms	Image text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=3509892383777315&bg=!6-il6KzNAAZvJBiFTyQ7ACkAdvg8WuviE6IZ67PeipHHnaxpa6E_h86xo9jVBiXJGvBfJbUmXPUMOQIAAABIUgAAAANoAQcKADWbKhZZIpVQhY62gul07jBK2cYl2cV1WFGi_vflec83ADkNC9Gv1uALJV34DJswStxd7OiscZkCtTbMKPdgFVeSOtX7kd2l12f7Fx9BWb8Pk564FygAJYpYEsjgxD-o0qdKM0fqTSgIZwyX_McBub2QMyIwccrqtfTGBaBKedn88lQFFTjnnqWCMSmhO5Ypem_E6qFzXR7HvrBHbxYDphmxxQKrdbHOZ3A1nYkBokaQa3HGexJh3se7W6btLE458bHrgAnyvg-vbC_x4biiJZOQKWpvoP9S8cPjUhupSj1ObGs4_yj95TusWGqxO3mm_KETBsqZikY7debICHcRCELth-39gRjyGKhsJPuoGvE1lnl3r65VIO9EfMXpjzvibF6QHInBbkW-bIzI2kKIoWEpqGMevXwXmGq70Od2otzoNKggxjVjcU9wK0QabdHnIyFtoSIORlL56daK2k51etmFzdQWd6WibfwlGo0ZfC4hAzB6Ddw_zSUcKwwxtGvcp2nF18WKLOGX7SjqDVvHSNU9qgUf5QdbGBoUYavvsXundJY56gAZP2gIcc273Z3XsP-qQmnWsMo91lkOwbmx8i1Q--cmVLUm-ObOaS6zf3QjVgpL8d_zBjLAqa9D06FzrxV-5Tw_Evlr5NCfWTIesrVPcoRBtjqTr9oi7FGg4RDQrB-s8IcmTQ3_1IPNLSXgWe9Jo5HiwO_cB3H5oS8jJSCPeA3oluxhsSJS_64UHlohfd8Inl2SfgBDCGnEKSWck_FOZCqG1t-a9SPglQtdTuCYdvi3ASoSs9zzsy7RdltbqV_ZiJG5cDZsjESysMBgOeI6oK6TlQwjgK7ao39SjyhWT-HX12xfqn0pw7PhnbFt1ouyui-NvG4vyAiMaNzgEoaLnkPF2r4-_tjlU6TPI_gPPU2GYS7d6dRotMIbqVKk9uA5NSx8mjgHwbaC0FW9GpEg1QUNQ1Cm5NygSFE3YODrJgsn6KsLUF4MZ4tnvA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.techtimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers