www.redpacketsecurity.com Open in urlscan Pro
2606:4700:20::681a:25b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
Submission: On June 12 via manual (June 12th 2023, 2:38:05 am UTC) from JP — Scanned from JP

Summary HTTP 175 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 33 domains to perform 175 HTTP transactions. The main IP is 2606:4700:20::681a:25b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.redpacketsecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time www.redpacketsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 54	2606:4700:20:... 2606:4700:20::681a:25b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2404:6800:400... 2404:6800:400a:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c13::9c	15169 (GOOGLE) (GOOGLE)
1 1	172.217.26.226 172.217.26.226	15169 (GOOGLE) (GOOGLE)
2 20	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
5 10	2404:6800:400... 2404:6800:4004:80a::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81c::2002	15169 (GOOGLE) (GOOGLE)
24	2404:6800:400... 2404:6800:4004:80a::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:80b::200a	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:822::2003	15169 (GOOGLE) (GOOGLE)
2	142.251.42.131 142.251.42.131	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
2 4	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
4 32	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
4 4	2a02:fa8:c411... 2a02:fa8:c411:13::1370	399104 (CNVR-APAC) (CNVR-APAC)
1 1	2406:da18:929... 2406:da18:929:5a00:c7e5:65ae:2a43:109e	16509 (AMAZON-02) (AMAZON-02)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 3	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	34.237.252.80 34.237.252.80	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	18.182.248.191 18.182.248.191	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.203.31 172.105.203.31	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 2	43.207.13.63 43.207.13.63	16509 (AMAZON-02) (AMAZON-02)
1 1	44.198.110.80 44.198.110.80	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.45.61.118 23.45.61.118	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2404:6800:400... 2404:6800:400a:805::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.142.175.23 34.142.175.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	23.10.15.149 23.10.15.149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	150.95.47.241 150.95.47.241	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	142.250.199.114 142.250.199.114	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80f::2012	15169 (GOOGLE) (GOOGLE)
175	22

54 2606:4700:20::681a:25b (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.redpacketsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:400a:80e::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c13::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.26.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4004:820::2002 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:80a::2004 (Australia) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81f::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2404:6800:4004:80a::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80b::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.131 (East White Plains, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net

p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:df2:a300:bbbb::135 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.196.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:c411:13::1370 (Amsterdam, Netherlands) 4 redirects

ASN399104 (CNVR-APAC, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a00:c7e5:65ae:2a43:109e (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.45.175.185 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.252.80 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-252-80.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.150.223.50 (Japan) 2 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Tokyo, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.182.248.191 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-248-191.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.203.31 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1857-31.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.207.13.63 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-43-207-13-63.ap-northeast-1.compute.amazonaws.com

dynalyst-sync.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.110.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-110-80.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.61.118 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-61-118.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:805::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.142.175.23 (Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.10.15.149 (Tokyo, Japan) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-149.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.241 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-241.a00c.g.jpt1.static.cnode.io

sync.dsp.reemo-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.199.114 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f18.1e100.net

p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80f::2012 (Australia)

ASN15169 (GOOGLE, US)

p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	redpacketsecurity.com 3 redirects www.redpacketsecurity.com	928 KB
50	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 121 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 248	156 KB
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154	415 KB
15	gstatic.com www.gstatic.com p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i1-v6exp3.v4.metric.gstatic.com p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i2-v6exp3.ds.metric.gstatic.com	128 KB
15	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 272 adservice.google.com — Cisco Umbrella Rank: 106	2 KB
4	dotomi.com 4 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3052	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1017 r.turn.com — Cisco Umbrella Rank: 3884	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	219 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	5 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 4753	956 B
3	bluevoox.com 3 redirects im.bluevoox.com — Cisco Umbrella Rank: 14030	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2083	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 727	926 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1394	606 B
2	adtdp.com 2 redirects dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 29987	925 B
2	ad-m.asia 2 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3144	974 B
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8561	968 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 626	1 KB
2	fksnk.com 2 redirects fksnk.com — Cisco Umbrella Rank: 5126	1 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 20222
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176 partner.googleadservices.com — Cisco Umbrella Rank: 1086	1 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1114	14 KB
1	reemo-ad.jp 1 redirects sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 7348	353 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 953	713 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 758	1001 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 17567	600 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 19514	306 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 45344	664 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7432	489 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 6059	613 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1119	450 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9763	292 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 454	714 B
175	33

	Domain	Requested by
54	www.redpacketsecurity.com	3 redirects www.redpacketsecurity.com static.cloudflareinsights.com
32	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
24	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	www.redpacketsecurity.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	www.google.com	5 redirects www.redpacketsecurity.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
4	dclk-match.dotomi.com	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com
3	an.yandex.ru	2 redirects
3	im.bluevoox.com	3 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	dynalyst-sync.adtdp.com	2 redirects
2	sync-dsp.ad-m.asia	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	c1.adform.net	2 redirects
2	fksnk.com	2 redirects
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com
2	www.google.co.jp
2	stats.g.doubleclick.net	www.redpacketsecurity.com
2	static.cloudflareinsights.com	www.redpacketsecurity.com
1	p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i2-v6exp3.ds.metric.gstatic.com
1	p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i1-v6exp3.v4.metric.gstatic.com
1	sync.dsp.reemo-ad.jp	1 redirects
1	um.simpli.fi	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	a.c.appier.net	1 redirects
1	v9999.adv.admeme.net	1 redirects
1	sync.fout.jp	1 redirects
1	dsp.adkernel.com	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	trace.mediago.io	1 redirects
1	s.uuidksinc.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	analytics.google.com	www.redpacketsecurity.com
1	www.googleadservices.com	1 redirects
175	44

This site contains links to these domains. Also see Links.

Domain
www.buymeacoffee.com
www.patreon.com
t.me
discord.gg
www.reddit.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
Frame ID: EAF46D509BDD7E3F7AA7C3AD268BCC58
Requests: 66 HTTP requests in this frame

Frame: https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Frame ID: 01AD7F3B9975F103B5E21B181B96A798
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: 5C9F5D8475B48CE107745EC0227B2BF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&adk=1812271804&adf=3025194257&lmt=1686531280&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537454727&bpp=3&bdt=484&idt=283&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4875313347359&frm=20&pv=2&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: 1A9D54F3596C65FB9AF7D997DCFB2435
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF71BD112F3DDFEC7E836961A3C9E75C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E29D90078C8F6E9EFA7BDEF899F8E2D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455512&bpp=2&bdt=1268&idt=2&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0&nras=2&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VAfUVUbrSo&p=https%3A//www.redpacketsecurity.com&dtd=9
Frame ID: 654C4A722E4B4694C3CF46D6A85E9604
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Frame ID: 65A7DFB2BFCA434017229883743747A0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Frame ID: FDC2A809F80CF11F6E87B22C69922F38
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9B81527DB42F21D2BC2F6C95641F248F
Requests: 2 HTTP requests in this frame

Frame: https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 80F7AAAAFD2DF0F3251DC74BE4DFC196
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3C42D2B2D7C79CE4698DD91F5F9F023
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E6B839032FD2F32E2A440D0E95158CDF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D58AC9F8FF393CD26D110E5CB6E7CDD5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 94750CE11413C62FAA932D73890E0319
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js
Frame ID: C1FC38F113C0341EA43BC524CBDB1CBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4458C503A6925C0CF5C2315233A5A6F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FEEE6FD3D45648A2C1D5D87756425C76
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js
Frame ID: 5A2D050C12B080E17038A52DEC501FF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063
Frame ID: 5C811EC0629D4870C95627C857477C3F
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 686C0F96304C24BBB35557E33A0EF266
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BianLian Ransomware Victim: Aarti Industries Ltd[.] - RedPacket Security

Page URL History Show full URLs

https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd HTTP 301
https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

175
Requests

82 %
HTTPS

46 %
IPv6

33
Domains

44
Subdomains

22
IPs

8
Countries

1864 kB
Transfer

5152 kB
Size

56
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.buymeacoffee.com/redpacketsec
Title: <img decoding="async" src="https://www.redpacketsecurity.com/wp-content/uploads/2022/10/buymeacoffee.png" alt="Buy Me A Coffee" class="wp-image-52196" width="421" height="211" srcset="https://www.redpacketsecurity.com/wp-content/uploads/2022/10/buymeacoffee.png 438w, https://www.redpacketsecurity.com/wp-content/uploads/2022/10/buymeacoffee-300x150.png 300w" sizes="(max-width: 421px) 100vw, 421px" title="BianLian Ransomware Victim: Aarti Industries Ltd[.] 2">

Search URL Search Domain Scan URL

URL: https://www.patreon.com/bePatron?u=37301876
Title: <img decoding="async" width="1024" height="209" src="https://www.redpacketsecurity.com/wp-content/uploads/2021/01/Digital-Patreon-Wordmark_FieryCoralv2-1024x209.png" alt="Patreon" class="wp-image-10717" title="BianLian Ransomware Victim: Aarti Industries Ltd[.] 3">

Search URL Search Domain Scan URL

URL: https://t.me/RedPacketSecurity
Title: <img decoding="async" src="https://www.redpacketsecurity.com/wp-content/uploads/2022/06/join.png" alt="join" width="421" height="134" title="BianLian Ransomware Victim: Aarti Industries Ltd[.] 4">

Search URL Search Domain Scan URL

URL: https://discord.gg/xZY94PXXs4
Title: <img decoding="async" src="https://www.redpacketsecurity.com/wp-content/uploads/2022/06/discord.png" alt="discord" width="423" height="130" title="BianLian Ransomware Victim: Aarti Industries Ltd[.] 5">

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/RedPacketSecurity/
Title: <img decoding="async" src="https://www.redpacketsecurity.com/wp-content/uploads/2022/06/reddit-2000x690.png" alt="reddit" width="401" height="137" title="BianLian Ransomware Victim: Aarti Industries Ltd[.] 6">

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/redpacket-security/
Title: <img decoding="async" src="https://www.redpacketsecurity.com/wp-content/uploads/2023/03/linkedin.png" alt="linkedin" class="wp-image-68012" width="432" height="124" title="BianLian Ransomware Victim: Aarti Industries Ltd[.] 7">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd HTTP 301
https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Request Chain 42

https://www.googleadservices.com/pagead/conversion/4209956877/?guid=ON&random=1686537978372&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&ig=1 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7oSGZKrbIde2qAGX-pjoBA&sscte=1&crd=&pscrd=IhMIqoqEz9m8_wIVVxsqCh0XPQZN HTTP 302
https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqoqEz9m8_wIVVxsqCh0XPQZN&is_vtc=1&ocp_id=7oSGZKrbIde2qAGX-pjoBA&cid=CAQSKQBygQiDu4Dvxv4-6jtBNm1t45bEY2mj3pF8Z-5S_4kyepTgU4BXwc3b&random=683335382 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqoqEz9m8_wIVVxsqCh0XPQZN&is_vtc=1&ocp_id=7oSGZKrbIde2qAGX-pjoBA&cid=CAQSKQBygQiDu4Dvxv4-6jtBNm1t45bEY2mj3pF8Z-5S_4kyepTgU4BXwc3b&random=683335382&ipr=y

Request Chain 43

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=1686537978372&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&ig=1 HTTP 302
https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&random=1686537978372&fst=1686535200000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2342828014 HTTP 302
https://www.google.co.jp/pagead/1p-user-list/4209956877/?guid=ON&random=1686537978372&fst=1686535200000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2342828014&ipr=y

Request Chain 56

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1&google_push=ATf1kGOjT_qL5WByzWFuIrSaBVcbAp08XUIf83cVMeY04zYaqdjxwDtWzN542fm1D7_d6pJHlwRNec04HgTUFb67L6pwBA8wEYapQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxNDU2Mzg0MzI3Njk2NDEzMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1

Request Chain 94

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGPk1I8mZ1E6E2QVqDyRHoJpOMjLePAPwN4yYHkH2lZTLHUEHD_XibvURiWzMK9aticZ72v0j9hA61hfEtWILew2VIix7JAhWZQ HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=732a5b83c8271b39&is_secure=true&networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGPk1I8mZ1E6E2QVqDyRHoJpOMjLePAPwN4yYHkH2lZTLHUEHD_XibvURiWzMK9aticZ72v0j9hA61hfEtWILew2VIix7JAhWZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANPxci67m3fwNIc9k9AAAAAAA&expiration=1686623855&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_push=ATf1kGPk1I8mZ1E6E2QVqDyRHoJpOMjLePAPwN4yYHkH2lZTLHUEHD_XibvURiWzMK9aticZ72v0j9hA61hfEtWILew2VIix7JAhWZQ

Request Chain 95

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHqSWhcP-z4wsejLRRcLdLM&google_cver=1&google_push=ATf1kGNhAD_a3bHroNIwJqojJ3RS-YJDxd7sR8i-3MxBEQgQBpMNX5RfCzRGjbTZ3SpgrW_N4IpFwCn6bEBFEXAaXvs-QGRys216jiM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNhAD_a3bHroNIwJqojJ3RS-YJDxd7sR8i-3MxBEQgQBpMNX5RfCzRGjbTZ3SpgrW_N4IpFwCn6bEBFEXAaXvs-QGRys216jiM&google_hm=eS1QTUw5NF9CRTJwR2R2LlRmZ1JJZFl1T29fLkJlelgwS35B

Request Chain 96

https://s.uuidksinc.net/match/47/?remote_uid=CAESEDkrwCE5pnghuTdVn_XYLQQ&c_param1=ATf1kGOUr4HWDuZPAzXcaZqRz0Bkxsjc0vNuKcHRUKfcNf5K72REIhW6zuf0tigseef9YzHhaXIo6nSLIZ7Fakg5mC9vHG-focvEtnQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOUr4HWDuZPAzXcaZqRz0Bkxsjc0vNuKcHRUKfcNf5K72REIhW6zuf0tigseef9YzHhaXIo6nSLIZ7Fakg5mC9vHG-focvEtnQ

Request Chain 97

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAixdC723-VNjmvz3YYGA04&google_cver=1&google_push=ATf1kGNbdL10Kv3LGCIDbexFZHVlXSH332x1o6zDZZngnrgoNTMr6UCkKTFYgV25KgqbQNS0JvI9cjbFFykYDUSKK9A6Di7q92vJrBI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNbdL10Kv3LGCIDbexFZHVlXSH332x1o6zDZZngnrgoNTMr6UCkKTFYgV25KgqbQNS0JvI9cjbFFykYDUSKK9A6Di7q92vJrBI&google_hm=QlMuY2Q0MC04MDhiLTQ1MGUtYmU1NQ==

Request Chain 98

https://an.yandex.ru/mapuid/google/CAESENhOt7scmNUrYjOsC_2fnAg?ext-param=ATf1kGMm04VhFQOiKdNiDTHe722ImgrI_Gr2-FXnypSULk6hHjNCbnPkfUbb-goMwnmwfptpfpeN1YKDktEnQcPEZjW5dPZJcnwMOMcB&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESENhOt7scmNUrYjOsC_2fnAg?redir-setuniq=1&ext-param=ATf1kGMm04VhFQOiKdNiDTHe722ImgrI_Gr2-FXnypSULk6hHjNCbnPkfUbb-goMwnmwfptpfpeN1YKDktEnQcPEZjW5dPZJcnwMOMcB&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESENhOt7scmNUrYjOsC_2fnAg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 99

https://trace.mediago.io/cs/google?google_gid=CAESEMh62hsKs2peAGmMSUfnjmY&google_cver=1&google_push=ATf1kGMCcqvUP6r39ZSMQ-OAN-49oucYSM_QXCEo5CfLWniyl3Jlieocjls5bGuJ8BDfM8btQAqt4n2Rzjl2UtAnbETFTBTdu9h6JC42 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMCcqvUP6r39ZSMQ-OAN-49oucYSM_QXCEo5CfLWniyl3Jlieocjls5bGuJ8BDfM8btQAqt4n2Rzjl2UtAnbETFTBTdu9h6JC42&google_hm=cdda89a52de1959575c64bc507a28d0d

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 113

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1&google_push=ATf1kGNwYYpkB05fBe4xDSuE16EJmNSokr-lZyw68yxDIbvr3W5XlwJ7Pb3NfRJitM2yJBWjAN3VGOM2WvCYJDrMfZvrpzRKPEArSQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxNDU2Mzg0MzI3Njk2NDEzMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1

Request Chain 114

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB_8BD7_zJUwrRJZFCZ7uNA&google_cver=1&google_push=ATf1kGPITfZFcJmtyIiZTr23vkUHFQxXJpMdy6r8pQuRUHfvqUXit56CBdZlU7Mpnrha4W2AfJ4NYcJvhsMKgPhQCmYwwWasUsruTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ATf1kGPITfZFcJmtyIiZTr23vkUHFQxXJpMdy6r8pQuRUHfvqUXit56CBdZlU7Mpnrha4W2AfJ4NYcJvhsMKgPhQCmYwwWasUsruTg&google_hm=D5NTwm59Rj-ddbqe8Omu2Kc

Request Chain 115

https://fksnk.com/cs/google?google_gid=CAESEDioDaMiM31EKiMAYhhvMpo&google_cver=1&google_push=ATf1kGOe8-3iuV9hv_NuEj0lqpMlVAC2wuqQmGzzFcpJn4lluav6njM8QEPKLVGbBvxsBqk2IY7eESwsavOck9EYALLanyLP2a3OZjY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUU2NzM3MDk3QTNFRTk5RQ==

Request Chain 116

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE94cj-D8pZTfk7jNdnb_LA&google_cver=1&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lXuCttbbl1yhYQBrCrHhry_Ds-smKc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE94cj-D8pZTfk7jNdnb_LA&google_cver=1&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lXuCttbbl1yhYQBrCrHhry_Ds-smKc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNzcyOTYzMjQ4NDExMTMwOQ&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lXuCttbbl1yhYQBrCrHhry_Ds-smKc

Request Chain 117

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAixdC723-VNjmvz3YYGA04&google_cver=1&google_push=ATf1kGOWua6zHPWOEt339cLHBPI66ga4E0-nx393HVqNCakggxNHE-hI9_EwnJK2tVblew5njbHGLhuYDjvLbQfALABegVwCbrWXY-OJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOWua6zHPWOEt339cLHBPI66ga4E0-nx393HVqNCakggxNHE-hI9_EwnJK2tVblew5njbHGLhuYDjvLbQfALABegVwCbrWXY-OJ&google_hm=QlMuNTAxZC1lMTc3LTRhMTAtYjBlMQ==

Request Chain 118

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDxh8btcjePf6QQMvdIiQDA&google_cver=1&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOggqa3br09S6Yik4FU3Nn8axzhFx HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEDxh8btcjePf6QQMvdIiQDA%26google_cver%3D1%26google_push%3DATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOggqa3br09S6Yik4FU3Nn8axzhFx HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A5443252895014232376&exchange=193&google_gid=CAESEDxh8btcjePf6QQMvdIiQDA&google_cver=1&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOggqa3br09S6Yik4FU3Nn8axzhFx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU0NDMyNTI4OTUwMTQyMzIzNzY&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOggqa3br09S6Yik4FU3Nn8axzhFx

Request Chain 119

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENKTCyG6vXrQBVKePsUxVbo&google_cver=1&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXhfSBov82YIk3FN1Pa-RIQgdHeckSwig4gKAmiEhPg HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENKTCyG6vXrQBVKePsUxVbo&google_cver=1&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXhfSBov82YIk3FN1Pa-RIQgdHeckSwig4gKAmiEhPg&uid-set=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXhfSBov82YIk3FN1Pa-RIQgdHeckSwig4gKAmiEhPg&google_hm=NDJ6OUNmdDhZMlM=&suid-set=1

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEGZlBc6e6zP46Mi9f8NQ6hw&google_cver=1&google_push=ATf1kGP0-ovPZcx63zaZJok0k5hOWyaXnx4zxNQiloEyJfGLhrH_gK1E4Zy82gp254Yb6vnApX8UeU1SP3ofuX8qLZ_azDa5uqO-Osg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGP0-ovPZcx63zaZJok0k5hOWyaXnx4zxNQiloEyJfGLhrH_gK1E4Zy82gp254Yb6vnApX8UeU1SP3ofuX8qLZ_azDa5uqO-Osg&google_hm=WVpKcmhjVGthOUlzSHZkNm90ZXo5VE9BdllF&from_google=pc1

Request Chain 143

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEM_-Vq_5lNpPXiMuvOks8kc&google_cver=1&google_push=ATf1kGMpo_Y3V473jOtD0rWXo5wAS6lDr_7oOaHQaU19ThU_Bb3ZFjPLtdnwDkD--iV1u7qteT9QoMB4DePog7XyhRlIzLOlXW_YO-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGMpo_Y3V473jOtD0rWXo5wAS6lDr_7oOaHQaU19ThU_Bb3ZFjPLtdnwDkD--iV1u7qteT9QoMB4DePog7XyhRlIzLOlXW_YO-Q

Request Chain 144

https://fksnk.com/cs/google?google_gid=CAESEDioDaMiM31EKiMAYhhvMpo&google_cver=1&google_push=ATf1kGOUGzToWkf9_j7bfQ5C5vXOwzQ13A50LRue-V6sJUNRvM19v2JH0ZB7mC2JDpJNpCH38-ELEmzrJFGqDokErzPo0t8_aXgSbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkM2MjZENjc4MzlGRUJBRg==

Request Chain 145

https://a.c.appier.net/gcm?google_gid=CAESEA4vCVFC9LhbYaSRYtiE_YI&google_cver=1&google_push=ATf1kGOoerMNEXi6tlDj1fh34aMGZ7-jcL9LBncBKTPTQFAhtvuIRVROwojIb74pAyRRJ--QrDVc2BQEI51MJe3FCcsT0BRZnj6Rfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OEZmOE5SRExEREthQzBaMDhJU0daQQ%3D%3D&google_push=ATf1kGOoerMNEXi6tlDj1fh34aMGZ7-jcL9LBncBKTPTQFAhtvuIRVROwojIb74pAyRRJ--QrDVc2BQEI51MJe3FCcsT0BRZnj6Rfw

Request Chain 146

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEC2n0OQLlxp30OUfoOpcyxE&google_cver=1&google_push=ATf1kGM0nk43QAONhpQ_IjcAkItY3S4MI_TuZ2Iwd0YKw0pzS6Qw6Oa-76WxllYmu5wCLq5yPSJko5KsgdzkYPwAk_vssUlER0llqzI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGM0nk43QAONhpQ_IjcAkItY3S4MI_TuZ2Iwd0YKw0pzS6Qw6Oa-76WxllYmu5wCLq5yPSJko5KsgdzkYPwAk_vssUlER0llqzI

Request Chain 147

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJjwJ9av6Skhb9H7wtg1ziY&google_cver=1&google_push=ATf1kGO70bkHMchIqmEJ74Gg6owG_eteS_NTo80X_EqI1Q1Nw0THm3mFqTton4X7r_Bahp14BDMwYzmi691FwjoMaxJnwWvFf-oYoQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Yj_aq_bGVy5_K7TD6xHUodmK_Kc&google_push=ATf1kGO70bkHMchIqmEJ74Gg6owG_eteS_NTo80X_EqI1Q1Nw0THm3mFqTton4X7r_Bahp14BDMwYzmi691FwjoMaxJnwWvFf-oYoQs

Request Chain 148

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL8h4P8Ow43jwbI6Rr2pN6c&google_cver=1&google_push=ATf1kGO-9S9aJAtAshGfIcNpzJJMLwqLLNozy1CiCuO5f762rQqa40R5TrY_Zkni3jsKqKxARXSCIoOBbhQj4xrLfLq9mdC_uWOa-5-I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YmZkOGFlYWMtYmVhNS00NzBkLTk2YmEtNzMwZWEzMzViYjcz&google_push=ATf1kGO-9S9aJAtAshGfIcNpzJJMLwqLLNozy1CiCuO5f762rQqa40R5TrY_Zkni3jsKqKxARXSCIoOBbhQj4xrLfLq9mdC_uWOa-5-I HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 168

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGNCPbvfjO3Q9QuRlLG4Y2qI891Vc_ecEal4RslEnjbpf9T7zXqnw6QcRkzq-Bwd58iGnrTrWKRsTmjpFSaANTSvg1WcdROqAJpj HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=563df0925bd920cd&is_secure=true&networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGNCPbvfjO3Q9QuRlLG4Y2qI891Vc_ecEal4RslEnjbpf9T7zXqnw6QcRkzq-Bwd58iGnrTrWKRsTmjpFSaANTSvg1WcdROqAJpj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJq-lNHtT72QN4Gg5IAAAAAAA&expiration=1686623856&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_push=ATf1kGNCPbvfjO3Q9QuRlLG4Y2qI891Vc_ecEal4RslEnjbpf9T7zXqnw6QcRkzq-Bwd58iGnrTrWKRsTmjpFSaANTSvg1WcdROqAJpj

Request Chain 169

https://um.simpli.fi/gp_match?google_gid=CAESEOwOKpIF3jL0Oz0dk_i0e8w&google_cver=1&google_push=ATf1kGOfc3U2UVge-S5yKqhtNsqg4OfZ-Pu4I05mcwLkm_SLj13MKCoryVDoF91kwtyuonE_0nLI91X2iM_Nw3An2sRx2rGiY_JlTnEi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7DD6285520D546F5BA39FC4E8F213912&google_push=ATf1kGOfc3U2UVge-S5yKqhtNsqg4OfZ-Pu4I05mcwLkm_SLj13MKCoryVDoF91kwtyuonE_0nLI91X2iM_Nw3An2sRx2rGiY_JlTnEi

Request Chain 170

https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGPcM3-shv_QZteaEeur2s_SUHsHxZIUDflw7hYtSsrPZMZi74c8oPM88uGHCg7i78D3cdQHrpSr6HP_af_Uj-5lb3dwvguba81w&google_gid=CAESEMa0gzA5eJBgGEEqvXCJSa8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPCJmqQGEgUI6AcQAEIASnRnb29nbGVfcHVzaD1BVGYxa0dQY00zLXNodl9RWnRlYUVldXIyc19TVUhzSHhaSVVEZmx3N2hZdFNzclBaTVppNzRjOG9QTTg4dUdIQ2c3aTc4RDNjZFFIcnBTcjZIUF9hZl9Vai01bGIzZHd2Z3ViYTgxdw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwV29JWmV2ZUxmdzd2VUtxQ0RlMmFsMmE1M3hPcFZidW02ZjRmSUNUUms5UQ==&google_push

Request Chain 171

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGO1DoYwrxmwGosOOQqxdCwwM_n5LVnkX64aM1UhXB6-zu9BY_cd3hv0xc5WJ0DwDsmbAxocxP2uMANsXz2U95W8_qMh13RnihBD&google_gid=CAESECgCtfoe1WcdTrgcaTorRfw&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGO1DoYwrxmwGosOOQqxdCwwM_n5LVnkX64aM1UhXB6-zu9BY_cd3hv0xc5WJ0DwDsmbAxocxP2uMANsXz2U95W8_qMh13RnihBD&google_gid=CAESECgCtfoe1WcdTrgcaTorRfw&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MTIwMjM3MzcwMDA3MDg1OTQ3MTM5OA%3D%3D&google_push=ATf1kGO1DoYwrxmwGosOOQqxdCwwM_n5LVnkX64aM1UhXB6-zu9BY_cd3hv0xc5WJ0DwDsmbAxocxP2uMANsXz2U95W8_qMh13RnihBD

Request Chain 172

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEC2n0OQLlxp30OUfoOpcyxE&google_cver=1&google_push=ATf1kGNjFgbUzmhSj7SzFWpdGIsIsCAyywIkE1ZqxjMOthezYTARinmth_ePL0d9Su3NzspAFBWRbzRufIOD263jh4kiCZcbj84R5qMI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGNjFgbUzmhSj7SzFWpdGIsIsCAyywIkE1ZqxjMOthezYTARinmth_ePL0d9Su3NzspAFBWRbzRufIOD263jh4kiCZcbj84R5qMI

Request Chain 173

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEERbdliTtfX_BQKEZtd6qYg&google_cver=1&google_push=ATf1kGP3mIZJ7HYdP1hvp3FKd7gYYeuib9Lk2ZzOA_ukZPYsLH8CeXVbjtEOeh2-ioFMByr26i6e4sT2gtSBZf63JmBapoWE2xJZifna HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGP3mIZJ7HYdP1hvp3FKd7gYYeuib9Lk2ZzOA_ukZPYsLH8CeXVbjtEOeh2-ioFMByr26i6e4sT2gtSBZf63JmBapoWE2xJZifna

Request Chain 174

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAixdC723-VNjmvz3YYGA04&google_cver=1&google_push=ATf1kGOZO5DH_36OmP9F5iR1xWl8TAMpGmJkbFMOX30LoAFqAXe40SG5vO7KRjUv-ykzOaI9wAxI2QJ9wdb1r4K9zkYlzcfQy4Ww13EQSQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOZO5DH_36OmP9F5iR1xWl8TAMpGmJkbFMOX30LoAFqAXe40SG5vO7KRjUv-ykzOaI9wAxI2QJ9wdb1r4K9zkYlzcfQy4Ww13EQSQ&google_hm=QlMuYmVhOS1hMDFjLTQyOWQtYmE3MA==

175 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
Redirect Chain

https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd
https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

748 KB
58 KB

769ms
767ms

Document
text/html

2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64cc07f85a1736728ba8ab9a318a71a02c220869e0d2a13b26e6d4eb1e45e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=43200
cf-apo-via: tcache
cf-cache-status: HIT
cf-edge-cache: cache,platform=wordpress
cf-ray: 7d5eb66c2cacaf4c-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Jun 2023 02:37:34 GMT
expect-ct: max-age=86400, enforce
last-modified: Mon, 12 Jun 2023 00:54:40 GMT
link: <https://www.redpacketsecurity.com/wp-json/>; rel="https://api.w.org/", <https://www.redpacketsecurity.com/wp-json/wp/v2/posts/77987>; rel="alternate"; type="application/json", <https://www.redpacketsecurity.com/?p=77987>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siRgGWaklWJZOXgZ0qekwGNi%2Ff5NUsjLo7DKXvGMPVYx%2BECjOU9bP%2Fg3Sdn5osSRt0zL0Vy8pxI7uBqYR%2FoGAH53BT6xxckvksICsT8GxBCEf3knBXcYx6zgIKbRbantjY5glxeNSzWf1GIh4uJConSbvU7muU8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding,Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-html-edge-cache: cache,bypass-cookies=wp-|wordpress|comment_|woocommerce_
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=43200
cf-apo-via: origin,resnok
cf-cache-status: MISS
cf-edge-cache: cache,platform=wordpress
cf-ray: 7d5eb6674934af4c-NRT
content-type: text/html; charset=UTF-8
date: Mon, 12 Jun 2023 02:37:33 GMT
expect-ct: max-age=86400, enforce
location: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3LK5gOqH2OE42NCL5cwC5hyVujnz%2BFezFOqAlC7k28LnfBnkhJVRpyfb%2FqGVeisDLEwM6w%2BoLfmegdS48%2F5kALi0CtFCV6iZhB6kVnnt6xJTo5lC3ZcNaWfJuOnJhVI5nEx1vkkdqx%2FG%2FyGzw%2Fbsbveg2kmMhM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding,Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-html-edge-cache: cache,bypass-cookies=wp-|wordpress|comment_|woocommerce_
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H3 200 style.min.css
www.redpacketsecurity.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 30 Mar 2023 06:10:12 GMT
server: cloudflare
etag: W/"642527c4-17ced"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oshCUxU6svIS8ywvDoKGsdi3zczTyDYCoDIE7hZn1brHSM0akvNpaoHshH5aTwGrTupVbl761sAaOrbOqiXXxKS575PR4gddQH4qaM%2FtQWd4BLA06%2FCc0o%2B97jXNVP54JmQm80BHL6z7Wxh%2BUD9%2BdkrXRlmfjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6710beee082-NRT

GET
H3 200 classic-themes.min.css
www.redpacketsecurity.com/wp-includes/css/ 291 B
789 B 17ms
14ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-includes/css/classic-themes.min.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5180
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 30 Mar 2023 06:10:12 GMT
x-accel-version: 0.01
server: cloudflare
etag: W/"123-5f817f20a0aff-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4l%2FeWuqtFXpSWRUPGUL6lPNHqrmJXEQiS9kNM0cCykVUV0HXQUdBGVACEEZtKVKlNdIhIftqxUzZsWMuHgulCaq0Vjh7dqx6xVxvykfmrMZyDjYwbOQ29NDn3srw3tvHkTzUgOXWmJrunNt0rG7O0I6eArc5VU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6710befe082-NRT

GET
H3 200 app.css
www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/css/ 2 KB
1 KB 23ms
21ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/css/app.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af12f7592b4d8f6b8483bd9bab081ecf35abe485d5315fb0ecf30559ac2bd9cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=3028
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 11:40:18 GMT
server: cloudflare
etag: W/"64087422-bd4"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2HQ%2BEvuQflJhVGda6Qd7i4ZOpd4iTb30TIxBsKyCw2z%2FtGQDfrLJnTkZBUn0KMNZgpKY8pS1bvWihI0UhlEeXzpbkD4%2FiXW4ea5MW4tbQwF%2FguM0Gy8m9IZzqs6SJA0pc3EPnF%2F%2F7n%2FRBkCBCvgx43arJPnakA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6710bf0e082-NRT

GET
H3 200 style.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/ 62 KB
13 KB 21ms
19ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/style.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84781d3e65130fbcee9c8813916246764b2e335a6a4827009f817c3ca74c3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=86759
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-152e7"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ei12JBzGkOEtyVuVErEyi1nfu8%2BYaJBVKKg%2B3JgRNhfbThQ6olyVSA2W5XwL6X8MGIlYL0IFi1vWcy3BhjV%2BBn9mSmeup8LEC7EeBtxR7d4KNQh2BzjTtkIN%2B0j7XmOJfVvNvJcDKalOJmydmwC7E85hqyvHn4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6710bf2e082-NRT

GET
H3 200 bootstrap.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/ 156 KB
26 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/bootstrap.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d9a4ac74e536c050e8c6c9a95941e5009411ae61e9c2bcd8371f638b2ec661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=207350
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-329f6"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFMHIYZZLpbNMoidxB0PyvyvrNPeQ1egsqdvycb0fXpmu5B0j%2BtY0ec9%2Bd%2B7OKrmZkAOtMiBq9AAGTe5mUgIh0XRzAsMP8AXcry1gMWFSefwA8NVURA9cUG7YaDZr4k6inYFtK9b9GSdzldgrNq2Uhua6eN0Ka8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6716c3ee082-NRT

GET
H3 200 style.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro-child/ 33 B
644 B 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro-child/style.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc8d78c3ca6dd5107af31e3be7ca4d654b83535d1d4ca90eab8e48b80be638c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=104
alt-svc: h3=":443"; ma=86400
content-length: 33
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 13 Mar 2023 22:46:20 GMT
x-accel-version: 0.01
server: cloudflare
etag: "68-5f6cfe13152a2-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FizrwZz1FYGLp5qZoLFOEVM06140KuSA5IJEEJRiLWTEHrYuHCndjVr03aqJgH6fKRTMM1yjpOeDdgbvr8z7wKoGr1%2BBA5POGM5Pefy9gjPxUmDbWdad4oT0PU%2FCfoYzsOjeVU5Pmi0F65mAONXUdnYWt4OUl4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb6717c3fe082-NRT

GET
H3 200 red.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/colors/ 28 KB
5 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/colors/red.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9406aee544bd9bac6160613181b2ae09f5d3d73b1b4e7a56d62184e260315071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=35513
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-8ab9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP1H2UnOfmTolIf6c4kJFZOAm8%2BdFzf95ufYEXVJICwCwsqn6h1PwDrLWAN5NyCxYyrecTCJB6BZhrL8g0TB4d3oZib3yLclERd9LrpuU2tdV0owjih9PSX6NQmmayWTrwzuD71%2BsAntlThyY5jJFQ%2BOU4%2Bgqvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6717c41e082-NRT

GET
H3 200 light.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/colors/ 92 B
678 B 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/colors/light.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=129
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
x-accel-version: 0.01
server: cloudflare
etag: W/"81-5e17b59d731a3-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBn%2Bcc42h5k%2FNKsyX88YUcyFQ6jKK6R9lqy9GdGLeLueXGJCSu8XIIgDRBUVlp7GmVOM%2Bc19puVWwOcL1v2n06Yqq3cR22SEzB4M6pLZhF7iZOwjgpc9h%2Fq2MFNnMgwH2ebzrmKTxuEj3gckMG7bie7l5O5d%2Bog%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6717c42e082-NRT

GET
H3 200 all.min.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/ 55 KB
13 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04aec4107954c62d888f138cac63e9fd4508ca8bfcdaf9a9e3ade5eed2333b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-dcc9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQRaIlHtXDvza6WMR8X66uUps58tT%2BNIpKenr1RHAedFP%2BlH7q3toQwvywyDJ3e%2BIrutWjBnu1IclnBPHVr5njnpdjj9vxHVehU81xABTTc8ryIgpHjtlTxw%2BCsBv3euEP6OHe4qyquLM5hyWLoCuFL5BEUjSkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6717c46e082-NRT

GET
H3 200 v4-shims.min.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/ 26 KB
5 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/v4-shims.min.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2be9c7c3f5b1cfa7055b5f64d499416c9b680b0b6030677c323164358f49a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-6806"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MmK73kQXtvM%2FhZvb%2BUL4k%2Bc0kkwbyjYPgQWZSBWCeSN7qllfuH1XilyUkUQicg7wcDMdPtpn%2FV%2Fe01AwBrkdoKim04RWRUnBAOilaX0jmDzrPSEeYnu0XNxkm4h0JblCWswC2JL5xsL64yWeP5yfrWuF00qtkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6717c47e082-NRT

GET
H3 200 owl.carousel.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/ 1 KB
955 B 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/owl.carousel.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-60b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RodKdswI4eajkiWAxCK%2BE8kxpkpJ1SO7EREjCrs5x81hfwMIg7ZhVmoVVxmmvz6z5Luk%2BP%2BlqygvPzNPdf0oBlekdjb9umKfVQp0OlWYHA3ZKCCnJ8HBp2hcY2z%2FHEl2m5oPl7hV%2BIJOK%2BN%2FMnZZ4w3aAdCx32A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6717c49e082-NRT

GET
H3 200 jquery.smartmenus.bootstrap.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/ 3 KB
2 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/jquery.smartmenus.bootstrap.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b67a14d3266023e71ecdf6bbb6376034a486e07e1da880f536af90fb1c07711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=4059
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-fdb"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7p%2FrIrPLnmJ69Ehwf0I6w94oliW9115DJz8a3SWAmuPTCGi2%2F9UaWb2YO5nu%2BuEHGgMeqYRfUDmuPiPr5xgRgyNGrDLOCw6p8l%2Frvks36pojEKR7NQDEUJDQ1NMpx%2FP5Vy5J19TXEeajI9CH1j6mmwWVdTtxX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6717c4ae082-NRT

GET
H3 200 front.min.css
www.redpacketsecurity.com/wp-content/plugins/cookie-notice/css/ 5 KB
2 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 30 Mar 2023 06:12:28 GMT
server: cloudflare
etag: W/"6425284c-14d6"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOI0uNL9r15RDGc5bOEMp6%2FdLvvYzjpcMyRGjmT%2BeboEBfhAVCAbg04N4XOEWlDuPVkhPTlsPQEknwCzyUvFLTIYhMk%2FJtMtoKz7m50o66anZC%2F4M%2FAJOEiZlL6OK5V%2FywV0VfFaaQ9QFPMcoFO%2Fyah7JCcOzPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6717c4be082-NRT

GET
H3 200 rocket-loader.min.js Show response
www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 4ms
4ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 May 2023 15:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6476145d-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4wCowHK3n9BspriVnnJS0rIRuFMLso5hBj6sTvK83JGOp2EV%2BsHgRMcNA%2B2oqK7hgWzbyKCEE%2FWYt%2FMyw%2BhTl6nKd1wMVAsnuq%2Bh%2FqUbdPFFM8S3kP3nZLPYKhY31DiqafX9AOGk584BtyuAcgRgQ3hq8%2FBSE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d5eb671ac71e082-NRT
expires: Wed, 14 Jun 2023 02:37:34 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 47ms
31ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
Origin: https://www.redpacketsecurity.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d5eb671cda3af79-NRT

GET
H3 200 style.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/ 62 KB
13 KB 18ms
16ms Stylesheet
text/css 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/style.css

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/themes/newsup-pro-child/style.css?ver=142d6fe857b1a21ec21f43a764ed4951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84781d3e65130fbcee9c8813916246764b2e335a6a4827009f817c3ca74c3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/wp-content/themes/newsup-pro-child/style.css?ver=142d6fe857b1a21ec21f43a764ed4951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1548
cf-polished: origSize=86759
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-152e7"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYeTkCCEloy7293kFoYlhTjgOB88az0TOn3RjTWXxq33Bdci5r6WUqUMLV%2B8Pc3yX6ERI%2Bruk4RTbWleqyedSohk704tMv3ugZ0ak5dsKmuL5ZReIfagDsTT7fsCFBoYD4K6aARH8IkWKhrSjZPBUMMDNQjylH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6719c62e082-NRT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 head-back.jpg
www.redpacketsecurity.com/wp-content/themes/newsup-pro/images/ 214 KB
215 KB 13ms
13ms Image
image/jpeg 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/images/head-back.jpg

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c304be164d697444f4c480c7052ca7a25708686194dec476c55fbd500599f29c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=219160, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 219152
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: "62a9cb44-35818"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LELg8STU7kuaUZnyCzPiUlG%2BPSO3%2BRjW%2Fajt0iRgZK%2FrhHcKgtAIXZLdusIXNoT4DmQ27Wgvd8IX88ukCnVWVAZPTZLUS0Z29dirn7lI8%2B5tkbgR3WXLZSG4hW%2FFAwdCLL%2FkwhU9fhClaGtaI4j6QZ9KdlYPnSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb6720cc3e082-NRT

GET
H3 200 CISA_Logo.png
www.redpacketsecurity.com/wp-content/uploads/2021/08/ 96 KB
96 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redpacketsecurity.com/wp-content/uploads/2021/08/CISA_Logo.png

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24150d9ceec5701963b92df657209014574771b945c777f337c02eea312c920a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origFmt=png, origSize=117138
content-disposition: inline; filename="CISA_Logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 98102
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Aug 2021 20:17:23 GMT
server: cloudflare
etag: "61240253-1c992"
expect-ct: max-age=86400, enforce
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCpe2diwou%2BTij%2FD0Itri5mfjIYaaH%2BwMxhKkRlxtOfLlZF8OH2rzygqxchQWfk9L3agwNKaF9heZrQJHXmk41CDHgBj6o2laZX0CMQg0UK6Uf%2FiQmuFC4v5E2WnsKixChRlExe5L7C%2BXwch1f4H4UsV0o44%2BGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb6720cc9e082-NRT

GET
H3 200 QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
www.redpacketsecurity.com/fonts.gstatic.com/s/worksans/v18/ 17 KB
18 KB 28ms
28ms Font
font/woff2 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
Origin: https://www.redpacketsecurity.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1136998
alt-svc: h3=":443"; ma=86400
content-length: 17912
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 23 Aug 2022 17:55:25 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IgshYKjOIurYIpQV6KN224fhuz2FQ70%2F4npgwl0xMpf5Uvu7d1rrqGmiiw1eWieLIlDtmF%2BTNZACFbN8eyF%2BNGio8yytmvghWi5ND5gSEOHE8H25uuHD3m59z%2FV7GSetvqmrdmmtv69LoL0swgj6%2FmYv6EuyRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 7d5eb6720ccae082-NRT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
www.redpacketsecurity.com/fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 23ms
23ms Font
font/woff2 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
Origin: https://www.redpacketsecurity.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1031206
alt-svc: h3=":443"; ma=86400
content-length: 30928
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4GYH0VtDNQRtiN09RplOggu05GVNvlcNJDprCyZFBKF926deD8dZTk%2Fs7K3bMegVG%2FlZowR598Kr8MwnlmQJnm1St9nBEAaVFBo%2F72BLSHtR27R2MhXsjjqbavGqnkgEMbiWwHr8kICZzf1Il%2BFFpjktuK7m2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 7d5eb6720ccbe082-NRT

GET
H3 200 fa-solid-900.woff2
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/webfonts/ 74 KB
74 KB 17ms
16ms Font
font/woff2 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=142d6fe857b1a21ec21f43a764ed4951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=142d6fe857b1a21ec21f43a764ed4951
Origin: https://www.redpacketsecurity.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
alt-svc: h3=":443"; ma=86400
content-length: 75392
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: "62a9cb44-12680"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIv5rqKsOVdkhZQaIABY3iCsobLIulYmhXVaHd4FF7ltyzpG0lfbZJn4NSfWVCaVOfeKhFpqCwhza6eSZyfomtWoxVVS%2FKE0jLbWfDuskqEZF9kgUm47jVw7Dvw7fWUxMyABP00FtdyglycR7SVAHoLpZ0RSWCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb6720ccce082-NRT

GET
H3 200 custom-time.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 190 B
731 B 24ms
23ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/custom-time.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878507828632957a2a0e471f1bfef8ef64ee4726f7fd03d05d77664823079fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=249
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
x-accel-version: 0.01
server: cloudflare
etag: W/"f9-5e17b59d6f323-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1gM1DX6QfMDOM%2F6GtXoea3QgPsNSqa%2BwfG1jCtAtX4YAyniYMPvZMjBeMg366egrmnzNNt0QRqJm2maz75%2FtI2i2D9UbT3A58U9tLkW5ue25eO%2Bxg0iDI0bPH63NsbuXpRgTrqOaacmuPGXUvXSesLNFVIIHM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723cfae082-NRT

GET
H3 200 custom.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 3 KB
1 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/custom.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e098655bf365af10393cec5be569becfba92d4b3374f5f409ceaa5a3b3bad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=5066
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-13ca"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBR5BS%2F1HOEX2NHI%2FlKs44MIpnnTSX5jsd2spuGMLaDHohDVjWSzBX8pUlhEQecYPizJIjxcjx5%2BR9m1aGOUNMp0BsNvyU%2FdMEZkSX5S86YAWlU44W4v3vie2dvB9Mp2iSLfX7g49DNV4rkt0v5UinW9nNiuidM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d04e082-NRT

GET
H3 200 smush-lazy-load.min.js Show response
www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 23ms
20ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.6

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 09 Mar 2023 13:50:19 GMT
server: cloudflare
etag: W/"6409e41b-1ef2"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1SKKlJwssRx9ZDdDzfCYaQmURlVqGwzTSTabusK%2FcFCmfADNZGhckRg1KqaPJ9XAsYciyeXvsbexDcumkIm6mvmR3x5ygQ%2BIs%2BT%2FdwW7zMwifgr0SqKxZsC2qz1KC6zWjQVkIlHSbMvuCS%2FftqV%2BMiVJl%2F4zkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d06e082-NRT

GET
H3 200 app.js Show response
www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/js/ 244 B
769 B 17ms
15ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/js/app.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d45256c95c1c245654bf298e27d9c538dc778a2ee050ba4678ac2a07f479869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=354
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 11:40:18 GMT
x-accel-version: 0.01
server: cloudflare
etag: W/"162-5f661fe17a219-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stpFdgn59xJZnoskHtExPphLg%2F%2Bab%2FAECH5OQR4I6FO%2FX3Cm%2FNw%2FdmVpfof5v4DH4z32sEaxdi09lrVtds%2BlKWQylFmCNpjCzLg1Iv%2B3yBvFQy7oWSj7jkjjf4lZ9lHIsf2dTktaBX2bJODkINvlQnFRiyniPMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d07e082-NRT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 115ms
59ms Script
text/javascript 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c913c477c0388b87bbefff244fe1849ec7c91cb4fc66e9e87eb50e846817179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.redpacketsecurity.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47336
x-xss-protection: 0
server: cafe
etag: 12044668952604055986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 02:37:34 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 40ms
35ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d5eb6723cc1dfdd-NRT

GET
H3 200 front.min.js Show response
www.redpacketsecurity.com/wp-content/plugins/cookie-notice/js/ 8 KB
3 KB 16ms
13ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.8

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 30 Mar 2023 06:12:28 GMT
server: cloudflare
etag: W/"6425284c-21fc"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8lgfKOCiNOIvmmsQVqcJvUihcD657VwqBA1GqUZoRbzuYRpMop%2BYFnNnlYVLGZWoovZdyhu0USvYwIVDjQso99PTM4sTrlKYz%2Fx8SYYu7bACgceL4mnJQMr6GDuOZJREJz%2B9cXBMZgWYhur4GCG82%2BltoJOb6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d08e082-NRT

GET
H3 200 a01b5086.js Show response
www.redpacketsecurity.com/wp-content/uploads/caos/ 223 KB
79 KB 30ms
26ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09ae1eba333cd32d7950624b7692db45b1d3b7e04330079c2bf844f07552914f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=228980
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 11 Jun 2023 18:04:12 GMT
server: cloudflare
etag: W/"64860c9c-37e74"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KEw5FsYTd7ivChYT4%2F4OvqJeTUCsrKY2bn6eJDuc10JQ3fKmhR2IaAcBPlP%2BHyEZios9yj1ZdIuNxc8QrL1uL7ilYT29RppNLN2JBJxAOwZFcR3ra4FfVc%2BKAhiH2IW4CA4uAN%2BnUDauEIUBsnYzdVD3fzID88%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d09e082-NRT

GET
H3 200 bootstrap-smartmenus.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 3 KB
2 KB 18ms
15ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/bootstrap-smartmenus.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46489b4c55fb6dce029c4ebcaa74c9616a0a89dc3be3e0027d0113c698ed9968

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=6011
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-177b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2Epvp%2FK39MVqYDFuo6RshPEqRuGU486jdU6rOlZLzY21C%2BwMsyTRQSN2UTRcYdLAO%2FOijh8N3C3iAuyCZ18MNhSrJmALjOjoLWLsUdA0UuZvwn0DwApsr1GSBgKMkgWOcw8AeNP%2FNvM5y9ez%2BdvboHwDtB5oEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d0ae082-NRT

GET
H3 200 jquery.smartmenus.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 28 KB
8 KB 18ms
15ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/jquery.smartmenus.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4247183ff111bcf12affd18ba0da4a7a1ff0b4e7e491db67b9562b58d6a29c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=46638
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-b62e"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eNNK0xxwB81dyO9gyafkaOMk7Lt6FkKLsKawuChtcAxTm4kpDwTwkjhFU4qwMTcCaCrbk%2BlLkA%2BU18pukSUGSdeJCGsTWElo9vs%2FCEW0IDZWam8tAztMi6UUeSyCDkfclGCFKyFKfmYU3ecjtcyjymUaZfx8oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d0be082-NRT

GET
H3 200 main.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 314 B
778 B 17ms
14ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/main.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9691e8c38e89f0117aa9aab7dc706fa84ff4c18279a0769cfd90579c897922c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=625
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
x-accel-version: 0.01
server: cloudflare
etag: W/"271-5e17b59d6f323-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I%2Fg31UPAUcb6K4whLuT%2F7w%2BUhZ%2BI2VbCICFEYP5WjcT1T0CikuyXe1kHsYuqxbTf3zhBKcHPpJ8rayiCFi1%2FIkvN%2FaR8iqHqNtub5zE%2FWDu%2BmPYeKdlFLzInl2%2BtBRvOJ1QsqPh6J14%2B07J%2BCtjb%2BA%2BII5P1E4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d0ce082-NRT

GET
H3 200 jquery.marquee.min.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 9 KB
3 KB 21ms
19ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/jquery.marquee.min.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7ec795d6ca0df8d0083c41b1a57aed9a3500897442639a0c24999a749eed08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-2383"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfcDzfC0T%2FpHmsemdXu4%2B8euzyo%2BPUv%2FlHnYhOy%2BHRmB1DXGhnUZkMbPjXDrYnPT2hutv2vRKkplAYtOSbWB6KC%2BwBZCLiaqcy99cI5DnBBhbxmHvg1PfQoRVsk%2BbvnaDiV2C6MAn4VZ5pnZe2NDshfIe79HsXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d0de082-NRT

GET
H3 200 owl.carousel.min.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 23 KB
7 KB 18ms
16ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/owl.carousel.min.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-5d80"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PebffEw4Aze6wspq1oTj%2FC%2FVs%2FRDBz1dlIoQplJ1HVOqmKvNCJJdHO86FnJ%2B0y6aRXAt7TUFHcc365w1zyhSx2IqagsGUc0aQ4mpINopjKsH2zGv6tsH%2B4RYyaM0UilHdAdJ1pQR%2F7vemXpFshYKW1yJOeoO6Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d0fe082-NRT

GET
H3 200 bootstrap.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 88 KB
21 KB 30ms
27ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/bootstrap.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3e511b908f924d06bcd56a2274b737f070823715600c460dc5d593b276f961

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=139600
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-22150"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckHP7I8HZBj%2F%2FB%2F9uHEEXu6dm8%2B4nt01ZxDvhikDPqbdwbbK2b6afWmpQsZgKSw%2B9husu3Hp%2FC1NQH37VryK%2FaHvE69yNqTgcFjX6RluQcOvgCmvwddciiFArOCeK6JPsVZElLDGIZFDPnBGwzpIlumyKGMyuqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d10e082-NRT

GET
H3 200 navigation.js Show response
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/ 1 KB
1 KB 19ms
16ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/navigation.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=2360
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 12:06:28 GMT
server: cloudflare
etag: W/"62a9cb44-938"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDVaUajSVWYMEvuqb8Jb8zBMcXr%2FRwowQWuL9vSFABiD95PWx42Ymyqvuh4lahu9OXbrqfHTRDeuVcAa10PDCV1MWvDw%2BAqbkWZXptY%2FRQkdUnLDhiyt1tZ8dM9yyrgYwayiHAdifkWfKOKEFYI5hZ%2FFkLU%2F%2F2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d12e082-NRT

GET
H3 200 jquery-migrate.min.js Show response
www.redpacketsecurity.com/wp-includes/js/jquery/ 13 KB
5 KB 19ms
17ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 30 Mar 2023 06:10:11 GMT
server: cloudflare
etag: W/"642527c3-3470"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFE6ItoW%2FH4LwWUdwCBtcL%2BaYcG8rDu2u9bg6w5dXVW6ZMUv%2Bf72sKfz2Jf1ylxiSDTt0A%2BO%2FXwmw1xNPoP4TzdCtaPcFTUo56tNl9HrwfFE%2FwSJrxSZspw7lVmL%2Fp2eWHswNXVKEOPOdDVDXijIxUf3z%2FyUlHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d13e082-NRT

GET
H3 200 jquery.min.js Show response
www.redpacketsecurity.com/wp-includes/js/jquery/ 88 KB
32 KB 23ms
20ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 30 Mar 2023 06:10:11 GMT
server: cloudflare
etag: W/"642527c3-15ed7"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddQ%2F0z7ziWKeoS1z6bePCfL72VmqUqwaXZP6LNy1IpEzzW829%2B8wGlIZ7ZawOxws%2B5QdbLWEP%2FvtYd%2FxdabOeFYly9cfsVGQZYP1jrrBCUVNklwa3F6AsTe%2BhCydO0wLmh35DH%2Fab2eYIjIwJO4NZz8gR2QXtAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb6723d14e082-NRT

GET
H3

200

invisible.js Show response
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame 01AD
Redirect Chain

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

24 KB
11 KB

10ms
9ms

Script
application/javascript

2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e71a134923b062c2067c3f60d841a653bfffc9cff895f8854d2fd14361d3d9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5lDsbs2c2ay%2FjCZEVvyxBmjORtBuYYclZiXvAttcCol5oSzXJYO1DV5AUOKd0PhTW2Prl2PF1J2BT5Z5N483Dj3W8jIJbHl%2FtkJJutZ5F7IrU3oaYYLGDmHoeAxtZTTBR3F2dSanl6rIsoq6EFbFKSw1UBPLh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: max-age=14400, public
cf-ray: 7d5eb6725d28e082-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 12 Jun 2023 02:37:34 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56cwmmN8ru%2BBGrx%2Fvlaho%2FZLgrY3MkHLG21%2F7ebUbh7msEKxVanJIhxdqj4%2Fkgi5VcEHFvs6ZRyXVwS0GJ0syltOrAgwyeEc9jETio78pRWcq8ckYDMW%2F0x1nBfiJXFnX93PSAtjsqcNYrRhpRVq91DyVJ2Xh%2Fc%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
x-frame-options: SAMEORIGIN
cf-ray: 7d5eb6724d1ee082-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 s.js Show response
www.redpacketsecurity.com/cdn-cgi/zaraz/ 8 KB
5 KB 17ms
16ms Script
text/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQmlhbkxpYW4lMjBSYW5zb213YXJlJTIwVmljdGltJTNBJTIwQWFydGklMjBJbmR1c3RyaWVzJTIwTHRkJTVCLiU1RCUyMC0lMjBSZWRQYWNrZXQlMjBTZWN1cml0eSUyMiUyQyUyMnglMjIlM0EwLjEyMTY2NTM3NDE5NjU1NzY1JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cucmVkcGFja2V0c2VjdXJpdHkuY29tJTJGYmlhbmxpYW4tcmFuc29td2FyZS12aWN0aW0tYWFydGktaW5kdXN0cmllcy1sdGQlMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62d0ac9d4671a2a8ee7d413ff0d46b0ef6cca6f03a0b133c70eedb0486c49c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.redpacketsecurity.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5f%2FMOCJc6PvbhZ173%2B7A3tMxoflp2ZaELE2YsuNj0ToV3Q79NicxHVZEZQkbmDIeBqGyKaQkP5nFemIFHyEjYBaOv01rTmkG8YeI4b4LKzRu7pCUnYC7gecjL5kB%2B9%2Bm53zm11KcM5eC90RDRIbP2JhAzO23VQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7d5eb6724d20e082-NRT
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

POST
H2 204 collect Show response
stats.g.doubleclick.net/g/ 0
261 B 107ms
35ms XHR
text/plain 2404:6800:4008:c13::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-GN0W0LT7ZX&cid=5306dd76-586e-4b33-9a98-0fbb30627bc8&_u=KGDAAEADQAAAAC%7E&z=1390651686
Requested by: Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.redpacketsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.co.jp/pagead/1p-conversion/4209956877/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/4209956877/?guid=ON&random=1686537978372&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fb...
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecuri...
https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ran...
https://www.google.co.jp/pagead/1p-conversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-r...

42 B
0

48ms
48ms

Fetch
image/gif

2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.co.jp/pagead/1p-conversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqoqEz9m8_wIVVxsqCh0XPQZN&is_vtc=1&ocp_id=7oSGZKrbIde2qAGX-pjoBA&cid=CAQSKQBygQiDu4Dvxv4-6jtBNm1t45bEY2mj3pF8Z-5S_4kyepTgU4BXwc3b&random=683335382&ipr=y

Protocol

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.jp/pagead/1p-conversion/4209956877/?guid=ON&random=601598182&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqoqEz9m8_wIVVxsqCh0XPQZN&is_vtc=1&ocp_id=7oSGZKrbIde2qAGX-pjoBA&cid=CAQSKQBygQiDu4Dvxv4-6jtBNm1t45bEY2mj3pF8Z-5S_4kyepTgU4BXwc3b&random=683335382&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.co.jp/pagead/1p-user-list/4209956877/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=1686537978372&fst=1686537454459&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketse...
https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&random=1686537978372&fst=1686535200000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-...
https://www.google.co.jp/pagead/1p-user-list/4209956877/?guid=ON&random=1686537978372&fst=1686535200000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlia...

42 B
0

89ms
46ms

Fetch
image/gif

2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.co.jp/pagead/1p-user-list/4209956877/?guid=ON&random=1686537978372&fst=1686535200000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2342828014&ipr=y

Protocol

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.jp/pagead/1p-user-list/4209956877/?guid=ON&random=1686537978372&fst=1686535200000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&tiba=BianLian+Ransomware+Victim%3A+Aarti+Industries+Ltd%5B.%5D+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2342828014&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
0 85ms
43ms Fetch
image/gif 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-GN0W0LT7ZX&cid=5306dd76-586e-4b33-9a98-0fbb30627bc8&_u=KGDAAEADQAAAAC%7E&z=1390651686&slf_rd=1

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQmlhbkxpYW4lMjBSYW5zb213YXJlJTIwVmljdGltJTNBJTIwQWFydGklMjBJbmR1c3RyaWVzJTIwTHRkJTVCLiU1RCUyMC0lMjBSZWRQYWNrZXQlMjBTZWN1cml0eSUyMiUyQyUyMnglMjIlM0EwLjEyMTY2NTM3NDE5NjU1NzY1JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cucmVkcGFja2V0c2VjdXJpdHkuY29tJTJGYmlhbmxpYW4tcmFuc29td2FyZS12aWN0aW0tYWFydGktaW5kdXN0cmllcy1sdGQlMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.redpacketsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.redpacketsecurity.com/wp-includes/js/ 18 KB
5 KB 14ms
13ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=142d6fe857b1a21ec21f43a764ed4951

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 30 Mar 2023 06:10:11 GMT
server: cloudflare
etag: W/"642527c3-4904"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vy4VoYo5YIEXQps9YeQJHnxAjLXQADYNNhBquBq%2FYQmtq2%2BM0MbrX49Ivro9To1T6CdHvn4VRl4I%2FSMAgI9MmOrhOhKmQD6PPa%2B6cO37nyv19pNEU7OkPqvvTXZhF38PJlsd5TF0rn%2FRCVpXx1mW87oYEDGqqzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb672bd74e082-NRT

GET
H3 200 pica.js
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 01AD 6 KB
4 KB 9ms
8ms Other
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5076045357e412b65d91f7542e48dff8967cd56d65788573b4c557c712c947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BHAzV9JIJW641byOVyzIxz%2BAVw9T2mQFlWR8C1DbhTJ%2BrOef8kddJJjfJaV0L2qypJv9S05Up0s4eQsanBfOMTY9b8HiHQ4%2BA7lYsAe93mnkVLYZtl9LQzGq%2Fi6nn%2FQ07RLbpVVXtGvpz91bo5qHjXQ3kCU9fI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: max-age=14400, public
cf-ray: 7d5eb672eda7e082-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 a01b5086.js Show response
www.redpacketsecurity.com/wp-content/uploads/caos/ 223 KB
79 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09ae1eba333cd32d7950624b7692db45b1d3b7e04330079c2bf844f07552914f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origSize=228980
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 11 Jun 2023 18:04:12 GMT
server: cloudflare
etag: W/"64860c9c-37e74"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwagZnznms1nK8NAvHmib9wqYYoDlbZiU%2F6PXH9g1TCBnvntg%2F%2FZSz%2FqcJOufjx7Pn6ST5PaIJXyYB6df%2FBuTl%2BzLMnsZ3hUNzZMQR1fh%2F4XI18IsjBVGKWVV0f6phuJSq%2FsmPqn4XoKPyZjX8IcCmUyPjTQsoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
cf-ray: 7d5eb672fdb0e082-NRT

POST
H2 204 collect
analytics.google.com/g/ 0
261 B 78ms
38ms Ping
text/plain 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GN0W0LT7ZX&gtm=45je3671&_p=1928575094&_gaz=1&cid=1412900312.1686537455&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686537454&sct=1&seg=0&dl=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&dt=BianLian%20Ransomware%20Victim%3A%20Aarti%20Industries%20Ltd%5B.%5D%20-%20RedPacket%20Security&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.site_speed_sample_rate=1
Requested by: Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.redpacketsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 35ms
35ms Ping
text/plain 2404:6800:4008:c13::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GN0W0LT7ZX&cid=1412900312.1686537455&gtm=45je3671&aip=1
Requested by: Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.redpacketsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 7d5eb66c2cacaf4c Show response
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 01AD 2 B
665 B 23ms
23ms XHR
text/plain 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/cv/result/7d5eb66c2cacaf4c

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xupqQFLQO527u2JU%2B78eqwVgXsWFajeZZZwPAt%2BfHK02q7up4OsLmXRpz3p09TBSR%2BhVOfoCOD2hDTHYennfhW%2FzT0xs1Mjg2ULzBQOZbQXUk9oEcRtV%2BFSbQYKq7MSJvhJzeqaEWZvrP%2BYuj7Fny%2F7YnvI%2FM78%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7d5eb673fe90e082-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ 352 KB
118 KB 154ms
113ms Script
text/javascript 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2df8bc14a52b6bed030af117677683505692552d773a07b0bfc2ac6c3bb181d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121038
x-xss-protection: 0
server: cafe
etag: 16311257805436999067
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 02:37:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame 5C9F 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 46194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:47:40 GMT
etag: 15057649708203361565
expires: Sun, 25 Jun 2023 13:47:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Redpacketsecurity-small-logo.png
www.redpacketsecurity.com/wp-content/uploads/2022/08/ 9 KB
10 KB 12ms
12ms Image
image/webp 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redpacketsecurity.com/wp-content/uploads/2022/08/Redpacketsecurity-small-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a374b168f61d41e1a7feb4a88f4cb9f2bcd169f21ec8ec9b4e572d4130ffb3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origFmt=png, origSize=10327
content-disposition: inline; filename="Redpacketsecurity-small-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9552
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Aug 2022 19:27:12 GMT
server: cloudflare
etag: "62f2b510-2857"
expect-ct: max-age=86400, enforce
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBoRHU3dfiPBTwI3UT1idup7jFYo14DGg8s3bPbhDM7z0b2GAu%2FNmlCSE6D8UE2ct3%2BaOTYN8PatFCtPywDbmhXWX228SEVaShPBcBrfaiLHAAKs2tibneXR5InhEMlTF9hBnLBighfuEeYFX4RgGQy0621cT3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb6742eafe082-NRT

GET
H3 200 BianLian.png
www.redpacketsecurity.com/wp-content/uploads/2023/05/ 2 KB
3 KB 14ms
14ms Image
image/webp 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redpacketsecurity.com/wp-content/uploads/2023/05/BianLian.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ff3f9235b24e79887e1ec7b87fe275014505d566f5cfe7b5fb790426e2ccb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origFmt=png, origSize=4124
content-disposition: inline; filename="BianLian.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2042
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 17 May 2023 18:29:53 GMT
server: cloudflare
etag: "64651d21-101c"
expect-ct: max-age=86400, enforce
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iPwp%2BaoIrHyO41qgnAYxdo3wsTp%2B%2FFAp0z%2Bi2jYLyDOLMBEyvjg2mBvGzWs1%2Fc0ZmfhK2bWsaPnKMgQ5rn1zOYyc6KzxS0e1emfy2eC1l6SwUmK0oAD5nRPwcLlaRpqTg53su%2BZA0v95wxfgivDfbK%2BDEcahKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb6742eb1e082-NRT

GET
H3 200 smush-placeholder.png
www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/images/ 136 B
800 B 14ms
14ms Image
image/webp 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/images/smush-placeholder.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae394bf43bc39f7c6b3f439de04f6b75288d849a0ecae5000a2452546063647c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1547
cf-polished: origFmt=png, origSize=995
content-disposition: inline; filename="smush-placeholder.webp"
alt-svc: h3=":443"; ma=86400
content-length: 136
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 09 Mar 2023 13:50:19 GMT
x-accel-version: 0.01
server: cloudflare
etag: "3e3-5f677ece9b5e4"
expect-ct: max-age=86400, enforce
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX6bfK29DIpybPx90IOLMR3SSTuo9F%2Fo5Pf5rNDKfAsVqOnNVJD%2Fwt1d6x6VJKGNwSu7dvEDUmapa67wnSNrquLWXLpekLGrNIVVbdkH%2FzHjXngP86GUtAWW9x2I0IjxxwDKpJIx072Ijz28qIC3ouK9rUXqNJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb6743eb8e082-NRT

GET
H3

200

invisible.js Show response
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame 01AD
Redirect Chain

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

26 KB
12 KB

7ms
7ms

Script
application/javascript

2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Protocol

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90e72456d477c3d7038c05025917c24c4bdd847ab3d293617beadc72fdd0515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy%2FyCwpGFtYYqLzvC6rXuDzG%2Fz2DGBeaQIqizX9C%2FQYZd3McsN4kI16TKFUYWAqwqqQocc3%2Ff2l%2Fz5Y3aNHsP2cnNZjR0kiKE%2F9qS0tFBBeko5ZPApOh7U9TVUOSSCfVqn0XEAyYJeLHb1HRToPM0WaowxUCdlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: max-age=14400, public
cf-ray: 7d5eb6745ed3e082-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 12 Jun 2023 02:37:34 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=1BOZH920rAk2I7PNsHug5lttLg1_N8onvRhUOkQdXlo-1686537454-0-AQ6W4x8LAxDvzEwpljz1xMO00kpTgcFkzJHCcIH-BrK-E3ojN8adaoQflkS3hYcvMPcx6bskblaeOObdxKn-XuRgu3cFInQ7sZBqTnqnf6oP2nVYyg3iW_schPGqJ3cQqrQn2uUB8aZSBlbrKmkoRbsoDmIdt4non22hvsQJHRxW; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AruNh7TwERMUEPqtRMJo5jkV8qp3XqK9bd5TQOe3QR0DKGVPWWQxRzy6U4WHyS8hulVMU%2FLdMHHV10Co7Z0JdXFu4MpMnNIbuHdvOq1Ig%2F62qZKV9czq84a%2BWXiLWRzLOBFS5Mzy06Gnfel2tXvKN3FHcN9Gi%2Bw%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=1BOZH920rAk2I7PNsHug5lttLg1_N8onvRhUOkQdXlo-1686537454-0-AQ6W4x8LAxDvzEwpljz1xMO00kpTgcFkzJHCcIH-BrK-E3ojN8adaoQflkS3hYcvMPcx6bskblaeOObdxKn-XuRgu3cFInQ7sZBqTnqnf6oP2nVYyg3iW_schPGqJ3cQqrQn2uUB8aZSBlbrKmkoRbsoDmIdt4non22hvsQJHRxW"}],"group":"cf-csp-endpoint","max_age":86400}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
x-frame-options: SAMEORIGIN
cf-ray: 7d5eb6743ebee082-NRT

POST
H3 204 rum Show response
www.redpacketsecurity.com/cdn-cgi/ 0
148 B 4ms
4ms XHR
text/plain 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.redpacketsecurity.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d5eb6745ed1e082-NRT

GET
H3 200 pica.js
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 01AD 6 KB
3 KB 15ms
14ms Other
application/javascript 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54826428adbe541fb39a159db20597f8813db78d227cffdab46bef540a620d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:34 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BLADQyj1CAr0KjlFkY5%2Fftkn%2FlU7SLCaWW3gNePZVn9Gs1d2c3otMg97RMuQQMowDE%2BTtkHZS8V2hGkiDV0geuqVSPa%2BhZGRm6a%2FmDIxWDlxvJwC0DJXm%2BVCpCpI4CRfhW5m4iI%2BCZ9vqTizoAm0%2B3szGleA4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: max-age=14400, public
cf-ray: 7d5eb6747eede082-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

POST
H3 200 7d5eb66c2cacaf4c Show response
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 01AD 2 B
655 B 16ms
16ms XHR
text/plain 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/cv/result/7d5eb66c2cacaf4c

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt0%2FJrfSW2zxn00ATS5zVdkbqjMPzXZFdwwcxrfJYGFS1OC4MPlDlexpvMXTbQQTr9PlQVmOwbguyIIQZgnkGtOaNaQvwtFf3EVzmhrwh6FXsDPpThlttetjeDsIEhfJjQLmon2oyELAIokYCLCtGbdFE38Kj4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7d5eb675afdfe082-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 409 B
612 B 120ms
38ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.redpacketsecurity.com&callback=_gfp_s_&client=ca-pub-1536334219562771

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc8518bf8439b20a3dace51be9b6c980ade81ff57cf467013548733c18b17480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 261
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 82ms
39ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.redpacketsecurity.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-notice&cls=cookie-revoke-hidden%20cn-position-bottom%20cn-effect-fade%20cn-animated%20cookie-notice-visible&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A9D 323 KB
78 KB 394ms
393ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&adk=1812271804&adf=3025194257&lmt=1686531280&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537454727&bpp=3&bdt=484&idt=283&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4875313347359&frm=20&pv=2&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dfc1b89c42f67418ec08717ab3a9e91b45c6771622ffa3b94f9cbac9330da15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 79509
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 60ms
60ms XHR
application/json 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f0f7a83ef1e608bed852e6812a2afebae08c6be3d062b532a659b8de238fb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11130
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
76ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF71 13 KB
5 KB 7ms
2ms Document
text/html 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 144684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 10:26:11 GMT
expires: Sun, 09 Jun 2024 10:26:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E29 783 B
536 B 44ms
42ms Document
text/html 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d11c04b9a25d6ddaeab8145ee2a052076a0f1d50d04598a6f1658a4a45f1ef3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z83Btpw0g0W1ePHYuZFbJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Z83Btpw0g0W1ePHYuZFbJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
expires: Mon, 12 Jun 2023 02:37:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame FF71 38 KB
14 KB 9ms
9ms Script
text/javascript 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 16:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 16:38:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E29 0
0 44ms
44ms Image
text/html 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=3968091635056483&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF71 0
10 B 2ms
1ms Image
text/plain 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HL2-oQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ 152 KB
52 KB 71ms
71ms Script
text/javascript 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e53a607f99a301fa57d863f848fb1fcfa2cf122c593ca0e193310c8ee12290cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52921
x-xss-protection: 0
server: cafe
etag: 1316195584445057577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 41ms
40ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.redpacketsecurity.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 654C 92 KB
29 KB 386ms
386ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455512&bpp=2&bdt=1268&idt=2&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0&nras=2&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VAfUVUbrSo&p=https%3A//www.redpacketsecurity.com&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7220e2aa2d1ec035108e72eaf049bb2cb8dbbadc6aab2e3f30151d3f22ce529a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 41ms
41ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.redpacketsecurity.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/ Frame 65A7 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 58221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 10:27:14 GMT
etag: 15057649708203361565
expires: Sun, 25 Jun 2023 10:27:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/ Frame FDC2 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 58221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 10:27:14 GMT
etag: 15057649708203361565
expires: Sun, 25 Jun 2023 10:27:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 65A7 4 KB
1 KB 78ms
39ms Stylesheet
text/css 2404:6800:4004:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 00:45:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 65A7 205 B
651 B 43ms
2ms Image
image/png 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:30:14 GMT
x-content-type-options: nosniff
age: 104841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Jun 2024 21:30:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 65A7 604 B
696 B 43ms
2ms Image
image/png 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:00:01 GMT
x-content-type-options: nosniff
age: 106654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Jun 2024 21:00:01 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame 65A7 13 KB
6 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebdb9e520559d8729e2d5497e1e3161033513af76c836fdb095dbb146acdad70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 06:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5918
x-xss-protection: 0
server: cafe
etag: 3124426376131173928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 06:29:47 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame 65A7 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f39d54e71a3c475b8a65cdcdd903b249e8b8a4538f6c8f0b1f8b3c34a093302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8493
x-xss-protection: 0
server: cafe
etag: 12780958209750988066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:09:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame FDC2 23 KB
9 KB 2ms
1ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:42:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B81 143 B
166 B 5ms
3ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 67
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:36:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 80F7 247 B
869 B 90ms
42ms Document
text/html 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.131 East White Plains, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

dd01b44a16da58d8cb7a40e2a2605a4a840a65c709fc90cb11a3c90672bbe305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-eEz9_VzMeBYMFGxakKTkGg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame FDC2 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:37:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F3C4 1 KB
643 B 9ms
9ms Document
text/html 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 12:01:00 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 12:01:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame FDC2 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:36:00 GMT

GET
H3 200 16252254124860652908
tpc.googlesyndication.com/simgad/ Frame FDC2 20 KB
20 KB 3ms
3ms Image
image/png 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16252254124860652908?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnGSCgxzZITtzZaxXrct7D4nAAHiA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c428ec8bab5072095561ce4518acc55b8b784e939e6f2b60e954d09f93b608b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 17:03:21 GMT
x-content-type-options: nosniff
age: 466454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20814
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 08:42:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jun 2024 17:03:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FDC2 0
0 39ms
37ms Image
text/html 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmGyplmaJ5_XEBCOxWFypGzL9i84rzhMconCg_1hErFo3U2yRiycTbl8K7w0iXRvFHyRRHq273pptc56tmkv_e2qzVQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDC2 175 KB
55 KB 101ms
57ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame FDC2 32 KB
13 KB 4ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61714ff9efa2565e30df83af80ba631380a284a0a5c7f047d26c339e400d50fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13350
x-xss-protection: 0
server: cafe
etag: 14641455366424605509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:09:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B81
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

74ms
74ms

Document
text/html

2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
expires: Mon, 12 Jun 2023 02:37:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F3C4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1&google_push=ATf1kGOjT_qL5WByzWFuIrSaBVcbAp08XUIf83cVMeY04zYaqdjxwDtWzN542fm1D7_d6pJHlwRNec04HgTUFb67L6pwBA8wEYapQQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxNDU2Mzg0MzI3Njk2NDEzMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1

43 B
398 B

56ms
48ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGPk1I8mZ1E6E2QVqDyRHoJpOMjLePAPwN4yYHkH2lZTLHUEHD_...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=732a5b83c8271b39&is_secure=true&networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGPk1I8m...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANPxci67m3fwNIc9k9AAAAAAA&expiration=1686623855&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6f...

170 B
188 B

43ms
42ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANPxci67m3fwNIc9k9AAAAAAA&expiration=1686623855&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_push=ATf1kGPk1I8mZ1E6E2QVqDyRHoJpOMjLePAPwN4yYHkH2lZTLHUEHD_XibvURiWzMK9aticZ72v0j9hA61hfEtWILew2VIix7JAhWZQ

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANPxci67m3fwNIc9k9AAAAAAA&expiration=1686623855&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_push=ATf1kGPk1I8mZ1E6E2QVqDyRHoJpOMjLePAPwN4yYHkH2lZTLHUEHD_XibvURiWzMK9aticZ72v0j9hA61hfEtWILew2VIix7JAhWZQ
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHqSWhcP-z4wsejLRRcLdLM&google_cver=1&google_push=ATf1kGNhAD_a3bHroNIwJqojJ3RS-YJDxd7sR8i-3MxBEQgQBpMNX5RfCzRGjbTZ3SpgrW_N4IpFwCn6bEBFEXAaXvs-QGR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNhAD_a3bHroNIwJqojJ3RS-YJDxd7sR8i-3MxBEQgQBpMNX5RfCzRGjbTZ3SpgrW_N4IpFwCn6bEBFEXAaXvs-QGRys216jiM&google_hm=eS1QTUw5NF9CRTJwR2R...

170 B
243 B

44ms
44ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNhAD_a3bHroNIwJqojJ3RS-YJDxd7sR8i-3MxBEQgQBpMNX5RfCzRGjbTZ3SpgrW_N4IpFwCn6bEBFEXAaXvs-QGRys216jiM&google_hm=eS1QTUw5NF9CRTJwR2R2LlRmZ1JJZFl1T29fLkJlelgwS35B

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jun 2023 02:37:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNhAD_a3bHroNIwJqojJ3RS-YJDxd7sR8i-3MxBEQgQBpMNX5RfCzRGjbTZ3SpgrW_N4IpFwCn6bEBFEXAaXvs-QGRys216jiM&google_hm=eS1QTUw5NF9CRTJwR2R2LlRmZ1JJZFl1T29fLkJlelgwS35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEDkrwCE5pnghuTdVn_XYLQQ&c_param1=ATf1kGOUr4HWDuZPAzXcaZqRz0Bkxsjc0vNuKcHRUKfcNf5K72REIhW6zuf0tigseef9YzHhaXIo6nSLIZ7Fakg5mC9vHG-focvEtnQ&gdpr=%%GDPR...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOUr4HWDuZPAzXcaZqRz0Bkxsjc0vNuKcHRUKfcNf5K72REIhW6zuf0tigseef9YzHhaXIo6nSLIZ7Fakg5mC9vHG-focvEtnQ

170 B
188 B

41ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOUr4HWDuZPAzXcaZqRz0Bkxsjc0vNuKcHRUKfcNf5K72REIhW6zuf0tigseef9YzHhaXIo6nSLIZ7Fakg5mC9vHG-focvEtnQ

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOUr4HWDuZPAzXcaZqRz0Bkxsjc0vNuKcHRUKfcNf5K72REIhW6zuf0tigseef9YzHhaXIo6nSLIZ7Fakg5mC9vHG-focvEtnQ
date: Mon, 12 Jun 2023 02:37:36 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAixdC723-VNjmvz3YYGA04&google_cver=1&google_push=ATf1kGNbdL10Kv3LGCIDbexFZHVlXSH332x1o6zDZZngnrgoNTMr6UCkK...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNbdL10Kv3LGCIDbexFZHVlXSH332x1o6zDZZngnrgoNTMr6UCkKTFYgV25KgqbQNS0JvI9cjbFFykYDUSKK9A6Di7q92vJrBI&google_hm=QlMuY2Q0MC04MDh...

170 B
188 B

45ms
44ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNbdL10Kv3LGCIDbexFZHVlXSH332x1o6zDZZngnrgoNTMr6UCkKTFYgV25KgqbQNS0JvI9cjbFFykYDUSKK9A6Di7q92vJrBI&google_hm=QlMuY2Q0MC04MDhiLTQ1MGUtYmU1NQ==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGNbdL10Kv3LGCIDbexFZHVlXSH332x1o6zDZZngnrgoNTMr6UCkKTFYgV25KgqbQNS0JvI9cjbFFykYDUSKK9A6Di7q92vJrBI&google_hm=QlMuY2Q0MC04MDhiLTQ1MGUtYmU1NQ==
Date: Mon, 12 Jun 2023 02:37:36 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame F3C4
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESENhOt7scmNUrYjOsC_2fnAg?ext-param=ATf1kGMm04VhFQOiKdNiDTHe722ImgrI_Gr2-FXnypSULk6hHjNCbnPkfUbb-goMwnmwfptpfpeN1YKDktEnQcPEZjW5dPZJcnwMOMcB&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESENhOt7scmNUrYjOsC_2fnAg?redir-setuniq=1&ext-param=ATf1kGMm04VhFQOiKdNiDTHe722ImgrI_Gr2-FXnypSULk6hHjNCbnPkfUbb-goMwnmwfptpfpeN1YKDktEnQcPEZjW5dPZJcnwMOMcB&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESENhOt7scmNUrYjOsC_2fnAg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

277ms
277ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 27 May 2024 02:37:36 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEMh62hsKs2peAGmMSUfnjmY&google_cver=1&google_push=ATf1kGMCcqvUP6r39ZSMQ-OAN-49oucYSM_QXCEo5CfLWniyl3Jlieocjls5bGuJ8BDfM8btQAqt4n2Rzjl2UtAnbETFTBTdu...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMCcqvUP6r39ZSMQ-OAN-49oucYSM_QXCEo5CfLWniyl3Jlieocjls5bGuJ8BDfM8btQAqt4n2Rzjl2UtAnbETFTBTdu9h6JC42&google_hm=cdda89a52d...

170 B
188 B

39ms
39ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMCcqvUP6r39ZSMQ-OAN-49oucYSM_QXCEo5CfLWniyl3Jlieocjls5bGuJ8BDfM8btQAqt4n2Rzjl2UtAnbETFTBTdu9h6JC42&google_hm=cdda89a52de1959575c64bc507a28d0d

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMCcqvUP6r39ZSMQ-OAN-49oucYSM_QXCEo5CfLWniyl3Jlieocjls5bGuJ8BDfM8btQAqt4n2Rzjl2UtAnbETFTBTdu9h6JC42&google_hm=cdda89a52de1959575c64bc507a28d0d
date: Mon, 12 Jun 2023 02:37:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F3C4 0
130 B 88ms
40ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEUxrMmeDodv81VY9pcdu8Zkhejc_oL_buyXw2K3UVH_IghdxbMEN3ZKGEUDO_hE2LDdarfx-c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame E6B8 14 KB
1 KB 41ms
40ms Stylesheet
text/css 2404:6800:4004:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 00:45:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame E6B8 2 KB
892 B 2ms
1ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:36:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame E6B8 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:42:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D58A 143 B
166 B 7ms
2ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 67
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:36:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame E6B8 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:37:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9475 1 KB
643 B 12ms
8ms Document
text/html 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 12:01:00 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 12:01:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame E6B8 20 KB
8 KB 3ms
1ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:36:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E6B8 0
0 38ms
37ms Image
text/html 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcIKyVA3VYQuigRQ1wDPlsfy14S8CKTkQpLYwATlYaUZOmZKWtp2Po07ML2EfowopBu3Ctkk0VaI-PQCK0BX5EGrRSNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6B8 175 KB
55 KB 85ms
83ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame E6B8 32 KB
14 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:07:14 GMT

GET
H2 200 iframe.html Show response
p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 80F7 5 KB
2 KB 41ms
40ms Document
text/html 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.131 East White Plains, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

64cc443e385a65550e1d76d72d2e27cf231115599ad58b9ae3ca24a0df0fba09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-_sxORRIfhInWX8h7e8D1RA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D58A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
67ms

Document
text/html

2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
expires: Mon, 12 Jun 2023 02:37:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9475
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1&google_push=ATf1kGNwYYpkB05fBe4xDSuE16EJmNSokr-lZyw68yxDIbvr3W5XlwJ7Pb3NfRJitM2yJBWjAN3VGOM2WvCYJDrMfZvrpzRKPEArSQw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxNDU2Mzg0MzI3Njk2NDEzMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1

43 B
398 B

49ms
48ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE-LmK2hYvPe9vURb7vouZQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9475
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB_8BD7_zJUwrRJZFCZ7uNA&google_cver=1&google_push=ATf1kGPITfZFcJmtyIiZTr23vkUHFQxXJpMdy6r8pQuRUHfvqUXit56CBdZlU7Mpnrha4W2AfJ4NYcJ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ATf1kGPITfZFcJmtyIiZTr23vkUHFQxXJpMdy6r8pQuRUHfvqUXit56CBdZlU7Mpnrha4W2AfJ4NYcJvhsMKgPhQCmYwwWasUsruTg&google_hm=D5NTwm59Rj-ddbq...

170 B
188 B

41ms
40ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ATf1kGPITfZFcJmtyIiZTr23vkUHFQxXJpMdy6r8pQuRUHfvqUXit56CBdZlU7Mpnrha4W2AfJ4NYcJvhsMKgPhQCmYwwWasUsruTg&google_hm=D5NTwm59Rj-ddbqe8Omu2Kc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ATf1kGPITfZFcJmtyIiZTr23vkUHFQxXJpMdy6r8pQuRUHfvqUXit56CBdZlU7Mpnrha4W2AfJ4NYcJvhsMKgPhQCmYwwWasUsruTg&google_hm=D5NTwm59Rj-ddbqe8Omu2Kc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9475
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEDioDaMiM31EKiMAYhhvMpo&google_cver=1&google_push=ATf1kGOe8-3iuV9hv_NuEj0lqpMlVAC2wuqQmGzzFcpJn4lluav6njM8QEPKLVGbBvxsBqk2IY7eESwsavOck9EYALLanyLP2a3OZjY
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUU2NzM3MDk3QTNFRTk5RQ==

170 B
188 B

39ms
38ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUU2NzM3MDk3QTNFRTk5RQ==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUU2NzM3MDk3QTNFRTk5RQ==
date: Mon, 12 Jun 2023 02:37:36 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9475
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE94cj-D8pZTfk7jNdnb_LA&google_cver=1&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lXuCttb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE94cj-D8pZTfk7jNdnb_LA&google_cver=1&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNzcyOTYzMjQ4NDExMTMwOQ&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lXuCt...

170 B
188 B

41ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNzcyOTYzMjQ4NDExMTMwOQ&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lXuCttbbl1yhYQBrCrHhry_Ds-smKc

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNzcyOTYzMjQ4NDExMTMwOQ&google_push=ATf1kGNT0x96qawv0pCd-gb9-LrDibjwgx7Uk0md52jY9yQq6TBe7xr1RweSm4glGNMCT-wg9lXuCttbbl1yhYQBrCrHhry_Ds-smKc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9475
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAixdC723-VNjmvz3YYGA04&google_cver=1&google_push=ATf1kGOWua6zHPWOEt339cLHBPI66ga4E0-nx393HVqNCakggxNHE-hI9...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOWua6zHPWOEt339cLHBPI66ga4E0-nx393HVqNCakggxNHE-hI9_EwnJK2tVblew5njbHGLhuYDjvLbQfALABegVwCbrWXY-OJ&google_hm=QlMuNTAxZC1lMT...

170 B
188 B

40ms
40ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOWua6zHPWOEt339cLHBPI66ga4E0-nx393HVqNCakggxNHE-hI9_EwnJK2tVblew5njbHGLhuYDjvLbQfALABegVwCbrWXY-OJ&google_hm=QlMuNTAxZC1lMTc3LTRhMTAtYjBlMQ==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOWua6zHPWOEt339cLHBPI66ga4E0-nx393HVqNCakggxNHE-hI9_EwnJK2tVblew5njbHGLhuYDjvLbQfALABegVwCbrWXY-OJ&google_hm=QlMuNTAxZC1lMTc3LTRhMTAtYjBlMQ==
Date: Mon, 12 Jun 2023 02:37:36 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9475
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDxh8btcjePf6QQMvdIiQDA&google_cver=1&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOggq...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEDxh8btcjePf6QQMvdIiQDA%26google_cver%3D1%26google_push%3DATf1kGOVAaaINk4TwPxaDz...
https://rtb2-useast.e-volution.ai/sync?adkuid=A5443252895014232376&exchange=193&google_gid=CAESEDxh8btcjePf6QQMvdIiQDA&google_cver=1&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU0NDMyNTI4OTUwMTQyMzIzNzY&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOgg...

170 B
188 B

42ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU0NDMyNTI4OTUwMTQyMzIzNzY&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOggqa3br09S6Yik4FU3Nn8axzhFx

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU0NDMyNTI4OTUwMTQyMzIzNzY&google_push=ATf1kGOVAaaINk4TwPxaDzY6ZVZ6Qh6cX38qmudTVX65eT6J8k8A9JYw7em-8HDUvg6J_CfL-iKiOggqa3br09S6Yik4FU3Nn8axzhFx
Date: Mon, 12 Jun 2023 02:37:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9475
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENKTCyG6vXrQBVKePsUxVbo&google_cver=1&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXh...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENKTCyG6vXrQBVKePsUxVbo&google_cver=1&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXh...
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXhfSBov82YIk3FN1Pa-RIQgdHeckSwig4gKAmiEhPg&google_hm=NDJ6OUNmdDh...

170 B
232 B

43ms
43ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXhfSBov82YIk3FN1Pa-RIQgdHeckSwig4gKAmiEhPg&google_hm=NDJ6OUNmdDhZMlM=&suid-set=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 02:37:35 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ATf1kGOJuROC0G8cpC74ncJv406VWQcGtB4n9vjY57jDHPeed58CaWt3QgrDLhXhfSBov82YIk3FN1Pa-RIQgdHeckSwig4gKAmiEhPg&google_hm=NDJ6OUNmdDhZMlM=&suid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9475 0
49 B 39ms
38ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7nQFVsO04YL8f1E4uKHLGhVaaPpCuLhV8f5dlw7yiQm8F31pY25AhzLUyolYLzJHOUYRLRBW7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=3968091635056483&bg=!BQalBlLNAAaGYqkwpmI7ADkAdvg8WtrJGCmKA8woTuZTTngV5gnlDHEszTNvv-0tDIwnlzQpnCa_3MnqL-uKg0GaBaeTqqcJDhgCAAAARlIAAAADaAEHCgB-TNQRUwWC6VUFSQLSf5IJPxgGdw1K_nM2zQoFg3JAYQGIAiwNPsW8-F_5p00Sccenzg2R8FZ6YJ-vV9PMagVZWZdPlKcbTbd2G_Z5_dnhJSosQO6SgMAeuGT3xfUfOe4_mwu65ZN0EnBZIVLmt056XZhXbt2O0_UC4AIXKTTbmQLZXFcNI7BWk1pTX0wy3XBj-P8jnOf0t5ka1aTgontw9-yAG3-55jXZx10TqBzuczHc4DVGA5mCIcHJybxAswT02ZRcGhzju3q0MofFrcIoerN8ivrAUKdv176Kz19LSR9qjtSUXtScVbcB8Ej0PbfemNUo9CueDgjRBcl1Zd87FxImLAU5hqUciSOtu7-M2q0PH4x3GlpfhbkcJmxUQs7YD0dZvaggYAVPgcP-mJ_MN5gRGtsuX5lgtj3NuzrYYu9JAtzralaTdZzbUBX3mCDKY8yUKEDrClzI5Hy02GcM_XPoe4QqxMZI53De_7--O60NjHBn_qGL6zelMYefO-X-mvbIr7ardTDEy5VNE7BT1OpeVEpNTI65QngmjQ8vpvtbvqR_MDpdStoy0SWgfhqKGGCLt_p4q6IVzUdyp4ulqT_junuMGLCxSfOPZNxE0pTYTHSpGSbycw0kyBAd1xGAbVIJEWzCNUBpbBnRv-6zKQYGevVo8OuSsXSDf46kOXDAchHgj4AOZ2IwX1GPDXFU74jNGrFcYGDR5pbR4sYaiI4BC-EbiNaimh9Iq57ztHo0HUmJRHgtP_khAaNzOkCkZuvh84suGZXn6c8wZMQI5BN0hIEn3ztTKCr8cF8MJ7lL7Gtf8XmutVRQDT1LYop4nhJmP2CBuXD3crLfwPsxxmZDmCsL0AcKRb3lPX7A6YA9PiSeR5tR_G99ssffYfXGslkkp9hB-nGKdU_TVxHPvWU6BdwtcYUmj7t2ZUqOEOnWUouERhrmyMVH5McIPjIV3PsL4qILJWGFLP4vmG4qWZBkKTPr_-Z_MCti2OuVK2jxYbFCIQWL-Z7rWDZGQJC3X0dAgeloymX7THkZOG3JVaC8UGb_QhxJOkJqzmQtSwhbvCsfqR9Sb2w1JJg7ISJorQCi7sLMsMOzX6uvhEyC8eAnHluwMNnMkG-P0aHR1JmExGRr-kJ5YImu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame C1FC 38 KB
14 KB 11ms
10ms Script
text/javascript 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 16:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 16:38:40 GMT

GET
H3 200 fe45c9c91f95c633caaca753c989e180.js Show response
www.gstatic.com/mysidia/ Frame 654C 8 KB
4 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe45c9c91f95c633caaca753c989e180.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455512&bpp=2&bdt=1268&idt=2&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0&nras=2&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VAfUVUbrSo&p=https%3A//www.redpacketsecurity.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b345fde31f15371cf81048929c2bdf135b73f474b56e5fd47590935aeff55786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3655
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:19:13 GMT

GET
H3 200 2333a2bf7b89f6733c32260158039db2.js Show response
www.gstatic.com/mysidia/ Frame 654C 9 KB
4 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2333a2bf7b89f6733c32260158039db2.js?tag=text/vanilla_highlight_ms_hotfixable

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50e43541a30b88b946e9520e3a043036da3fe2df68d2e1d898eace83da7d81c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 03:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3893
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 03:32:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 654C 14 KB
1 KB 43ms
42ms Stylesheet
text/css 2404:6800:4004:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 00:41:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 654C 2 KB
892 B 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:36:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 654C 23 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:42:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 654C 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:37:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 654C 20 KB
8 KB 1ms
1ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:36:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 654C 0
0 38ms
38ms Image
text/html 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD5AFQ_FjRJ3N93LWE8cBGu_DpamOghC2rUff-vN2i8b4A2M0u7Um3xl4Uafz63aCVssOL0PUSu3QRsog2DB-uAbNKXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455512&bpp=2&bdt=1268&idt=2&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0&nras=2&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VAfUVUbrSo&p=https%3A//www.redpacketsecurity.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 654C 175 KB
55 KB 54ms
53ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 02:37:35 GMT

GET
H3 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 654C 32 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:07:14 GMT

GET
H3 200 buymeacoffee.png
www.redpacketsecurity.com/wp-content/uploads/2022/10/ 22 KB
22 KB 196ms
196ms Image
image/webp 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redpacketsecurity.com/wp-content/uploads/2022/10/buymeacoffee.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618166e642d86cec199cf15956b7ba79dd256e2a4073fd434c65df2aa50d62ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:36 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=25283
content-disposition: inline; filename="buymeacoffee.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22162
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 17 Oct 2022 19:10:30 GMT
server: cloudflare
etag: "634da8a6-62c3"
expect-ct: max-age=86400, enforce
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJPAzmta%2F0NsYtcllVOSnF1cr2OlrhXleddSGZuMOew5guJfcVtcGFCglnArd6MREw553zOyqVZ4An91pbMKDJIPzW95IOuBlfqvJ3x5FT96y8Uh%2BDKM8HOorxblBRV3Ucr9DcJvhNVNDbPBNVReV9DMHtK3YP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb67bcd6ce082-NRT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17647145883080398077/ Frame 654C 1 KB
1 KB 6ms
6ms Image
image/png 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17647145883080398077/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d4a2557eac67dd95aeff1dbeb60c139028083b443bbd82c2359a0dec6dcfec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:19:27 GMT
x-content-type-options: nosniff
age: 40688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1111
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 02:19:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 10 Jun 2024 15:19:27 GMT

GET
DATA 200
OK truncated
/ Frame 654C 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 654C 0
0 48ms
48ms Fetch
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaC5c74SGZJLOIZquvcAP_e2QsATagriAcY7A8IWDEdzZHhABILWvoCdgifPFhPQToAGrtPPtAsgBAakCL7b7ILPSgj6oAwGqBL8CT9DzTFF4907bhksx3d0e94pl5urp1Lw-e_Vim1HIikHRdthc3yIhIStdh_a6EskQ9J-tUtPLcIQPYvYi07oUFTUupgHnSc6oZUF-3aHOUNDA2sNvtevpSkJ_SnSYKTPzGB3kWhINQBbioV6iUBurM3hJnmfDyO1-5vxdn-4NxwJwfgjAtOKhRnOezIt2uIGPrT-5jF5XKxtiSy96FfTDBSLDoVZqCJaD7wRZqJ77ZqsHT2F94qK_dCZdqrIzbIDsZoBb3XeQJPx8GePXmIibIxZcTPWDKBngs5RPhX-QAalopZJLA8w3jctlFdlZXS0fHjhVySHKpW0sJ7rRNxNDnG4XLvnaURbtjzLeS2URtWG2QdVJcQxr5yhNUECnZUX5utQyj-5Vp_mOCrBIkgLY2Ov6Hvo8HZf_6IVOhVVZgsAE_Nizk60EkgUECAQYAZIFBAgFGASAB73LjJIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQxlbSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0xNTM2MzM0MjE5NTYyNzcxGAA&sigh=JDiUuBFNVyw&uach_m=[UACH]&cid=CAQSOwBygQiDMqBGkQBrtE57hwbwcq7i1bQMdONg5Y08z6RFOK5AmgDLdXSSLHQ61S3tm0xDHrR9YDtJ6QfUGAE&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455512&bpp=2&bdt=1268&idt=2&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0&nras=2&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VAfUVUbrSo&p=https%3A//www.redpacketsecurity.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Jun 2023 02:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4458 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455512&bpp=2&bdt=1268&idt=2&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0&nras=2&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VAfUVUbrSo&p=https%3A//www.redpacketsecurity.com&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 68
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:36:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FEEE 1 KB
643 B 10ms
9ms Document
text/html 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 12:01:00 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 12:01:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A2D 38 KB
14 KB 10ms
9ms Script
text/javascript 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 16:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 16:38:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4458
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
59ms

Document
text/html

2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:36 GMT
expires: Mon, 12 Jun 2023 02:37:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 654C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ae43bb38638ecafbacb8b426d1850ea707d5249c9158dc8980a32d720d34090

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEEE
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEGZlBc6e6zP46Mi9f8NQ6hw&google_cver=1&google_push=ATf1kGP0-ovPZcx63zaZJok0k5hOWyaXnx4zxNQiloEyJfGLhrH_gK1E4Zy82gp254Yb6vnApX8UeU1SP3...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGP0-ovPZcx63zaZJok0k5hOWyaXnx4zxNQiloEyJfGLhrH_gK1E4Zy82gp254Yb6vnApX8UeU1SP3ofuX8qLZ_azDa5uqO-Osg&google_hm=WVpKcmhjVGthOUlz...

170 B
188 B

41ms
40ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGP0-ovPZcx63zaZJok0k5hOWyaXnx4zxNQiloEyJfGLhrH_gK1E4Zy82gp254Yb6vnApX8UeU1SP3ofuX8qLZ_azDa5uqO-Osg&google_hm=WVpKcmhjVGthOUlzSHZkNm90ZXo5VE9BdllF&from_google=pc1

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 02:37:36 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGP0-ovPZcx63zaZJok0k5hOWyaXnx4zxNQiloEyJfGLhrH_gK1E4Zy82gp254Yb6vnApX8UeU1SP3ofuX8qLZ_azDa5uqO-Osg&google_hm=WVpKcmhjVGthOUlzSHZkNm90ZXo5VE9BdllF&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEEE
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEM_-Vq_5lNpPXiMuvOks8kc&google_cver=1&google_push=ATf1kGMpo_Y3V473jOtD0rWXo5wAS6lDr_7oOaHQaU19ThU_Bb3ZFjPLtdnwDkD--iV1u7qteT9QoMB4DePog7XyhRlIzLOl...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGMpo_Y3V473jOtD0rWXo5wAS6lDr_7oOaHQaU19ThU_Bb3ZFjPLtdnwDkD--iV1u7qteT9QoMB4DePog7XyhRlIzLOlXW_YO-Q

170 B
188 B

41ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGMpo_Y3V473jOtD0rWXo5wAS6lDr_7oOaHQaU19ThU_Bb3ZFjPLtdnwDkD--iV1u7qteT9QoMB4DePog7XyhRlIzLOlXW_YO-Q

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGMpo_Y3V473jOtD0rWXo5wAS6lDr_7oOaHQaU19ThU_Bb3ZFjPLtdnwDkD--iV1u7qteT9QoMB4DePog7XyhRlIzLOlXW_YO-Q
Date: Mon, 12 Jun 2023 02:37:35 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEEE
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEDioDaMiM31EKiMAYhhvMpo&google_cver=1&google_push=ATf1kGOUGzToWkf9_j7bfQ5C5vXOwzQ13A50LRue-V6sJUNRvM19v2JH0ZB7mC2JDpJNpCH38-ELEmzrJFGqDokErzPo0t8_aXgSbA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkM2MjZENjc4MzlGRUJBRg==

170 B
188 B

40ms
39ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkM2MjZENjc4MzlGRUJBRg==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkM2MjZENjc4MzlGRUJBRg==
date: Mon, 12 Jun 2023 02:37:36 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEEE
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEA4vCVFC9LhbYaSRYtiE_YI&google_cver=1&google_push=ATf1kGOoerMNEXi6tlDj1fh34aMGZ7-jcL9LBncBKTPTQFAhtvuIRVROwojIb74pAyRRJ--QrDVc2BQEI51MJe3FCcsT0BRZnj6Rfw
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OEZmOE5SRExEREthQzBaMDhJU0daQQ%3D%3D&google_push=ATf1kGOoerMNEXi6tlDj1fh34aMGZ7-jcL9LBncBKTPTQFAhtvuIRVROwojIb74pAyRRJ--QrDVc2BQEI51MJ...

170 B
188 B

43ms
43ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OEZmOE5SRExEREthQzBaMDhJU0daQQ%3D%3D&google_push=ATf1kGOoerMNEXi6tlDj1fh34aMGZ7-jcL9LBncBKTPTQFAhtvuIRVROwojIb74pAyRRJ--QrDVc2BQEI51MJe3FCcsT0BRZnj6Rfw

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jun 2023 02:37:36 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OEZmOE5SRExEREthQzBaMDhJU0daQQ%3D%3D&google_push=ATf1kGOoerMNEXi6tlDj1fh34aMGZ7-jcL9LBncBKTPTQFAhtvuIRVROwojIb74pAyRRJ--QrDVc2BQEI51MJe3FCcsT0BRZnj6Rfw
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 245

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEEE
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEC2n0OQLlxp30OUfoOpcyxE&google_cver=1&google_push=ATf1kGM0nk43QAONhpQ_IjcAkItY3S4MI_TuZ2Iwd0YKw0pzS6Qw6Oa-76WxllYmu5wCLq5yPSJko5KsgdzkYPw...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGM0nk43QAONhpQ_IjcAkItY3S4MI_TuZ2Iwd0YKw0pzS6Qw6Oa-76WxllYmu5wCLq5yPSJko5KsgdzkYPwAk_vss...

170 B
188 B

41ms
40ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGM0nk43QAONhpQ_IjcAkItY3S4MI_TuZ2Iwd0YKw0pzS6Qw6Oa-76WxllYmu5wCLq5yPSJko5KsgdzkYPwAk_vssUlER0llqzI

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGM0nk43QAONhpQ_IjcAkItY3S4MI_TuZ2Iwd0YKw0pzS6Qw6Oa-76WxllYmu5wCLq5yPSJko5KsgdzkYPwAk_vssUlER0llqzI
Date: Mon, 12 Jun 2023 02:37:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEEE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJjwJ9av6Skhb9H7wtg1ziY&google_cver=1&google_push=ATf1kGO70bkHMchIqmEJ74Gg6owG_eteS_NTo80X_EqI1Q1Nw0THm3mFqTton4X7r_Bahp14BDMwYzmi691Fwjo...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Yj_aq_bGVy5_K7TD6xHUodmK_Kc&google_push=ATf1kGO70bkHMchIqmEJ74Gg6owG_eteS_NTo80X_EqI1Q1Nw0THm3mFqTton4X7r_Bahp14BDMwYzmi691Fwj...

170 B
188 B

43ms
43ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Yj_aq_bGVy5_K7TD6xHUodmK_Kc&google_push=ATf1kGO70bkHMchIqmEJ74Gg6owG_eteS_NTo80X_EqI1Q1Nw0THm3mFqTton4X7r_Bahp14BDMwYzmi691FwjoMaxJnwWvFf-oYoQs

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Yj_aq_bGVy5_K7TD6xHUodmK_Kc&google_push=ATf1kGO70bkHMchIqmEJ74Gg6owG_eteS_NTo80X_EqI1Q1Nw0THm3mFqTton4X7r_Bahp14BDMwYzmi691FwjoMaxJnwWvFf-oYoQs
Date: Mon, 12 Jun 2023 02:37:36 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2

200

report
sync.teads.tv/um/ Frame FEEE
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL8h4P8Ow43jwbI6Rr2pN6c&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YmZkOGFlYWMtYmVhNS00NzBkLTk2YmEtNzMwZWEzMzViYjcz&google_push=ATf1kGO-9S9aJAtAshGfIcNpzJJMLwqLLNozy1CiCuO5f762rQqa40R5TrY_Zkni3jsKq...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

5ms
5ms

Image
image/gif

23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455512&bpp=2&bdt=1268&idt=2&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0&nras=2&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VAfUVUbrSo&p=https%3A//www.redpacketsecurity.com&dtd=9
Protocol: H2
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Mon, 12 Jun 2023 02:37:36 GMT
pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FEEE 0
12 B 42ms
41ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaZl1zEQt7_J4fmYBR_kEjb3RZyjg5UWyiu_r0Uh5k6-H43O9B_48yIecgcynqMhysq6-YCQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 654C 33 KB
34 KB 64ms
9ms Font
font/woff2 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:18:19 GMT
x-content-type-options: nosniff
age: 458357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:18:19 GMT

GET
H3 200 Digital-Patreon-Wordmark_FieryCoralv2-1024x209.png
www.redpacketsecurity.com/wp-content/uploads/2021/01/ 9 KB
9 KB 205ms
205ms Image
image/webp 2606:4700:20::681a:25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redpacketsecurity.com/wp-content/uploads/2021/01/Digital-Patreon-Wordmark_FieryCoralv2-1024x209.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

798519ce47ff93dbb094e3bb3ee857bea4dfd1dfaa919bd0f3ea2a91479bec9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.redpacketsecurity.com/bianlian-ransomware-victim-aarti-industries-ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:36 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=16043
content-disposition: inline; filename="Digital-Patreon-Wordmark_FieryCoralv2-1024x209.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8722
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Sun, 03 Jan 2021 14:16:16 GMT
server: cloudflare
etag: "5ff1d1b0-3eab"
expect-ct: max-age=86400, enforce
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BIY%2FZPqV34Ou8jtKXPWPdFnaZM9%2F4SuJ6x9A9enHJ6191gwf%2BfJv0kE3mIUKHXwZUat1fR4EJe0xhmY65sGEye8akpbjBrC5aJ5Gjk4HoAL%2FcApdoUynJtgLFSgc3Kbdg73l%2BKDe8oAbQ4d1bQF8rYZZAkvc0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7d5eb67e2fa3e082-NRT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
39ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.redpacketsecurity.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C81 94 KB
29 KB 166ms
164ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee16350017774ac586d5887b1981b0cc5f12cc047ee43766478d72cfc1a34a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 02:37:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fe45c9c91f95c633caaca753c989e180.js Show response
www.gstatic.com/mysidia/ Frame 5C81 8 KB
4 KB 6ms
5ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe45c9c91f95c633caaca753c989e180.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b345fde31f15371cf81048929c2bdf135b73f474b56e5fd47590935aeff55786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3655
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:19:13 GMT

GET
H3 200 2333a2bf7b89f6733c32260158039db2.js Show response
www.gstatic.com/mysidia/ Frame 5C81 9 KB
4 KB 8ms
6ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2333a2bf7b89f6733c32260158039db2.js?tag=text/vanilla_highlight_ms_hotfixable

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50e43541a30b88b946e9520e3a043036da3fe2df68d2e1d898eace83da7d81c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 03:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3893
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 03:32:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5C81 14 KB
1 KB 42ms
41ms Stylesheet
text/css 2404:6800:4004:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 02:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 00:44:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 02:37:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 5C81 2 KB
892 B 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:36:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 5C81 23 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:42:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 5C81 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:37:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 5C81 20 KB
8 KB 10ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:36:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C81 175 KB
55 KB 78ms
71ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 02:37:36 GMT

GET
H3 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 5C81 32 KB
13 KB 5ms
4ms Script
text/javascript 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:07:14 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1580156348053697457/ Frame 5C81 6 KB
6 KB 6ms
2ms Image
image/png 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1580156348053697457/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c936dbec72e3965006939c0bb6c05dec06a2bf86b307faf7cdd40f2af93561f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 16:58:48 GMT
x-content-type-options: nosniff
age: 293928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6122
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:32:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Jun 2024 16:58:48 GMT

GET
DATA 200
OK truncated
/ Frame 5C81 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5C81 0
0 51ms
50ms Fetch
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4fcN8ISGZMzCJYq-vcAP2-i78AGbgqvHcPqXypGoEfCz6tuPDhABILWvoCdgifPFhPQToAHtoPqxKcgBAagDAaoEuwJP0Nvxj1UcFTsT7EwUX1b6R8TF6ND9vhZUztTOj9YC10DBjKlaVbRlS-igzOFMYXLwvA6MSOZ2rqId-_lyXIO2hNFVt2I7xf4kQW3Iq-mb8E_aCOMy526kBFMI7rusEE0Zs6V9T8zN7nZgG4hLbNWeUyZzH4YDHSrGhjYZxQNpuMS5Uee4KxbepP_KmNRGUPkmNUrM51jYqJmKa5DVcwU8SOly2MDShpUmMLOt9CHoVyCbhYxxs2POyJL4nUQT02vhm135BtmTsT_1mEnNpLeLmecKaiH1uxiy0m2VAYrTCh9MsAlnffjUD1x0bqA8qJ7EIaLKMYsX7R94_DiRYuW71Tko9RTYpK9c7vlcyfSqwFfoXZzVzCzZcIcBg-w0hJ4StQpuPOv7mXveWLUgi3G2-Em_sVdchhtXdsLABPTQt-GqBJIFBAgEGAGSBQQIBRgEgAft2MqRBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDENxW0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMTUzNjMzNDIxOTU2Mjc3MRgA&sigh=logg4jBXptE&uach_m=[UACH]&cid=CAQSOwBygQiDJBxHzXEmKBUbJSOcqUhehz1BDqd6-NN3hKI9eUIWlx8uj1RgRG_xTpQiRtD8FFkDM49_uoNyGAE&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Jun 2023 02:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 686C 1 KB
643 B 9ms
9ms Document
text/html 2404:6800:400a:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 12:01:00 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 12:01:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5C81 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ef9b7d907461a6f31af3a5e95cbf4d62eba7e99ddb78a3d344edb7ff01ba4d6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 686C
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGNCPbvfjO3Q9QuRlLG4Y2qI891Vc_ecEal4RslEnjbpf9T7zXq...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=563df0925bd920cd&is_secure=true&networkId=14000&version=1&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_cver=1&google_push=ATf1kGNCPbvf...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJq-lNHtT72QN4Gg5IAAAAAAA&expiration=1686623856&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6f...

170 B
188 B

42ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJq-lNHtT72QN4Gg5IAAAAAAA&expiration=1686623856&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_push=ATf1kGNCPbvfjO3Q9QuRlLG4Y2qI891Vc_ecEal4RslEnjbpf9T7zXqnw6QcRkzq-Bwd58iGnrTrWKRsTmjpFSaANTSvg1WcdROqAJpj

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJq-lNHtT72QN4Gg5IAAAAAAA&expiration=1686623856&google_cver=1&is_secure=true&google_gid=CAESEKcAwkZt91_xVHG67XC6fBc&google_push=ATf1kGNCPbvfjO3Q9QuRlLG4Y2qI891Vc_ecEal4RslEnjbpf9T7zXqnw6QcRkzq-Bwd58iGnrTrWKRsTmjpFSaANTSvg1WcdROqAJpj
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 686C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOwOKpIF3jL0Oz0dk_i0e8w&google_cver=1&google_push=ATf1kGOfc3U2UVge-S5yKqhtNsqg4OfZ-Pu4I05mcwLkm_SLj13MKCoryVDoF91kwtyuonE_0nLI91X2iM_Nw3An2sRx2rGiY_JlTnEi
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7DD6285520D546F5BA39FC4E8F213912&google_push=ATf1kGOfc3U2UVge-S5yKqhtNsqg4OfZ-Pu4I05mcwLkm_SLj13MKCoryVDoF91kwtyuonE_0nLI91X2iM_Nw3A...

170 B
188 B

42ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7DD6285520D546F5BA39FC4E8F213912&google_push=ATf1kGOfc3U2UVge-S5yKqhtNsqg4OfZ-Pu4I05mcwLkm_SLj13MKCoryVDoF91kwtyuonE_0nLI91X2iM_Nw3An2sRx2rGiY_JlTnEi

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jun 2023 02:37:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7DD6285520D546F5BA39FC4E8F213912&google_push=ATf1kGOfc3U2UVge-S5yKqhtNsqg4OfZ-Pu4I05mcwLkm_SLj13MKCoryVDoF91kwtyuonE_0nLI91X2iM_Nw3An2sRx2rGiY_JlTnEi
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 11 Jun 2023 02:37:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 686C
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGPcM3-shv_QZteaEeur2s_SUHsHxZIUDflw7hYtSsrPZMZi74c8oPM88uGHCg7i78D3cdQHrpSr6HP_af_Uj-5lb3dwvguba81w&google_gid=CAESEMa0gzA5eJBgGEEqvXCJSa8...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPCJmqQGEgUI6AcQAEIASnRnb29nbGVfcHVzaD1BVGYxa0dQY00zLXNodl9RWnRlYUVldXIyc19TVUhzSHhaSVVEZmx3N2hZdFNzclBaTVppNzRjOG9QTTg4dUdIQ2c3aTc4RDNjZFFIcnBTcjZIUF9hZl...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwV29JWmV2ZUxmdzd2VUtxQ0RlMmFsMmE1M3hPcFZidW02ZjRmSUNUUms5UQ==&google_push

170 B
188 B

40ms
39ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwV29JWmV2ZUxmdzd2VUtxQ0RlMmFsMmE1M3hPcFZidW02ZjRmSUNUUms5UQ==&google_push

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jun 2023 02:37:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwV29JWmV2ZUxmdzd2VUtxQ0RlMmFsMmE1M3hPcFZidW02ZjRmSUNUUms5UQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 686C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGO1DoYw...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGO1DoYw...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MTIwMjM3MzcwMDA3MDg1OTQ3MTM5OA%3D%3D&google_push=ATf1kGO1DoYwrxmwGosOOQqxdCwwM_n5LVnkX64aM1UhXB6-zu9BY_cd3hv0xc5WJ0DwDs...

170 B
188 B

40ms
39ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MTIwMjM3MzcwMDA3MDg1OTQ3MTM5OA%3D%3D&google_push=ATf1kGO1DoYwrxmwGosOOQqxdCwwM_n5LVnkX64aM1UhXB6-zu9BY_cd3hv0xc5WJ0DwDsmbAxocxP2uMANsXz2U95W8_qMh13RnihBD

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MTIwMjM3MzcwMDA3MDg1OTQ3MTM5OA%3D%3D&google_push=ATf1kGO1DoYwrxmwGosOOQqxdCwwM_n5LVnkX64aM1UhXB6-zu9BY_cd3hv0xc5WJ0DwDsmbAxocxP2uMANsXz2U95W8_qMh13RnihBD
pragma: no-cache
date: Mon, 12 Jun 2023 02:37:37 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 12 Jun 2023 02:37:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 686C
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEC2n0OQLlxp30OUfoOpcyxE&google_cver=1&google_push=ATf1kGNjFgbUzmhSj7SzFWpdGIsIsCAyywIkE1ZqxjMOthezYTARinmth_ePL0d9Su3NzspAFBWRbzRufIOD263...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGNjFgbUzmhSj7SzFWpdGIsIsCAyywIkE1ZqxjMOthezYTARinmth_ePL0d9Su3NzspAFBWRbzRufIOD263jh4kiC...

170 B
188 B

40ms
39ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGNjFgbUzmhSj7SzFWpdGIsIsCAyywIkE1ZqxjMOthezYTARinmth_ePL0d9Su3NzspAFBWRbzRufIOD263jh4kiCZcbj84R5qMI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM5ODM2MTU5ODI&google_push=ATf1kGNjFgbUzmhSj7SzFWpdGIsIsCAyywIkE1ZqxjMOthezYTARinmth_ePL0d9Su3NzspAFBWRbzRufIOD263jh4kiCZcbj84R5qMI
Date: Mon, 12 Jun 2023 02:37:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 686C
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEERbdliTtfX_BQKEZtd6qYg&google_cver=1&google_push=ATf1kGP3mIZJ7HYdP1hvp3FKd7gYYeuib9Lk2ZzOA_ukZPYsLH8CeXVbjtEOeh2-ioFMByr26i6e4sT2gtSBZf63JmBa...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGP3mIZJ7HYdP1hvp3FKd7gYYeuib9Lk2ZzOA_ukZPYsLH8CeXVbjtEOeh2-ioFMByr26i6e4sT2gtSBZf63JmBapoWE2xJZifna

170 B
188 B

38ms
38ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGP3mIZJ7HYdP1hvp3FKd7gYYeuib9Lk2ZzOA_ukZPYsLH8CeXVbjtEOeh2-ioFMByr26i6e4sT2gtSBZf63JmBapoWE2xJZifna

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGP3mIZJ7HYdP1hvp3FKd7gYYeuib9Lk2ZzOA_ukZPYsLH8CeXVbjtEOeh2-ioFMByr26i6e4sT2gtSBZf63JmBapoWE2xJZifna
date: Mon, 12 Jun 2023 02:37:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 686C
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAixdC723-VNjmvz3YYGA04&google_cver=1&google_push=ATf1kGOZO5DH_36OmP9F5iR1xWl8TAMpGmJkbFMOX30LoAFqAXe40SG5v...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOZO5DH_36OmP9F5iR1xWl8TAMpGmJkbFMOX30LoAFqAXe40SG5vO7KRjUv-ykzOaI9wAxI2QJ9wdb1r4K9zkYlzcfQy4Ww13EQSQ&google_hm=QlMuYmVhOS1h...

170 B
188 B

43ms
42ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOZO5DH_36OmP9F5iR1xWl8TAMpGmJkbFMOX30LoAFqAXe40SG5vO7KRjUv-ykzOaI9wAxI2QJ9wdb1r4K9zkYlzcfQy4Ww13EQSQ&google_hm=QlMuYmVhOS1hMDFjLTQyOWQtYmE3MA==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOZO5DH_36OmP9F5iR1xWl8TAMpGmJkbFMOX30LoAFqAXe40SG5vO7KRjUv-ykzOaI9wAxI2QJ9wdb1r4K9zkYlzcfQy4Ww13EQSQ&google_hm=QlMuYmVhOS1hMDFjLTQyOWQtYmE3MA==
Date: Mon, 12 Jun 2023 02:37:37 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 686C 0
12 B 39ms
38ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkbJi_YzaSuKkedCHa1llNRYTWGefnillMr0PUmtvly43KxakWo0wixFVrvOIj__IoTddmzQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=4131350476&adf=147067135&pi=t.aa~a.3524117837~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686531280&rafmt=1&to=qs&pwprc=6266461316&format=1200x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fbianlian-ransomware-victim-aarti-industries-ltd%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686537455516&bpp=1&bdt=1272&idt=1&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d852248c6a0130c-228a5a0672e1001f%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw&gpic=UID%3D00000c4a3524c282%3AT%3D1686537455%3ART%3D1686537455%3AS%3DALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg&prev_fmts=0x0%2C1200x280%2C1600x1200%2C1005x124&nras=5&correlator=4875313347359&frm=20&pv=1&ga_vid=1412900312.1686537455&ga_sid=1686537455&ga_hid=1928575094&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44793498&oid=2&psts=ABHeCvjiumfYx4KG1zvaFVa-k4_Z9VxpV944eRho3cWaKHU2exXI3D_VmKPhSA20e8hltHMCsos0G46GCJlV3Msm8KdNvfYAXmVTlzyUtW8IWjPMK4Qo2A%2CABHeCvgPKRGsw9042tCh_8YsXYbkRkv3XYhKQEgjOJOl_fB3MXkmwe-M0jVZcO6gd_Z4n8ordLBPJDe_1a3v-lugxVMgWtQh&pvsid=3968091635056483&tmod=1467602854&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=aYwJGYnYUv&p=https%3A//www.redpacketsecurity.com&dtd=1063

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:37:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5C81 33 KB
33 KB 10ms
9ms Font
font/woff2 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:18:19 GMT
x-content-type-options: nosniff
age: 458357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:18:19 GMT

GET
H2 200 6.gif
p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 80F7 35 B
490 B 137ms
40ms Image
image/gif 142.250.199.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.114 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 80F7 35 B
490 B 115ms
61ms Image
image/gif 2404:6800:4004:80f::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2012 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 02:37:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redpacketsecurity.com/	1970-01-20 22:04:57	Name: cf_zaraz_google-analytics_v4_uNHI Value: true
.redpacketsecurity.com/	1970-01-20 22:04:57	Name: google-analytics_v4_uNHI__engagementStart Value: 1686537454459
.redpacketsecurity.com/	1970-01-20 22:04:57	Name: google-analytics_v4_uNHI__counter Value: 1
.redpacketsecurity.com/	1970-01-20 12:28:59	Name: google-analytics_v4_uNHI__ga4sid Value: 1751603450
.redpacketsecurity.com/	1970-01-20 22:04:57	Name: google-analytics_v4_uNHI__session_counter Value: 1
.redpacketsecurity.com/	1970-01-20 22:04:57	Name: google-analytics_v4_uNHI__ga4 Value: 5306dd76-586e-4b33-9a98-0fbb30627bc8
.redpacketsecurity.com/	1970-01-20 22:04:57	Name: google-analytics_v4_uNHI___z_ga_audiences Value: 5306dd76-586e-4b33-9a98-0fbb30627bc8
.redpacketsecurity.com/	1970-01-20 22:04:57	Name: google-analytics_v4_uNHI__let Value: 1686537454459
.www.redpacketsecurity.com/	1970-01-20 13:12:09	Name: CaosGtag_ga_GN0W0LT7ZX Value: GS1.3.1686537454.1.0.1686537454.60.0.0
.www.redpacketsecurity.com/	1970-01-20 13:12:09	Name: CaosGtag_ga Value: GA1.3.1412900312.1686537455
.doubleclick.net/	1970-01-20 22:04:57	Name: IDE Value: AHWqTUkb-kNr4w1AQc_3sLlUxdyII0EdB2hqE0nIk3D7LHpGWjNIFeS8rRhZrzJx
.redpacketsecurity.com/	1970-01-20 12:28:59	Name: __cf_bm Value: 7rPkKLF35.8BLzbtjCUyT_HmsjJh.DSsbQQEHBFQQLc-1686537455-0-AYwgQ6q1TqBpwKxVrF4Y6zMEun4wBngKOA2AghgC618BnnmTqJqq9eTKZbUzwTywcQ==
.redpacketsecurity.com/	1970-01-20 21:50:33	Name: __gads Value: ID=7d852248c6a0130c-228a5a0672e1001f:T=1686537455:RT=1686537455:S=ALNI_MY2xaukeHyWWzZEwJi3n9FZLsoxKw
.redpacketsecurity.com/	1970-01-20 21:50:33	Name: __gpi Value: UID=00000c4a3524c282:T=1686537455:RT=1686537455:S=ALNI_MbxCHjak0TFFoxUgl_HR6-LLbQTDg
.doubleclick.net/	1970-01-20 12:29:01	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 16:48:09	Name: uid Value: 8514563843276964131
.ad-m.asia/	1970-01-20 22:04:57	Name: uid Value: VN8tpjdoko
.yahoo.com/	1970-01-20 21:14:55	Name: A3 Value: d=AQABBO-EhmQCEK3aasB7aVBvSdxSmWTiqC0FEgEBAQHWh2SQZAAAAAAA_eMAAA&S=AQAAAt1tl0Leel_j6Y-aQa6PRRo
.ctnsnet.com/	1970-01-20 21:14:33	Name: gid_CAESEB_8BD7_zJUwrRJZFCZ7uNA Value: 1
.ctnsnet.com/	1970-01-20 21:14:33	Name: cid_0f9353c26e7d463f9d75ba9ef0e9aed8 Value: 1
.adform.net/	1970-01-20 13:12:09	Name: C Value: 1
.c.appier.net/	1970-01-20 21:14:33	Name: _auid Value: 8Ff8NRDLDDKaC0Z08ISGZA
.c.appier.net/	1970-01-20 13:12:09	Name: _gu Value: CAESEA4vCVFC9LhbYaSRYtiE_YI
.adtdp.com/	1970-01-20 22:04:57	Name: uid Value: AYitd0oSaPRljir4KAM
.adtdp.com/	1970-01-20 22:04:57	Name: dynid Value: AYitd0oSaPRljir4KAM
.teads.tv/	1970-01-20 21:13:07	Name: tt_viewer Value: bfd8aeac-bea5-470d-96ba-730ea335bb73
.adform.net/	1970-01-20 13:55:21	Name: uid Value: 1007729632484111309
.mediago.io/	1970-01-20 21:14:33	Name: __mguid_ Value: cdda89a52de1959575c64bc507a28d0d
.uuidksinc.net/	1970-01-20 21:14:33	Name: jcsuuid Value: mNSQ7VcdyNrGGOvEZxp3
.fksnk.com/	1970-01-20 12:30:23	Name: g_001 Value: 1
fksnk.com/	1970-01-20 12:39:02	Name: AWSALBCORS Value: /3UmtlPiA3/ZlStZXmZunqiSPyxA+58jfecJ8+MlADWMvwc6PCo/DfrNmKXBPZ8hjFATyePBpTcoCddC3Rb/++v/qlUmk68x7unaPQrMEx2+tM8cG0mkZKP3Olpg
.fksnk.com/	1970-01-20 14:38:33	Name: f_001 Value: 2C626D67839FEBAF
.yandex.ru/	1970-01-20 22:04:57	Name: yuidss Value: 9327350191686537456
.yandex.ru/	1970-01-20 22:04:57	Name: yandexuid Value: 9327350191686537456
.fout.jp/	1970-01-20 22:04:57	Name: uid Value: YZJrhcTka9IsHvd6otez9TOAvYE
sync.srv.stackadapt.com/	1970-01-20 21:14:33	Name: sa-user-id Value: s%3A0-623fdaab-f6c6-572e-7f2b-b4c3eb11d4a1.83T49EItVdaVqqbthVkuv0%2FIjCeRwSctMPKyK7IZXZs
sync.srv.stackadapt.com/	1970-01-20 21:14:33	Name: sa-user-id-v2 Value: s%3AYj_aq_bGVy5_K7TD6xHUodmK_Kc.m3agy0Y0SSy%2FYghGpvB%2Fwtw6DTbpbouIPKUv2TI9rT0
.srv.stackadapt.com/	1970-01-20 21:14:33	Name: sa-user-id-v2 Value: s%3AYj_aq_bGVy5_K7TD6xHUodmK_Kc.m3agy0Y0SSy%2FYghGpvB%2Fwtw6DTbpbouIPKUv2TI9rT0
.adkernel.com/	1970-01-20 13:12:09	Name: ADKUID Value: A5443252895014232376
.reemo-ad.jp/	1970-01-20 22:04:57	Name: deviceIdentifier Value: agprnOpmLLFIhsuBbFgcnwCjVubxlpsT
.reemo-ad.jp/	1970-01-20 12:50:33	Name: sync_gadx Value: 1
.dotomi.com/	1970-01-20 12:28:57	Name: DotomiTest Value: 563df0925bd920cd
.e-volution.ai/	1970-01-20 12:49:07	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 13:12:09	Name: ADKUID Value: A5443252895014232376
.e.dlx.addthis.com/	1970-01-20 21:59:11	Name: na_tc Value: Y
.simpli.fi/	1970-01-20 21:15:59	Name: suid Value: 7DD6285520D546F5BA39FC4E8F213912
.addthis.com/	1970-01-20 21:59:11	Name: na_id Value: 2023061202373700070859471398
.addthis.com/	1970-01-20 21:59:11	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:59:11	Name: uid Value: 648684f181d233b1
.addthis.com/	1970-01-20 21:59:11	Name: ouid Value: 648684f1000163eeef2831ff7f3f444a583b3443d2da8b4425be
.dlx.addthis.com/	1970-01-20 13:12:09	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 13:12:09	Name: na_sr Value: 20230612
.dlx.addthis.com/	1970-01-20 12:28:57	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 13:12:09	Name: na_sc_e Value: 0
.rlcdn.com/	1970-01-20 21:14:33	Name: rlas3 Value: Lz5Cpv62yKhqh7A1emvBRkPIXxAB70AglNz+bl+Smqk=
.rlcdn.com/	1970-01-20 13:55:21	Name: pxrc Value: CPGJmqQGEgUI6AcQABIGCOndKhAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ad.turn.com
adservice.google.com
an.yandex.ru
analytics.google.com
c1.adform.net
cm.g.doubleclick.net
dclk-match.dotomi.com
dsp.adkernel.com
dynalyst-sync.adtdp.com
e.dlx.addthis.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
im.bluevoox.com
ipac.ctnsnet.com
p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i1-v6exp3.v4.metric.gstatic.com
p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-712681-i2-v6exp3.ds.metric.gstatic.com
p4-gh5fle4me7w3e-n2tvkwsu4do2b6zy-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb2-useast.e-volution.ai
s.uuidksinc.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync.dsp.reemo-ad.jp
sync.fout.jp
sync.srv.stackadapt.com
sync.teads.tv
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
v9999.adv.admeme.net
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.redpacketsecurity.com
142.250.196.98
142.250.199.114
142.251.42.131
150.95.47.241
172.105.203.31
172.217.26.226
174.137.133.49
18.182.248.191
185.84.60.20
185.98.54.153
2001:df2:a300:bbbb::135
202.232.238.37
220.150.223.50
23.10.15.149
23.45.61.118
2404:6800:4004:801::200e
2404:6800:4004:80a::2001
2404:6800:4004:80a::2004
2404:6800:4004:80b::200a
2404:6800:4004:80f::2012
2404:6800:4004:81c::2002
2404:6800:4004:81f::2003
2404:6800:4004:820::2002
2404:6800:4004:822::2003
2404:6800:4004:824::2002
2404:6800:4008:c13::9c
2404:6800:400a:805::2003
2404:6800:400a:80e::2002
2406:da18:929:5a00:c7e5:65ae:2a43:109e
2606:4700:20::681a:25b
2606:4700::6810:3965
2a02:6b8::90
2a02:fa8:c411:13::1370
34.142.175.23
34.237.252.80
35.186.193.173
35.190.60.146
35.208.249.213
43.207.13.63
44.198.110.80
52.45.175.185
04aec4107954c62d888f138cac63e9fd4508ca8bfcdaf9a9e3ade5eed2333b79
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
09ae1eba333cd32d7950624b7692db45b1d3b7e04330079c2bf844f07552914f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c913c477c0388b87bbefff244fe1849ec7c91cb4fc66e9e87eb50e846817179
1f0f7a83ef1e608bed852e6812a2afebae08c6be3d062b532a659b8de238fb28
24150d9ceec5701963b92df657209014574771b945c777f337c02eea312c920a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2ae43bb38638ecafbacb8b426d1850ea707d5249c9158dc8980a32d720d34090
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f39d54e71a3c475b8a65cdcdd903b249e8b8a4538f6c8f0b1f8b3c34a093302
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36ff3f9235b24e79887e1ec7b87fe275014505d566f5cfe7b5fb790426e2ccb6
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
3dfc1b89c42f67418ec08717ab3a9e91b45c6771622ffa3b94f9cbac9330da15
4247183ff111bcf12affd18ba0da4a7a1ff0b4e7e491db67b9562b58d6a29c88
46489b4c55fb6dce029c4ebcaa74c9616a0a89dc3be3e0027d0113c698ed9968
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50e43541a30b88b946e9520e3a043036da3fe2df68d2e1d898eace83da7d81c3
54826428adbe541fb39a159db20597f8813db78d227cffdab46bef540a620d02
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61714ff9efa2565e30df83af80ba631380a284a0a5c7f047d26c339e400d50fd
618166e642d86cec199cf15956b7ba79dd256e2a4073fd434c65df2aa50d62ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d0ac9d4671a2a8ee7d413ff0d46b0ef6cca6f03a0b133c70eedb0486c49c27
64cc443e385a65550e1d76d72d2e27cf231115599ad58b9ae3ca24a0df0fba09
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
6ef9b7d907461a6f31af3a5e95cbf4d62eba7e99ddb78a3d344edb7ff01ba4d6
7220e2aa2d1ec035108e72eaf049bb2cb8dbbadc6aab2e3f30151d3f22ce529a
798519ce47ff93dbb094e3bb3ee857bea4dfd1dfaa919bd0f3ea2a91479bec9e
7d45256c95c1c245654bf298e27d9c538dc778a2ee050ba4678ac2a07f479869
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
878507828632957a2a0e471f1bfef8ef64ee4726f7fd03d05d77664823079fa5
9406aee544bd9bac6160613181b2ae09f5d3d73b1b4e7a56d62184e260315071
9691e8c38e89f0117aa9aab7dc706fa84ff4c18279a0769cfd90579c897922c1
975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b67a14d3266023e71ecdf6bbb6376034a486e07e1da880f536af90fb1c07711
a374b168f61d41e1a7feb4a88f4cb9f2bcd169f21ec8ec9b4e572d4130ffb3f2
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae394bf43bc39f7c6b3f439de04f6b75288d849a0ecae5000a2452546063647c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af12f7592b4d8f6b8483bd9bab081ecf35abe485d5315fb0ecf30559ac2bd9cd
af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b2be9c7c3f5b1cfa7055b5f64d499416c9b680b0b6030677c323164358f49a99
b345fde31f15371cf81048929c2bdf135b73f474b56e5fd47590935aeff55786
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc8518bf8439b20a3dace51be9b6c980ade81ff57cf467013548733c18b17480
c2df8bc14a52b6bed030af117677683505692552d773a07b0bfc2ac6c3bb181d
c304be164d697444f4c480c7052ca7a25708686194dec476c55fbd500599f29c
c3d4a2557eac67dd95aeff1dbeb60c139028083b443bbd82c2359a0dec6dcfec
c428ec8bab5072095561ce4518acc55b8b784e939e6f2b60e954d09f93b608b4
c64cc07f85a1736728ba8ab9a318a71a02c220869e0d2a13b26e6d4eb1e45e28
c6e098655bf365af10393cec5be569becfba92d4b3374f5f409ceaa5a3b3bad6
c936dbec72e3965006939c0bb6c05dec06a2bf86b307faf7cdd40f2af93561f0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc8d78c3ca6dd5107af31e3be7ca4d654b83535d1d4ca90eab8e48b80be638c
d11c04b9a25d6ddaeab8145ee2a052076a0f1d50d04598a6f1658a4a45f1ef3f
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
d90e72456d477c3d7038c05025917c24c4bdd847ab3d293617beadc72fdd0515
da3e511b908f924d06bcd56a2274b737f070823715600c460dc5d593b276f961
db5076045357e412b65d91f7542e48dff8967cd56d65788573b4c557c712c947
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd01b44a16da58d8cb7a40e2a2605a4a840a65c709fc90cb11a3c90672bbe305
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53a607f99a301fa57d863f848fb1fcfa2cf122c593ca0e193310c8ee12290cc
e71a134923b062c2067c3f60d841a653bfffc9cff895f8854d2fd14361d3d9ac
e9d9a4ac74e536c050e8c6c9a95941e5009411ae61e9c2bcd8371f638b2ec661
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebdb9e520559d8729e2d5497e1e3161033513af76c836fdb095dbb146acdad70
ee16350017774ac586d5887b1981b0cc5f12cc047ee43766478d72cfc1a34a11
eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f7ec795d6ca0df8d0083c41b1a57aed9a3500897442639a0c24999a749eed08a
f84781d3e65130fbcee9c8813916246764b2e335a6a4827009f817c3ca74c3f0

www.redpacketsecurity.com Open in urlscan Pro 2606:4700:20::681a:25b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

82 %HTTPS

46 %IPv6

33 Domains

44 Subdomains

22 IPs

8 Countries

1864 kBTransfer

5152 kBSize

56 Cookies

6 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.redpacketsecurity.com Open in urlscan Pro
2606:4700:20::681a:25b Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

82 %
HTTPS

46 %
IPv6

33
Domains

44
Subdomains

22
IPs

8
Countries

1864 kB
Transfer

5152 kB
Size

56
Cookies

175 HTTP transactions
5 data transactions