urlscan.io logo urlscan.io
SecurityTrails logo

apnews.com Open in urlscan Pro
2001:4860:4802:38::15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.sans.org/?qs=58d0b09a93e1169eae2fa5a0c7304ba5bedf4638821e8c5ecdc59863a8a643b5314db330eb8c44fa00a3ad4a0524...
Effective URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Submission: On July 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 11 countries across 49 domains to perform 206 HTTP transactions. The main IP is 2001:4860:4802:38::15, located in United States and belongs to GOOGLE, US. The main domain is apnews.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 20th 2021. Valid for: a year.
This is the only time apnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 136.147.189.155 22606 (EXACT-7)
20 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.130 16625 (AKAMAI-AS)
2 5 13.225.87.63 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
41 199.232.137.44 54113 (FASTLY)
3 151.101.14.133 54113 (FASTLY)
1 13.225.87.76 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2.18.234.163 16625 (AKAMAI-AS)
7 142.250.181.226 15169 (GOOGLE)
1 2 151.101.14.137 54113 (FASTLY)
2 151.101.114.137 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.193.181 54113 (FASTLY)
4 35.153.224.87 14618 (AMAZON-AES)
2 72.251.249.9 29791 (VOXEL-DOT...)
2 4 185.33.220.145 29990 (ASN-APPNEX)
1 4 35.244.159.8 15169 (GOOGLE)
3 18.198.115.155 16509 (AMAZON-02)
1 178.250.2.131 44788 (ASN-CRITE...)
3 35.157.246.167 16509 (AMAZON-02)
1 2.21.111.28 16625 (AKAMAI-AS)
3 213.19.162.31 26667 (RUBICONPR...)
9 18.117.14.33 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.13.27 54113 (FASTLY)
1 52.50.226.72 16509 (AMAZON-02)
12 151.101.194.137 54113 (FASTLY)
2 162.247.243.147 23467 (NEWRELIC-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
3 185.106.33.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 198.148.27.139 19189 (PULSEPOINT)
2 9 141.226.228.48 200478 (TABOOLA-AS)
4 5 142.250.186.130 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
2 2 13.248.242.197 16509 (AMAZON-02)
1 185.86.137.131 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
6 7 152.228.227.58 16276 (OVH)
2 2 52.59.30.175 16509 (AMAZON-02)
4 4 51.83.111.34 16276 (OVH)
2 2 54.171.173.220 16509 (AMAZON-02)
2 2 3.120.83.159 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 1 172.105.235.90 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
3 3 35.156.223.207 16509 (AMAZON-02)
1 1 146.0.227.107 29066 (VELIANET-...)
2 2 18.195.240.234 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 2 35.157.83.29 16509 (AMAZON-02)
1 2a04:4e42:3::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
206 57
1    136.147.189.155 (United States)

ASN22606 (EXACT-7, US)
PTR: click.email.sans.org
click.email.sans.org
20    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
apnews.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    13.225.87.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-63.fra2.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
41    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
3    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
1    13.225.87.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-76.fra2.r.cloudfront.net
ak.sail-horizon.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
7    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
2    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cd.connatix.com
vid.connatix.com
2    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cds.connatix.com
3    2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    151.101.193.181 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
4    35.153.224.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-224-87.compute-1.amazonaws.com
jadserve.postrelease.com
2    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
ce.lijit.com
4    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
associatedpress-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
3    18.198.115.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-115-155.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    18.117.14.33 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-117-14-33.us-east-2.compute.amazonaws.com
capi.connatix.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.be
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    52.50.226.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-226-72.eu-west-1.compute.amazonaws.com
beacon.krxd.net
12    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
img.connatix.com
2    162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
25    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
5    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    152.228.227.58 (France)

ASN16276 (OVH, FR)
id5-sync.com
2    52.59.30.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
4    51.83.111.34 (France)

ASN16276 (OVH, FR)
cookie-matching.mediarithmics.com
2    54.171.173.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    3.120.83.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    35.156.223.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    146.0.227.107 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    18.195.240.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    35.157.83.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
Apex Domain
Subdomains		 Transfer
55 taboola.com
cdn.taboola.com
c2.taboola.com
trc.taboola.com
il-trc-events.taboola.com
images.taboola.com
sync.taboola.com
sync-t1.taboola.com
match.taboola.com
pips.taboola.com
cds.taboola.com
443 KB
32 googlesyndication.com
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
342 KB
25 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
453 KB
20 apnews.com
apnews.com
696 KB
17 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
193 KB
7 id5-sync.com
id5-sync.com
11 KB
6 google.com
adservice.google.com
www.google.com
735 B
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 adnxs.com
acdn.adnxs.com
ib.adnxs.com
81 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com
2 KB
4 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
2 KB
4 openx.net
associatedpress-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
1 KB
4 postrelease.com
jadserve.postrelease.com
2 KB
4 krxd.net
cdn.krxd.net
consumer.krxd.net
beacon.krxd.net
88 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 googletagservices.com
www.googletagservices.com
101 KB
3 yahoo.com
c2shb.ssp.yahoo.com
1 KB
3 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
2 KB
3 sharethrough.com
btlr.sharethrough.com
328 B
3 googleapis.com
storage.googleapis.com
28 KB
2 criteo.net
static.criteo.net
53 KB
2 3lift.com
eb2.3lift.com
736 B
2 betweendigital.com
ads.betweendigital.com
955 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 tapad.com
pixel.tapad.com
911 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 360yield.com
ice.360yield.com
1013 B
2 adsrvr.org
match.adsrvr.org
918 B
2 contextweb.com
bh.contextweb.com
828 B
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
2 perfectmarket.com
widget.perfectmarket.com
29 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 admixer.net
inv-nets.admixer.net
558 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
361 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 pubmatic.com
simage2.pubmatic.com
545 B
1 2mdn.net
s0.2mdn.net
63 KB
1 newrelic.com
js-agent.newrelic.com
15 KB
1 google.be
adservice.google.be
853 B
1 casalemedia.com
htlb.casalemedia.com
5 KB
1 ntv.io
s.ntv.io
107 KB
1 jquery.com
code.jquery.com
24 KB
1 sail-horizon.com
ak.sail-horizon.com
43 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 sans.org
click.email.sans.org
264 B
206 49
Domain Requested by
25 tpc.googlesyndication.com apnews.com
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
tpc.googlesyndication.com
22 images.taboola.com apnews.com
20 apnews.com apnews.com
12 img.connatix.com
12 cdn.taboola.com apnews.com
cdn.taboola.com
9 capi.connatix.com apnews.com
7 id5-sync.com 6 redirects
7 sync.taboola.com 2 redirects
7 securepubads.g.doubleclick.net apnews.com
5 cm.g.doubleclick.net 4 redirects
5 www.google.com 2 redirects e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
apnews.com
5 trc.taboola.com apnews.com
5 sb.scorecardresearch.com 2 redirects apnews.com
4 cookie-matching.mediarithmics.com 4 redirects
4 googleads.g.doubleclick.net e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
4 pagead2.googlesyndication.com apnews.com
tpc.googlesyndication.com
www.googletagservices.com
4 ib.adnxs.com 2 redirects apnews.com
4 jadserve.postrelease.com apnews.com
3 x.bidswitch.net 3 redirects
3 il-trc-events.taboola.com
3 www.googletagservices.com apnews.com
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
3 e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com apnews.com
3 fastlane.rubiconproject.com apnews.com
3 c2shb.ssp.yahoo.com apnews.com
3 btlr.sharethrough.com apnews.com
3 storage.googleapis.com apnews.com
2 static.criteo.net apnews.com
2 eb2.3lift.com 1 redirects
2 ads.betweendigital.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 pixel.tapad.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 ice.360yield.com 2 redirects
2 sync-t1.taboola.com
2 match.adsrvr.org 2 redirects
2 bh.contextweb.com 1 redirects
2 bam-cell.nr-data.net apnews.com
2 widget.perfectmarket.com apnews.com
2 cds.connatix.com apnews.com
2 cdn.krxd.net apnews.com
2 www.google-analytics.com apnews.com
1 gum.criteo.com apnews.com
1 us-u.openx.net
1 eu-u.openx.net 1 redirects
1 cds.taboola.com apnews.com
1 pips.taboola.com apnews.com
1 u.openx.net
1 match.taboola.com
1 inv-nets.admixer.net 1 redirects
1 bttrack.com
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com
1 ce.lijit.com
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 s0.2mdn.net tpc.googlesyndication.com
1 vid.connatix.com apnews.com
1 beacon.krxd.net apnews.com
1 js-agent.newrelic.com apnews.com
1 adservice.google.com apnews.com
1 adservice.google.be apnews.com
1 consumer.krxd.net apnews.com
1 htlb.casalemedia.com apnews.com
1 bidder.criteo.com apnews.com
1 associatedpress-d.openx.net apnews.com
1 ap.lijit.com apnews.com
1 stats.g.doubleclick.net apnews.com
1 cd.connatix.com 1 redirects
1 s.ntv.io apnews.com
1 code.jquery.com apnews.com
1 c2.taboola.com apnews.com
1 ak.sail-horizon.com apnews.com
1 acdn.adnxs.com apnews.com
1 www.googletagmanager.com apnews.com
1 click.email.sans.org 1 redirects
206 78
Subject Issuer Validity Valid
apnews.com
Entrust Certification Authority - L1K		 2021-05-20 -
2022-06-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
ak.sail-horizon.com
Amazon		 2021-01-07 -
2022-02-04		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
consumer.krxd.net
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
*.google.be
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Frame ID: AEB1D6F0472687E9F2E301816E550A33
Requests: 143 HTTP requests in this frame

Frame: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E7B1ACB8AD791FE4E1DC4D442035B1F
Requests: 1 HTTP requests in this frame

Frame: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 400688C639B3C8CABEE3A7533BBD551D
Requests: 8 HTTP requests in this frame

Frame: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 39C5EBEAB3406587B276C9F7E714A49F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html
Frame ID: 90B618F848071165A9530DB35E471B77
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html
Frame ID: 84CE3DAD394AE0AB9F810819A2093E7F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3AD9D35A38AD1EBE1917994B20F48C54
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 116C160C319A8BD34A8424A8B6C2EB9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 28914B20D46FBD613DCAAC8E24332E9F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0314BFD76AFBAA606A78887E02FDE747
Requests: 2 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 9EF1050D0494B10F36C72586C0A442CA
Requests: 22 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=apnews.com
Frame ID: F811B8AAED203896109205F553DD1D50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.email.sans.org/?qs=58d0b09a93e1169eae2fa5a0c7304ba5bedf4638821e8c5ecdc59863a8a643b5314db330... HTTP 302
    https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Google Frontend/i
Overall confidence: 100%
Detected patterns
  • script /adnxs\.(?:net|com)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /adnxs\.com\/[^"]*(?:prebid|\/pb\.js)/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

206
Requests

100 %
HTTPS

29 %
IPv6

49
Domains

78
Subdomains

57
IPs

11
Countries

2836 kB
Transfer

8138 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.sans.org/?qs=58d0b09a93e1169eae2fa5a0c7304ba5bedf4638821e8c5ecdc59863a8a643b5314db330eb8c44fa00a3ad4a052470caec61978231fe7f77 HTTP 302
    https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/123018/connatix.playspace.dc.js
Request Chain 27
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005041&ns__t=1625786484699&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484699&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9=
Request Chain 28
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005041&ns__t=1625786484700&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484700&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9=
Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 154
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 170
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=I5pGpRMAgJN5&ev=1&orig=trc&pid=562107
Request Chain 171
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6382237004404105658&orig=trc
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKU94WaUuIcxC_A0eKX1qRU&google_cver=1
Request Chain 174
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7
Request Chain 175
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c1d6e43-93df-4a82-953f-20f31675ff4b
Request Chain 180
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4a421cee-498d-4e20-b8f0-69a98ab90911
Request Chain 181
  • https://id5-sync.com/s/464/9.gif?puid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOaAXgS-PwgBJxUEoOw9jC9IxEt_y7QOzSQpDg-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOaAXgS-PwgBJxUEoOw9jC9IxEt_y7QOzSQpDg-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=f0dc6808-94b2-43c5-999e-9b6258f7e567&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEPLhJaPZKp2nZ_cpjGpj7eg&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPLhJaPZKp2nZ_cpjGpj7eg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6382237004404105658&opid=apx&ops=&utidl=tech:goo:CAESEPLhJaPZKp2nZ_cpjGpj7eg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18826157233&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=9e7a5ff0cc6f879e3c36cf93bf806db0&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=e170d268-0773-4504-98c0-21dc1b6ed16f&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/2/6.gif?puid=7d455a0d-b36f-4c7e-a683-d0ed05cca6b9&gdpr=1&gdpr_consent=
Request Chain 182
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=o6inVX6xCfOboxDveIjnYA
Request Chain 184
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3Db601acac-3399-4085-95d3-37f4957f358e%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=71de3f73d2fd4516a21eaeb87566a19b&ssp=taboola&bsw_param=b601acac-3399-4085-95d3-37f4957f358e&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b601acac-3399-4085-95d3-37f4957f358e
Request Chain 185
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd&tbid=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7&query=taboola_hm%3D18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd&isDirect=0
Request Chain 187
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=832c38ca-bc8a-52be-bcf0-6abbdc17e2c3
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=819jFZweQvOG3C664PWD9A&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5%26ui%3D819jFZweQvOG3C664PWD9A HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&ui=819jFZweQvOG3C664PWD9A
Request Chain 190
  • https://eb2.3lift.com/xuid?mid=7772&xuid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Request Chain 195
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9e8b2065-97f3-4907-b557-aef5074fb073&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHYR9Oxi5xjmpoi1VeY-Da0&google_cver=1

206 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
apnews.com/article/
Redirect Chain
  • https://click.email.sans.org/?qs=58d0b09a93e1169eae2fa5a0c7304ba5bedf4638821e8c5ecdc59863a8a643b5314db330eb8c44fa00a3ad4a052470caec61978231fe7f77
  • https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
114 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5136f8e69ad8af782a107706b0d405de9fc9d6161e43abb13154e01b0c0a37f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

:method
GET
:authority
apnews.com
:scheme
https
:path
/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=120
access-control-allow-origin
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-APCLIENTID
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
strict-transport-security
max-age=63072000; includeSubDomains; preload
etag
W/"1c8e2-iGvVQmAY1QNEkGysJ5Kw8fv7Eo8"
last-modified
Thu, 08 Jul 2021 23:20:51 GMT
content-encoding
gzip
x-cloud-trace-context
571cf4cfa04ee60f7862e8a7723d1a9c
date
Thu, 08 Jul 2021 23:21:24 GMT
server
Google Frontend
content-length
31271

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Date
Thu, 08 Jul 2021 23:21:23 GMT
Connection
close
Content-Length
206
GoodOT-CondMedium.woff2
apnews.com/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/GoodOT-CondMedium.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ae9769560970a5e09a659887213c4880b746a3963917917532aa213643244e96

Request headers

:path
/fonts/GoodOT-CondMedium.woff2
pragma
no-cache
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 18:41:13 GMT
server
Google Frontend
age
16811
etag
"bSpA-w"
content-type
font/woff2
x-cloud-trace-context
04ca689f187c7c8269cbe937e2c5a92a
cache-control
public, max-age=15811200
content-length
16056
expires
Fri, 07 Jan 2022 18:41:13 GMT
FreightText-Medium.woff2
apnews.com/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/FreightText-Medium.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
221e8fc7cd602e443e8ce468ca5066d2f59d05b7df65d3a7bb6a7813de0f928a

Request headers

:path
/fonts/FreightText-Medium.woff2
pragma
no-cache
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:18:11 GMT
server
Google Frontend
age
39793
etag
"ptocgQ"
content-type
font/woff2
x-cloud-trace-context
af38ceb25c44d88a7c5ea815ee332aa2
cache-control
public, max-age=15811200
content-length
27080
expires
Fri, 07 Jan 2022 12:18:11 GMT
GoodOT-Book.woff2
apnews.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/GoodOT-Book.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8e0931e981daaee6451becc26f223146e8b9a69497256351afa321e03d1831a8

Request headers

:path
/fonts/GoodOT-Book.woff2
pragma
no-cache
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 03:34:25 GMT
server
Google Frontend
age
71219
etag
"ptocgQ"
content-type
font/woff2
x-cloud-trace-context
ca498aa0fdec57271c2223dcdbe6b507
cache-control
public, max-age=15811200
content-length
27408
expires
Fri, 07 Jan 2022 03:34:25 GMT
GoodOT-Bold.woff2
apnews.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/GoodOT-Bold.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ed384b5afd77338386a1c9daef1a72417f3d9de3491323f6516bdd81c084fb04

Request headers

:path
/fonts/GoodOT-Bold.woff2
pragma
no-cache
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 03:54:16 GMT
server
Google Frontend
age
70028
etag
"ptocgQ"
content-type
font/woff2
x-cloud-trace-context
a93d3b5cc65a9893eb6d73ef9b3a7169
cache-control
public, max-age=15811200
content-length
27284
expires
Fri, 07 Jan 2022 03:54:16 GMT
GoodOT-Medium.woff2
apnews.com/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/GoodOT-Medium.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5b325763ef2fbb278d2c1d5b63dd792561b21c347493fe64e28d5a8c8e6c5088

Request headers

:path
/fonts/GoodOT-Medium.woff2
pragma
no-cache
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 04:26:29 GMT
server
Google Frontend
age
68095
etag
"ptocgQ"
content-type
font/woff2
x-cloud-trace-context
b2918cb2a1345bbd6287579f20302a12
cache-control
public, max-age=15811200
content-length
16688
expires
Fri, 07 Jan 2022 04:26:29 GMT
GoodOT-CondBold.woff2
apnews.com/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/GoodOT-CondBold.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c28e0d8918950240a3a0b409a3595681dc0f293b947b705b05af9d360b95cdfa

Request headers

:path
/fonts/GoodOT-CondBold.woff2
pragma
no-cache
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 03:55:49 GMT
server
Google Frontend
age
69935
etag
"ptocgQ"
content-type
font/woff2
x-cloud-trace-context
8ea1a659411bbeb9951108c7ef7fd387
cache-control
public, max-age=15811200
content-length
27060
expires
Fri, 07 Jan 2022 03:55:49 GMT
index.css
apnews.com/dist/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apnews.com/dist/index.css?hash=17a818664fd
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c70101e968861bad0dc3bc8b55dc8c08f894071aabbb57527c13c188ff3a6a9b

Request headers

:path
/dist/index.css?hash=17a818664fd
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:20:58 GMT
content-encoding
gzip
server
Google Frontend
age
26
etag
"bSpA-w"
content-type
text/css
x-cloud-trace-context
5b3976db2bc58678a47c6ae96f6a65b5
cache-control
public, max-age=600
content-length
9643
expires
Thu, 08 Jul 2021 23:30:58 GMT
spritemap.svg
apnews.com/dist/ 		31 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://apnews.com/dist/spritemap.svg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
52a99906c963b17f532611544f84fe6862238dea726da107017b279ff7d1a896

Request headers

:path
/dist/spritemap.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
same-origin
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:18:57 GMT
content-encoding
gzip
server
Google Frontend
age
147
etag
"bSpA-w"
content-type
image/svg+xml
x-cloud-trace-context
7f16abe06d974c88a4482d374ac51326
cache-control
public, max-age=600
content-length
11611
expires
Thu, 08 Jul 2021 23:28:57 GMT
radio-background.png
apnews.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apnews.com/images/radio-background.png
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.css?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
25fdcfaba23fd7e54fa56634fc1d854d48f6e4b55f47b8f781f1f5cdbfd83dee

Request headers

:path
/images/radio-background.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
apnews.com
referer
https://apnews.com/dist/index.css?hash=17a818664fd
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/dist/index.css?hash=17a818664fd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 04:16:57 GMT
server
Google Frontend
age
68667
etag
"ptocgQ"
content-type
image/png
x-cloud-trace-context
c2aa28183d75668b07b24d9fa76d3232
cache-control
public, max-age=15811200
content-length
1291
expires
Fri, 07 Jan 2022 04:16:57 GMT
FreightText-Book.woff2
apnews.com/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/FreightText-Book.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.css?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9f7adfbf63c029c783a6fa8155cc2df00e86567281a97e91d5c22c3e59e53827

Request headers

:path
/fonts/FreightText-Book.woff2
pragma
no-cache
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
apnews.com
referer
https://apnews.com/dist/index.css?hash=17a818664fd
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/dist/index.css?hash=17a818664fd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 04:49:12 GMT
server
Google Frontend
age
66732
etag
"ptocgQ"
content-type
font/woff2
x-cloud-trace-context
577c194b19bd8f789d368cb9e679a4f1
cache-control
public, max-age=15811200
content-length
30948
expires
Fri, 07 Jan 2022 04:49:12 GMT
index.js
apnews.com/dist/ 		888 KB
297 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apnews.com/dist/index.js?hash=17a818664fd
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d6ad8cf433a682e255fe211cab7e00ae66f4a06317b05b135d45868fc47d46ad

Request headers

:path
/dist/index.js?hash=17a818664fd
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:13:43 GMT
content-encoding
gzip
server
Google Frontend
age
461
etag
"bSpA-w"
content-type
application/javascript
x-cloud-trace-context
b63d5f9964c251d40a31d9c6c3064fe3
cache-control
public, max-age=600
content-length
303915
expires
Thu, 08 Jul 2021 23:23:43 GMT
gtm.js
www.googletagmanager.com/ 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNXLD4
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
441bb139aace6cb80928e294b6fd85ef1426c4831c5fdec14d2d3cf12ea7b3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36818
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jul 2021 23:21:24 GMT
pb.js
acdn.adnxs.com/prebid/c/7403/ 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/prebid/c/7403/pb.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
2ef5ec07feb9dad9feb40eda2b8bca5d4253a16dcf05e4bd2098bef0c8b2cf14

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 23:21:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 16:56:40 GMT
Server
nginx/1.13.10
ETag
"60be4fc8-3fb19"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
78567
Expires
Fri, 09 Jul 2021 00:21:24 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-63.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 22:55:52 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1532
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
e8uFZNEaP42wweE-kPpiG0VziYpO7VFu5TsDYbJ5vbIxqAZqI-bqbg==
newrelic.browser.prod.js
apnews.com/newrelic/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apnews.com/newrelic/newrelic.browser.prod.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e25bf7009f70dd4c8698009e3e64c3f500428c17dc60be93043a8afdcc8a1507

Request headers

:path
/newrelic/newrelic.browser.prod.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 04:37:48 GMT
content-encoding
gzip
server
Google Frontend
age
67416
etag
"ptocgQ"
content-type
application/javascript
x-cloud-trace-context
ff7ff4dc9efc51c0bfcb3e66e7ac4b85
cache-control
public, max-age=15811200
content-length
11070
expires
Fri, 07 Jan 2022 04:37:48 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6939
date
Thu, 08 Jul 2021 21:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 08 Jul 2021 23:25:45 GMT
loader.js
cdn.taboola.com/libtrc/associatedpress-apnews/ 		727 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/associatedpress-apnews/loader.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
886e93930716f3ca88e4adeb706b6631994435fc44b1150265d6980d97089f0f

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OaQ0TmOnvoTI4waDl1GOaS2JYZW1rkuQ
content-encoding
gzip
etag
"9a3bc422b0084c7a3734734599452fd2"
age
110
x-cache
HIT
content-length
50938
x-amz-id-2
Vy+TBmV+6yedhM5EEKrgJohdKy8PK7Bx1XLZXUZS0S8RA0OicZvhuNk/7DR9+YDmVgRk6SsfnA4=
x-served-by
cache-hhn11578-HHN
last-modified
Thu, 08 Jul 2021 08:45:07 GMT
server
AmazonS3
x-timer
S1625786485.684323,VS0,VE0
date
Thu, 08 Jul 2021 23:21:24 GMT
vary
Accept-Encoding
x-amz-request-id
6WHT0MRESA9VYP0G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
29
x-cache-hits
2
uxw2rsru9.js
cdn.krxd.net/controltag/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uxw2rsru9.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ad82f0b93c49fd1fe91612de0f72521e67d28f549c7161cb259d9c90f72d212

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 08 Jul 2021 23:21:24 GMT
via
1.1 varnish, 1.1 varnish
age
1041
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
4551
x-served-by
config-service-a001-ash-prod.krxd.net, cache-bwi5121-BWI, cache-fra19122-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1625786485.692100,VS0,VE0
etag
"9b33a2f371df4ba83d2f8ec3ad6a8424257c34de"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 4, 2
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-76.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:14:03 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
442
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
8k8PBQiwyxT93e9R-oECog09S7Ti1wcU5mzA19HJ4qh6nJ8p7UAkqg==
newsroom.js
c2.taboola.com/nr/associatedpress-apnews/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/associatedpress-apnews/newsroom.js
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3174aff15d49f1f547a5cac87d90fbf8d39f1e29d134a07a95501db4e40dfbe

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"24a8dd40e8cc692d6e9ccef396e4a9d5"
age
65
x-cache
HIT
content-length
16360
x-amz-id-2
pe2995cKRkPfdh/HXrspoP1c2J7Jfin8LzBBpmaOqWLQgZ7jbAomVrPFlRgGcKCLG1MJpFwlFgc=
x-served-by
cache-hhn11583-HHN
last-modified
Fri, 02 Jul 2021 14:57:54 GMT
server
AmazonS3
x-timer
S1625786485.687680,VS0,VE1
date
Thu, 08 Jul 2021 23:21:24 GMT
vary
Accept-Encoding
x-amz-request-id
CDAXXVGE4VWMGC3X
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
jquery-3.6.0.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.slim.min.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

Origin
https://apnews.com
Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-11ab4"
vary
Accept-Encoding
x-hw
1625786484.dop240.fr8.t,1625786484.cds208.fr8.hn,1625786484.cds054.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24587
load.js
s.ntv.io/serve/ 		367 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
44e7420df69eb936a5f70ac3bde3cd06307690d0eda5414a41803bdc29184a99

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 23:21:24 GMT
Content-Encoding
gzip
x-amz-request-id
H9RT05ZMEY77Y24Z
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
1nn/KvxxoWGeVsMgdkXekuxTMXRwoZERBVUTd2rwD3LuKM5sX+Pwvd7Z0ATPVZP1RNZBMzMlCBg=
Last-Modified
Mon, 28 Jun 2021 21:12:03 GMT
Server
AmazonS3
ETag
"97900f29ae6b57926e114ecfacb123df"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
08e0732e5f69f67184d5e8ee7653bf7864256a3576f45916dee1ee22e81ce1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"925 / 133 of 1000 / last-modified: 1625782305"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24172
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:24 GMT
connatix.playspace.dc.js
cds.connatix.com/p/123018/
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/123018/connatix.playspace.dc.js
1 MB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/123018/connatix.playspace.dc.js
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b085e7693b6f6fb986fbf421eb0c5cb7defcb4452a7c0bc9adc15308521e1e2b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
br
last-modified
Thu, 08 Jul 2021 07:58:45 GMT
age
54656
etag
"6d977ae6c08ed470f4d27606fdd4272e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
235446

Redirect headers

location
https://cds.connatix.com/p/123018/connatix.playspace.dc.js
date
Thu, 08 Jul 2021 23:21:24 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
default.json
storage.googleapis.com/afs-prod/tags/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/afs-prod/tags/default.json
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e36462ad5523a496b43312dbc6d87bac22c47d999c6ee651d878c5de837bab1a

Request headers

Accept
application/json, text/plain, */*
Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
age
0
x-guploader-uploadid
ADPycdsAUHjKQxomY9mYfWSdGRNS893oTD9xlhoEsCq6pAdkkfWaLHuXRLHROLn1cSsBk2cga1Vezps-Ud_KbnnsHLWhFPyxzQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1654
last-modified
Thu, 08 Jul 2021 23:18:01 GMT
server
UploadServer
etag
"3a325ed94fdcc1ba8b114b3d844e4bb3"
x-goog-hash
crc32c=kCtRjA==, md5=OjJe2U/cwbqLEUs9hE5Lsw==
x-goog-generation
1625786281013927
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-cache
x-goog-stored-content-length
1654
accept-ranges
bytes
content-type
application/json
expires
Fri, 08 Jul 2022 23:21:24 GMT
ad_app_settings_web.json
storage.googleapis.com/afs-prod/ad_app_settings/ 		659 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/afs-prod/ad_app_settings/ad_app_settings_web.json
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.js?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ad04d08fecaeaf5b047fbd26d37ceef8c43e9f1bc2c61334cdc610e5fe3e8b4c

Request headers

Accept
application/json, text/plain, */*
Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
age
0
x-guploader-uploadid
ADPycdvRgCBFNu7EXsulMr1ThO1OhZH9EJJdlr_Mr6GyzLN1Ho3HtV1jnu_voYimaZP9wjZNC1EbapqnotXwsmDe42577NMTAQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
659
last-modified
Thu, 08 Jul 2021 13:13:01 GMT
server
UploadServer
etag
"d495e4013422265c9fd67d91621e2e98"
x-goog-hash
crc32c=jmPdEw==, md5=1JXkATQiJlyf1n2RYh4umA==
x-goog-generation
1625749981457904
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-cache
x-goog-stored-content-length
659
accept-ranges
bytes
content-type
application/json
expires
Fri, 08 Jul 2022 23:21:24 GMT
800.jpeg
storage.googleapis.com/afs-prod/media/d207e3790bc44be485f5b6d0916d773a/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/afs-prod/media/d207e3790bc44be485f5b6d0916d773a/800.jpeg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b72ccbde319eb21e476400b3feb71b8386910c6eb042f55b99da0e5115dba487

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
age
0
x-guploader-uploadid
ADPycdseIOfRLS5c5UxSaxFWGpQDh3-FoYMoKeN7rgOSj-Tf345znDyvApR-4TRRu65T1iTTNLTg6SoBQQehBIO0TCDPG4DaWg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24495
last-modified
Mon, 05 Jul 2021 11:22:58 GMT
server
UploadServer
etag
"bba4a2b7c771af030440fd5d99b70363"
x-goog-hash
crc32c=eGsj4g==, md5=u6Sit8dxrwMEQP1dmbcDYw==
x-goog-generation
1625484178083657
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache
x-goog-stored-content-length
24495
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 08 Jul 2022 23:21:24 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005041&ns__t=1625786484699&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484699&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484699&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9=
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-63.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
mnQHMW9RKaFfk7s3SHqcnu9J13TXobx3YIP989zW55xgDwgvUHu7-Q==

Redirect headers

date
Thu, 08 Jul 2021 23:21:24 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484699&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9=
content-length
297
x-amz-cf-id
afoFfnzTJVZ7OKw0ji-xr7dpMCqU-iRMSAN1rgH7NvyD6_fWORcp3w==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005041&ns__t=1625786484700&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484700&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484700&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9=
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-63.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
RLADHHWMdvBeKd-K6JHuhx6Yio706L-_o4qegQvOWl8lRjB5IdZ2Dw==

Redirect headers

date
Thu, 08 Jul 2021 23:21:24 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=3005041&ns__t=1625786484700&ns_c=UTF-8&cv=3.5&c8=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&c7=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&c9=
content-length
297
x-amz-cf-id
SAS2Uxo9jSJ7ks-vqPdhgcw9NW91vGMJJTD1gwur7PMw9AYJS8PNkg==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=559167668&t=pageview&_s=1&dl=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&dp=%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&ul=en-us&de=UTF-8&dt=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1223565509&gjid=2130175278&cid=2140911353.1625786485&tid=UA-19104461-33&_gid=120959887.1625786485&_r=1&_slc=1&cd17=1007-1&cd19=16&cd1=4c2272cdd428ddfa1f3644d513566c06&cd11=RelatedStories&cd12=NO&cd13=NO&cd15=apf-topnews%2Capf-politics%2CBoston%2Capf-NorthAmerica%2CInsuranceindustry%2CInsurancebrokerage%2Capf-technology%2Capf-business%2CGovernmentandpolitics&cd4=In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle&cd9=2021-07-05%2004%3A28%3A58&cd10=By%20FRANK%20BAJAK&cd18=NO&z=1282580164
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://apnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
otSDKStub.js
apnews.com/oneTrust/scripttemplates/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apnews.com/oneTrust/scripttemplates/otSDKStub.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49

Request headers

:path
/oneTrust/scripttemplates/otSDKStub.js
pragma
no-cache
cookie
_ga=GA1.2.2140911353.1625786485; _gid=GA1.2.120959887.1625786485; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:39:57 GMT
content-encoding
gzip
server
Google Frontend
age
74487
etag
"ptocgQ"
content-type
application/javascript
x-cloud-trace-context
b6102e71b0dfbc75ad8d66d4106b21c1
cache-control
public, max-age=259200
content-length
6418
expires
Sun, 11 Jul 2021 02:39:57 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-19104461-33&cid=2140911353.1625786485&jid=1223565509&gjid=2130175278&_gid=120959887.1625786485&_u=YEBAAEAAAAAAAC~&z=2137700242
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 08 Jul 2021 23:21:24 GMT
content-type
text/plain
access-control-allow-origin
https://apnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
gzip
age
12768560
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
626210
content-length
84451
x-served-by
cache-fra19122-FRA
last-modified
Thu, 15 Oct 2020 07:09:29 GMT
x-timer
S1625786485.747957,VS0,VE0
etag
"0631b7d64dbbd3656a8b7368ad227a04"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 13 Oct 2030 07:09:28 GMT
load.js
widget.perfectmarket.com/associatedpress-apnews/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/associatedpress-apnews/load.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb0df9de67b174603094389dc19eb0e8c3c266f1b14db50c70d26135d70a0b94

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
d7Z3Vjk9xizlJdT8BWXJiJ_yXsM2a3HZ
content-encoding
gzip
etag
"6a4b82a8bb90870870e94a91542020e2"
age
124
x-cache
HIT, HIT
content-length
1361
x-amz-id-2
MCtImhxOLK9V0Us6UkCCrAFq+pXBR+vQV/VABnA9hQjuEtQqZMelLcUXUJIfPpp5ySeX5uQToCg=
x-served-by
cache-lax10624-LGB, cache-ams21053-AMS
last-modified
Wed, 26 May 2021 10:59:40 GMT
server
AmazonS3
x-timer
S1625786485.857470,VS0,VE1
date
Thu, 08 Jul 2021 23:21:24 GMT
vary
Accept-Encoding,,
x-amz-request-id
CJNF1ANTCJBSX339
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20210708-5-RELEASE.js
cdn.taboola.com/libtrc/ 		530 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210708-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/associatedpress-apnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f68263fe5b5625d43e191628f6f6f46a24e7240d7601fccba4ffbc2afe27754d

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
B3fs7eIzxHMygvGAtZeLtGI3YvaJwf3B
content-encoding
br
etag
"4f40b040605fa3d0ffa25676e3e4fbdb"
age
24561
x-cache
HIT
content-length
120324
x-amz-id-2
lCV7tHMKPRmmx65qaa/wR53VUjT4QxDvGtqvWYZzKqFl+U8FQGDS8mcysHzKxYPRXfIeFpGOY+0=
x-served-by
cache-hhn11578-HHN
last-modified
Thu, 08 Jul 2021 08:27:52 GMT
server
AmazonS3-br
x-timer
S1625786485.804212,VS0,VE0
date
Thu, 08 Jul 2021 23:21:24 GMT
vary
Accept-Encoding
x-amz-request-id
18ER69MGT14WP6K2
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
52
x-cache-hits
175947
a71f6440-204e-44d0-b5f6-af7a3c22073f.json
apnews.com/oneTrust/consent/a71f6440-204e-44d0-b5f6-af7a3c22073f/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apnews.com/oneTrust/consent/a71f6440-204e-44d0-b5f6-af7a3c22073f/a71f6440-204e-44d0-b5f6-af7a3c22073f.json
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fc888e0597964954fb2b66e42c623a73b28637b32ca0fe2dc4794685d2b718ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
tracestate
2393536@nr=0-1-2393536-885832607-1d6c8b7909804ff4----1625786484798
accept-language
en-US
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiMWQ2YzhiNzkwOTgwNGZmNCIsInRyIjoiN2Y0NTNiYzhiYzc2Y2UwNTUwNmY3MDhmODI3YmFiMTAiLCJ0aSI6MTYyNTc4NjQ4NDc5OH19
sec-fetch-dest
empty
cookie
_ga=GA1.2.2140911353.1625786485; _gid=GA1.2.120959887.1625786485; _gat=1
:path
/oneTrust/consent/a71f6440-204e-44d0-b5f6-af7a3c22073f/a71f6440-204e-44d0-b5f6-af7a3c22073f.json
pragma
no-cache
traceparent
00-7f453bc8bc76ce05506f708f827bab10-1d6c8b7909804ff4-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
tracestate
2393536@nr=0-1-2393536-885832607-1d6c8b7909804ff4----1625786484798
traceparent
00-7f453bc8bc76ce05506f708f827bab10-1d6c8b7909804ff4-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiMWQ2YzhiNzkwOTgwNGZmNCIsInRyIjoiN2Y0NTNiYzhiYzc2Y2UwNTUwNmY3MDhmODI3YmFiMTAiLCJ0aSI6MTYyNTc4NjQ4NDc5OH19

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 23:18:37 GMT
server
Google Frontend
age
74
etag
W/"a38-nv8VBGt6+tV9uksLXNTmcQAqiJA"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
x-cloud-trace-context
60a98853f7b27363d93724c6c8adaec0;o=1
cache-control
public, max-age=120
date
Thu, 08 Jul 2021 23:20:10 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-APCLIENTID
content-length
1166
pubads_impl_2021070701.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js?31061757
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Jul 2021 08:38:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117051
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		129 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=apnews.com
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2a5c96e7fbbef892658dda404afd9664fb70a57bff4405d5e87848bb25832c7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:24 GMT
otBannerSdk.js
apnews.com/oneTrust/scripttemplates/6.17.0/ 		377 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apnews.com/oneTrust/scripttemplates/6.17.0/otBannerSdk.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495

Request headers

:path
/oneTrust/scripttemplates/6.17.0/otBannerSdk.js
pragma
no-cache
cookie
_ga=GA1.2.2140911353.1625786485; _gid=GA1.2.120959887.1625786485; _gat=1; sailthru_pageviews=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 04:21:23 GMT
content-encoding
gzip
server
Google Frontend
age
68401
etag
"ptocgQ"
content-type
application/javascript
x-cloud-trace-context
a8ea4654a46fbe8e5a462a6c2928431d
cache-control
public, max-age=259200
content-length
105226
expires
Sun, 11 Jul 2021 04:21:23 GMT
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&ntv_mvi&ntv_kv=category*apf-topnews,apf-politics,Boston,apf-NorthAmerica,Insuranceindustry,Insurancebrokerage,apf-technology,apf-business,Governmentandpolitics
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-224-87.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
6328fec469f37d900b4daff374c86df2e467a1016ab705a1d681c950990b551a

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
820
expires
Mon, 1 Jan 1990 12:00:00 GMT
pmk-202010011.6.js
widget.perfectmarket.com/associatedpress-apnews/ 		100 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/associatedpress-apnews/pmk-202010011.6.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
818ad24001f1eb0eca00da02206812791242abe3c274c0df9990ce77feff0ed1

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
agHC9gRQ1BzVEZeNjcNR7ARqK5kjSKJX
content-encoding
gzip
etag
"3757439059f84e52df622189e1b7b8e9"
age
2637809
x-cache
HIT, HIT
content-length
27921
x-amz-id-2
gT8AVpf/YDEPu7Ucq92mQ+zGcd9Q8wVwxDUUOXuAMdM2mzIS6G7pEQizJthDfc/Kxz9y6YW8lLc=
x-served-by
cache-sna10730-LGB, cache-ams21053-AMS
last-modified
Wed, 26 May 2021 10:59:39 GMT
server
AmazonS3
x-timer
S1625786485.950271,VS0,VE0
date
Thu, 08 Jul 2021 23:21:24 GMT
vary
Accept-Encoding,,
x-amz-request-id
J17Z7JYSWGGSAWZ9
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
4244, 21
en.json
apnews.com/oneTrust/consent/a71f6440-204e-44d0-b5f6-af7a3c22073f/238813d5-4ee9-492a-af51-1782071d39d5/ 		34 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apnews.com/oneTrust/consent/a71f6440-204e-44d0-b5f6-af7a3c22073f/238813d5-4ee9-492a-af51-1782071d39d5/en.json
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ea2b4278cdc177d7eb89f24fc39758709acb0b56c52d251eb79bccd7a4b90db4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
tracestate
2393536@nr=0-1-2393536-885832607-08a42e58a1c1eab5----1625786484947
accept-language
en-US
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiMDhhNDJlNThhMWMxZWFiNSIsInRyIjoiMzNlM2I1ZTdjZDFmNmE2NTA3MzM4ODg1OThiNDNkNzAiLCJ0aSI6MTYyNTc4NjQ4NDk0N319
sec-fetch-dest
empty
cookie
_ga=GA1.2.2140911353.1625786485; _gid=GA1.2.120959887.1625786485; _gat=1; sailthru_pageviews=1; kxvisits=1
:path
/oneTrust/consent/a71f6440-204e-44d0-b5f6-af7a3c22073f/238813d5-4ee9-492a-af51-1782071d39d5/en.json
pragma
no-cache
traceparent
00-33e3b5e7cd1f6a650733888598b43d70-08a42e58a1c1eab5-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
tracestate
2393536@nr=0-1-2393536-885832607-08a42e58a1c1eab5----1625786484947
traceparent
00-33e3b5e7cd1f6a650733888598b43d70-08a42e58a1c1eab5-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiMDhhNDJlNThhMWMxZWFiNSIsInRyIjoiMzNlM2I1ZTdjZDFmNmE2NTA3MzM4ODg1OThiNDNkNzAiLCJ0aSI6MTYyNTc4NjQ4NDk0N319

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 23:21:25 GMT
server
Google Frontend
etag
W/"89e9-FXGoj3Q9YRMLGwwYayCQ8kfH+Ek"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
x-cloud-trace-context
33e3b5e7cd1f6a650733888598b43d70;o=1
cache-control
public, max-age=120
date
Thu, 08 Jul 2021 23:21:25 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-APCLIENTID
content-length
10570
bid
ap.lijit.com/rtb/ 		93 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.17.0
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
bdc224ebe1d589629af4b0896c21c0e56bc2a9f3c9669ffa4708ec1500f63582

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs.com/ut/v3/ 		53 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:25 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
28c23a40-d9c1-4107-8dfc-475b8efc8a75
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://apnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
associatedpress-d.openx.net/w/1.0/ 		173 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://associatedpress-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9ef3a241-6163-44a9-b097-430a507ddc13%2C1099d21f-9d72-4136-a1bf-84f72d566259%2Cdf5f2e40-f5ac-4991-b366-ae38d299d7ce&nocache=1625786484983&aus=300x600%2C300x250%7C300x250%7C728x90%2C728x250%2C970x90%2C970x250&divIds=div-gpt-ad_site_article_rectangle1%2Cdiv-gpt-ad_site_article_rectangle2%2Cdiv-gpt-ad_site_article_leaderboard&auid=541053729%2C541053730%2C541053731
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
da67da5bbeee3570ef5d9fbc28527775350d29675ff49f2a476d3d75062ba89f

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://apnews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=d7sSeHAMbrHK5YC6kRXA82Dm&bidId=19d5f8dcce75d32&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.17.0&strVersion=3.2.1&secure=true
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.115.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-115-155.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://apnews.com
date
Thu, 08 Jul 2021 23:21:25 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=UREa6PyYM5rS9cXaBGJkG2bG&bidId=20a7e0c2da58ed&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.17.0&strVersion=3.2.1&secure=true
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.115.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-115-155.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://apnews.com
date
Thu, 08 Jul 2021 23:21:25 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mdSNYDhN36t3KciwgvTMFMXh&bidId=21777a6c0ac4967&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.17.0&strVersion=3.2.1&secure=true
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.115.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-115-155.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://apnews.com
date
Thu, 08 Jul 2021 23:21:25 GMT
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		18 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=73340207026
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jul 2021 23:21:24 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://apnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c70a018c7830793&pos=site_article_rectangle1&cmd=bid&secure=1
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
5ad2b4bcec8294c787a2685339b58247b67fded6ea3b555869ca59abefd10cbf

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c70a018c7830793&pos=site_article_rectangle2&cmd=bid&secure=1
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
f9baa472b88cf1b14d66ecb3d392bd4ac185e64606118d89b88ffc13f7248794

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c70a018c7830793&pos=site_article_leaderboard&cmd=bid&secure=1
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
f48b3f47dd23791e1a0094ca1f32e2b7c4f77bb76474568d491c7395677b1f7c

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		378 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d5735d675f5a46206c36981345581e15a1acfa2afe6078c70d0add1d2d1a02c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:25 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e2d31c40-ceca-49c0-a792-25e186f90194
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://apnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
378
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=500344&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234729d87ca1a2d5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235e785899356168%22%2C%22ext%22%3A%7B%22siteID%22%3A%22500344%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22361e9d53170a2ff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22500344%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22376619533e03ea6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22500345%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2239a361e900ec07b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22500346%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224108a8f72738241%22%2C%22ext%22%3A%7B%22siteID%22%3A%22500346%22%2C%22sid%22%3A%22728x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22422ce2a8383e0db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22500346%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2243746280a0519b2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22500346%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
104ad5631006a4fc099be12c521b4c7509fc92dd32aafd49d7e524897d50ba8b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[77.243.191.196], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://apnews.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4281
x-ak-client-geo
28
expires
Thu, 08 Jul 2021 23:21:25 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8607&site_id=113838&zone_id=1682836&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&tk_flint=pbjs_lite_v4.17.0&x_source.tid=9ef3a241-6163-44a9-b097-430a507ddc13&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3185673826432647
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
be727f15246701502f7954f1016a353fbf623dc2a7c257b82297d788e183689f

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:25 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://apnews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
303
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8607&site_id=113838&zone_id=1682834&size_id=15&rf=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&tk_flint=pbjs_lite_v4.17.0&x_source.tid=1099d21f-9d72-4136-a1bf-84f72d566259&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.40815681321168307
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c30f04d7cf6225e95f7247843557bb69f381f19788edf3cf5282953d3983ea04

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:25 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://apnews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		305 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8607&site_id=113838&zone_id=1682832&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&tk_flint=pbjs_lite_v4.17.0&x_source.tid=df5f2e40-f5ac-4991-b366-ae38d299d7ce&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6425356406479996
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0c003108dfa02b1a2ec9b255ed79d9f4bad0b07690342391b19f86536aa103bf

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:25 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://apnews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
305
Expires
Wed, 17 Sep 1975 21:32:10 GMT
connatix.playspace.css
cds.connatix.com/p/123018/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/123018/connatix.playspace.css
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
br
last-modified
Thu, 08 Jul 2021 07:58:44 GMT
age
54657
etag
"2d5d1c3d89cc4965db765c1c8754e68e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
13297
70e9da44-ecaa-4d3c-a085-5add07b24e7b
consumer.krxd.net/consent/get/ 		236 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/70e9da44-ecaa-4d3c-a085-5add07b24e7b?idt=device&dt=kxcookie&callback=Krux.ns._default.kxjsonp_consent_get_0
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b90b1c2f58d258f50c314a0a40ad756db30e9e8383d9fe36bcda0171767b7074

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a006-dub-prod.krxd.net, cache-fra19144-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1625786485.099922,VS0,VE25
content-length
189
x-cache-hits
0, 0
story
capi.connatix.com/core/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
56d35f43a026b9e0af64928365c5c79e47e7fce24c70e6ec4458ef95a0e11cfc

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
otFlat.json
apnews.com/oneTrust/scripttemplates/6.17.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apnews.com/oneTrust/scripttemplates/6.17.0/assets/otFlat.json
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
tracestate
2393536@nr=0-1-2393536-885832607-7d7dd9bacaa9bb96----1625786485126
accept-language
en-US
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiN2Q3ZGQ5YmFjYWE5YmI5NiIsInRyIjoiYjUzNTUzNWRkZmE0ZjFiNzU2MGJkYjFkN2ExODFkNjAiLCJ0aSI6MTYyNTc4NjQ4NTEyNn19
sec-fetch-dest
empty
cookie
_ga=GA1.2.2140911353.1625786485; _gid=GA1.2.120959887.1625786485; _gat=1; sailthru_pageviews=1; kxvisits=1; _tb_sess_r=; OptanonConsent=isIABGlobal=false&datestamp=Fri+Jul+09+2021+01%3A21%3A25+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=eb520424-8742-495c-98fd-27cbad4195ce&interactionCount=0&landingPath=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:path
/oneTrust/scripttemplates/6.17.0/assets/otFlat.json
pragma
no-cache
traceparent
00-b535535ddfa4f1b7560bdb1d7a181d60-7d7dd9bacaa9bb96-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
tracestate
2393536@nr=0-1-2393536-885832607-7d7dd9bacaa9bb96----1625786485126
traceparent
00-b535535ddfa4f1b7560bdb1d7a181d60-7d7dd9bacaa9bb96-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiN2Q3ZGQ5YmFjYWE5YmI5NiIsInRyIjoiYjUzNTUzNWRkZmE0ZjFiNzU2MGJkYjFkN2ExODFkNjAiLCJ0aSI6MTYyNTc4NjQ4NTEyNn19

Response headers

date
Thu, 08 Jul 2021 04:13:39 GMT
content-encoding
gzip
server
Google Frontend
age
68866
etag
"ptocgQ"
content-type
application/json
x-cloud-trace-context
a58f933f732bb820499e843fc4fff955;o=1
cache-control
public, max-age=259200
content-length
3365
expires
Sun, 11 Jul 2021 04:13:39 GMT
otPcCenter.json
apnews.com/oneTrust/scripttemplates/6.17.0/assets/v2/ 		47 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apnews.com/oneTrust/scripttemplates/6.17.0/assets/v2/otPcCenter.json
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
tracestate
2393536@nr=0-1-2393536-885832607-6e1e014a5796b6fc----1625786485127
accept-language
en-US
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiNmUxZTAxNGE1Nzk2YjZmYyIsInRyIjoiNzM1MDQyYzk3ZjNmMDQzZmQzZTE4NTYwNjdmNWIyMjAiLCJ0aSI6MTYyNTc4NjQ4NTEyN319
sec-fetch-dest
empty
cookie
_ga=GA1.2.2140911353.1625786485; _gid=GA1.2.120959887.1625786485; _gat=1; sailthru_pageviews=1; kxvisits=1; _tb_sess_r=; OptanonConsent=isIABGlobal=false&datestamp=Fri+Jul+09+2021+01%3A21%3A25+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=eb520424-8742-495c-98fd-27cbad4195ce&interactionCount=0&landingPath=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:path
/oneTrust/scripttemplates/6.17.0/assets/v2/otPcCenter.json
pragma
no-cache
traceparent
00-735042c97f3f043fd3e1856067f5b220-6e1e014a5796b6fc-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
apnews.com
referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
tracestate
2393536@nr=0-1-2393536-885832607-6e1e014a5796b6fc----1625786485127
traceparent
00-735042c97f3f043fd3e1856067f5b220-6e1e014a5796b6fc-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzOTM1MzYiLCJhcCI6Ijg4NTgzMjYwNyIsImlkIjoiNmUxZTAxNGE1Nzk2YjZmYyIsInRyIjoiNzM1MDQyYzk3ZjNmMDQzZmQzZTE4NTYwNjdmNWIyMjAiLCJ0aSI6MTYyNTc4NjQ4NTEyN319

Response headers

date
Thu, 08 Jul 2021 04:00:44 GMT
content-encoding
gzip
server
Google Frontend
age
69641
etag
"ptocgQ"
content-type
application/json
x-cloud-trace-context
65d6df04702cb4c440c5d41f995062bc
cache-control
public, max-age=259200
content-length
14005
expires
Sun, 11 Jul 2021 04:00:44 GMT
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.be/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=apnews.com
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=apnews.com
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		168 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1213583501073380&correlator=3392146017901804&output=ldjh&impl=fifs&eid=31061649%2C31061757%2C21064371&vrg=2021070701&ptt=17&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=15786418%2CAPNews%2Csite%2Carticle%2Cleaderboard%2Crectangle1%2Crectangle2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C728x250%7C1x1%2C300x250%7C300x600%2C300x250&fluid=height%2C0%2C0&prev_scp=%7Chb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x600%26hb_pb_ix%3D0.01%26hb_adid_ix%3D49b8e4ad39ec1fc%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D49b8e4ad39ec1fc%26hb_bidder%3Dix%7Chb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.01%26hb_adid_ix%3D51ffa1ce56a8a2f%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D51ffa1ce56a8a2f%26hb_bidder%3Dix&eri=1&cust_params=ENVIRONMENT%3DPRODUCTION%26WEB_VERSION%3D1007-1%26Category%3DAP%2520Top%2520News%252CPolitics%252CBoston%252CNorth%2520America%252CInsurance%2520industry%252CInsurance%2520brokerage%252CTechnology%252CBusiness%252CGovernment%2520and%2520politics&cookie_enabled=1&bc=31&abxe=1&lmt=1625786451&dt=1625786485227&dlt=1625786484326&idt=629&frm=20&biw=1600&bih=1200&oid=3&adxs=650%2C1180%2C1180&adys=123%2C621%2C319&adks=3357002690%2C3265224916%2C740412024&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1%7C300x250%7C300x250&msz=300x-1%7C300x250%7C300x250&ga_vid=2140911353.1625786485&ga_sid=1625786485&ga_hid=559167668&ga_fc=false&fws=4%2C512%2C0&ohw=1360%2C0%2C0&btvi=0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d4680b6a097a0d8c52c7f526c25e34aa48ea0899ea15ef9db38c8be726c22455
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK2Zvs_O1PECFamFgwcd4rAJPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16438678501148691484/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPuZvs_O1PECFamFgwcd4rAJPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/4723254789747150609/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK2Zvs_O1PECFamFgwcd4rAJPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16438678501148691484/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPuZvs_O1PECFamFgwcd4rAJPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/4723254789747150609/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
google-creative-id
-2,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30323
x-xss-protection
0
google-lineitem-id
-2,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Thu, 08 Jul 2021 23:21:25 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://apnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E7B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 23:21:25 GMT
expires
Fri, 08 Jul 2022 23:21:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=f28b1a2e-f188-449b-83a1-de3fb7ec2aad&ntv_fl=CF4se3gYGjAPzQcMJoAeWcB0PYxwNKOla1uaCuxmF-n8N2XbZsxMFTMpdjVMHz8TEmq3hyc_uiZu5Gn-DVkVv63ivUvgUAkau4n739tN-0gaWyr-aPQK03HvbixvJYfIfAVd-ICKbsjkd8f18wSQFQNtf1SxThnKJFjf8BYmgfHKAaSUcXkGbLH2jKWt9lYViKMVqf6Tj7qfW5RhvOVpPLWxPnhTGU3dkLw47HSGtMBPQtbCgFdet1SifJIGvj34&ntv_ht=dYjnYAA&ntv_at=303,302&ntv_a=AAAAAAAAAAub8QA&ord=1625786485420&ntv_dpl=1009,1011,1028,1050,1019,101951&ntv_it
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-224-87.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:25 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097657&ntv_gdpr_consent=&ntv_it
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-224-87.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:25 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
nr-spa-1198.min.js
js-agent.newrelic.com/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1198.min.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"498f8d87fcfe5e90fda6a3ae4c47c6b0"
x-amz-request-id
1NA17EV3QPER013R
x-cache
HIT
content-length
14594
x-amz-id-2
3gEajxhz7aMSB5RG5jPyekDJ4zip2LAG71RuhVV1mnHA+OmyRv9ViFUWbY1+Bf/c32hrAIlgrq4=
x-served-by
cache-fra19120-FRA
last-modified
Fri, 29 Jan 2021 19:19:10 GMT
server
AmazonS3
x-timer
S1625786486.607608,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
73
optout_check
beacon.krxd.net/ 		62 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns._default.kxjsonp_optOutCheck
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.226.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-226-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9809085b9cca779ef02ad8dee06b80d1708ef1f09b5f00939b03e97e1669f53b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=38 t=1625786485
x-served-by
beacon-n003-dub-prod.krxd.net
content-type
text/javascript
json
trc.taboola.com/associatedpress-apnews/trc/3/ 		24 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/associatedpress-apnews/trc/3/json?tim=01%3A21%3A25.559&lti=deflated&data=%7B%22id%22%3A249%2C%22ii%22%3A%22%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1625733900268%2C%22vi%22%3A1625786485557%2C%22cv%22%3A%2220210708-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5104%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22organic-thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A605%2C%22mw%22%3A300%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Feed%20-%20Below%20Article%20Thumbnails%20-%20No%20Video%22%2C%22orig_uip%22%3A%22Feed%20-%20Below%20Article%20Thumbnails%20-%20No%20Video%22%2C%22cd%22%3A4517.578125%2C%22mw%22%3A840%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e0c4237a9bba59c773d6c71187716f568ded2254b6563e29664d0a7e117d21b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
289
date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
server
nginx
x-timer
S1625786486.571462,VS0,VE289
x-served-by
cache-hhn11578-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://apnews.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
sr
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
96cd0a2711eedbe3b0afcbebb15d4474a595a110ff82a0f4c257faf9a03945c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"925 / 644 of 1000 / last-modified: 1625782235"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24183
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:25 GMT
42faced0-089a-40bd-a990-d7612f70602b.bin
vid.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/42faced0-089a-40bd-a990-d7612f70602b.bin
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83a1d1c2b008705c6f1d8f49b9f7c55dbec6c680231c9b201f2fe4c36c22706b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 23:15:44 GMT
age
277
etag
"e6a99b6a10757ce1b4bf5820922e0c6f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
899
2.png
img.connatix.com/856755f1-5783-46f3-b422-a1d24a5c2797/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/856755f1-5783-46f3-b422-a1d24a5c2797/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4acfab39f8f96827b8ee64fcfd71aef48bbca5fdd3863015070a575b4e22b618

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
age
677699
etag
"jbW7mveMjb8YVbaUS42nMihz6eTPS2/pi+CPgm7vk1M"
access-control-max-age
86400
fastly-io-info
ifsz=3341 idim=311x360 ifmt=png ofsz=2397 odim=311x360 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
2397
fd1b3668b4
bam-cell.nr-data.net/1/ 		49 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/fd1b3668b4?a=885832607&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=2068&ck=1&ref=https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&be=1106&fe=1959&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1625786483586,%22n%22:0,%22f%22:544,%22dn%22:544,%22dne%22:545,%22c%22:545,%22s%22:550,%22ce%22:567,%22rq%22:567,%22rp%22:737,%22rpe%22:809,%22dl%22:740,%22di%22:836,%22ds%22:836,%22de%22:836,%22dc%22:1958,%22l%22:1959,%22le%22:1968%7D,%22navigation%22:%7B%7D%7D&fp=829&fcp=829&jsonp=NREUM.setToken
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVQDwsBXVJaFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoDBlIMVHRMB05WAhtDUgIMCghTAFFSBwRSBgMGVkBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
66bd0c7fab7f00a7-AMS
FreightText-SemiBold.woff2
apnews.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apnews.com/fonts/FreightText-SemiBold.woff2
Requested by
Host: apnews.com
URL: https://apnews.com/dist/index.css?hash=17a818664fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ea7b976f9278433ca1331c44ad5debbce191a6a352985ed82d5f4a9716ce9601

Request headers

sec-fetch-mode
cors
origin
https://apnews.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2140911353.1625786485; _gid=GA1.2.120959887.1625786485; _gat=1; sailthru_pageviews=1; kxvisits=1; _tb_sess_r=; OptanonConsent=isIABGlobal=false&datestamp=Fri+Jul+09+2021+01%3A21%3A25+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=eb520424-8742-495c-98fd-27cbad4195ce&interactionCount=0&landingPath=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
:path
/fonts/FreightText-SemiBold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
apnews.com
referer
https://apnews.com/dist/index.css?hash=17a818664fd
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://apnews.com
Referer
https://apnews.com/dist/index.css?hash=17a818664fd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:36:09 GMT
server
Google Frontend
age
74716
etag
"ptocgQ"
content-type
font/woff2
x-cloud-trace-context
e4fcb2b996f3a1265326d37d46cd88fc
cache-control
public, max-age=15811200
content-length
27656
expires
Fri, 07 Jan 2022 02:36:09 GMT
ao
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ps
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
mq
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/mq?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
1d213507-7d7b-44c9-a90c-1ad5b9257ea9.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/1d213507-7d7b-44c9-a90c-1ad5b9257ea9.jpg?crop=646:436,smart&width=646&height=436&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e88ca8edf146fa926d1295145a4e10ad7dc19651e8805031f1d299c9487b29c

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
age
238
etag
"Xwd8jXCqzTj/a8yjgczRMqaWA5vdisPQcgaSZAUWJ04"
access-control-max-age
86400
fastly-io-info
ifsz=973579 idim=3000x2289 ifmt=jpeg ofsz=43424 odim=646x436 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
43424
1d213507-7d7b-44c9-a90c-1ad5b9257ea9.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/1d213507-7d7b-44c9-a90c-1ad5b9257ea9.jpg?crop=300:169,smart&width=300&height=169&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bc3985af5539764db39be50303f371c3790b19eb734daaaa9f87ac183635af3c

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
age
237
etag
"z9A1JwzZGc3BKVyRiXfUTxLV4u865oIWIKUdjs67VOo"
access-control-max-age
86400
fastly-io-info
ifsz=973579 idim=3000x2289 ifmt=jpeg ofsz=11399 odim=300x169 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
11399
df8d8c77-7fd4-453b-a054-c7d2f72c2d1f.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/df8d8c77-7fd4-453b-a054-c7d2f72c2d1f.jpg?crop=300:169,smart&width=300&height=169&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01adc4af47ce665e9911b206fb0e4b4eba6df9aff321705be3072d4894d17069

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
age
237
etag
"TvNajCECdnYGLOS6Ue8bXpKI7GabP1m/IiXi8MIDPt0"
access-control-max-age
86400
fastly-io-info
ifsz=581871 idim=3000x2000 ifmt=jpeg ofsz=4581 odim=300x169 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
4581
82904243-888f-457a-aee2-aaef1847568f.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/82904243-888f-457a-aee2-aaef1847568f.jpg?crop=300:169,smart&width=300&height=169&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d847461f642ac8d81a5dea8096b98828de602496328e1de2cc39fbd6c389f5a7

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
age
237
etag
"MCDcZVaE7N8Rn7y2f7pdgo6gBG9Ad10IOZOL1DekAF4"
access-control-max-age
86400
fastly-io-info
ifsz=325014 idim=3000x2000 ifmt=jpeg ofsz=6876 odim=300x169 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
6876
fbeacbff-5260-4487-8061-d3e4f3be8e6f.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/fbeacbff-5260-4487-8061-d3e4f3be8e6f.jpg?crop=300:169,smart&width=300&height=169&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b0fac36347fd3171aa7936fbcd87f3a4a2be883f5c04e5dab6a95daf0d562d0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
age
237
etag
"prmt0RNXuObkLSTK1yPbpszdDKa1A8J44WPB0LoCOC0"
access-control-max-age
86400
fastly-io-info
ifsz=640515 idim=3000x2000 ifmt=jpeg ofsz=8904 odim=300x169 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
8904
3e54d5dc-4260-4a83-99ba-d2930a7b700b.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/3e54d5dc-4260-4a83-99ba-d2930a7b700b.jpg?crop=300:169,smart&width=300&height=169&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff25deca8fa88a1f906e470b60b5aa776d3570160f57da286e8e301fc1df3c2e

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
age
237
etag
"otU2oRKPEpDptSUehHIciJFHvU5sXy8Vw/tx/n1Uh5s"
access-control-max-age
86400
fastly-io-info
ifsz=422923 idim=3000x2000 ifmt=jpeg ofsz=7716 odim=300x169 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7716
container.html
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4006 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 23:21:25 GMT
expires
Fri, 08 Jul 2022 23:21:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 39C5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 23:21:25 GMT
expires
Fri, 08 Jul 2022 23:21:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657948508962"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021070701&st=env
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07b49891502009c6a8c28553ccf9a328edb4495577501e584ad0b14fb0514857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8567
x-xss-protection
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
4718
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5990
x-amz-id-2
LQUbK9bcw/BeW9aBkfMSGtyTj66WkCsfgscuz1T/3UaMqsD7z4lohIXaR2JIvlNQhOyWdsA0ytg=
x-served-by
cache-hhn11578-HHN
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1625786486.906744,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
x-amz-request-id
KQEA4002N2YHXJM2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
52
x-cache-hits
15764
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
26476
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
mx4KoEdupSjNAt+jydlxWIo+jwcLoLfqsfsfzf9xlc2eaDNcUDaHkWHo8F8AVeN4ILOhs1UHeT4=
x-served-by
cache-hhn11578-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1625786486.906683,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
x-amz-request-id
GZH52BA9ZE5HK19K
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
52
x-cache-hits
339338
tfa-eid.20210708-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210708-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/associatedpress-apnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd2ed7599652e573f546d626dd24f93687380b9855413651f422add0fd0210ff

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mXHWwpndWxQ6HQt7Ox1ItCLifDL4zL.T
content-encoding
gzip
etag
"f229dc1f64e47ee64185a9b2855f4f12"
age
70
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5062
x-amz-id-2
XM3z/n0B83NcdkhrjGiiUOEIWLau8x4yDsUECX5leDyi0vg3IpILtaduQpHpuMu5Yyx7aOHM9bg=
x-served-by
cache-hhn11578-HHN
last-modified
Thu, 08 Jul 2021 08:35:45 GMT
server
AmazonS3
x-timer
S1625786486.908994,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
x-amz-request-id
HC8AM8KDR3B6VNSB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
147
sha256.20210708-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210708-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/associatedpress-apnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0516ee8e84cacf9d44db9359a4662904e610f1425df69916546340d68e0aeeee

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
h72TUd0YV4Rkgih.iZEm_D8re8S_gjqG
content-encoding
gzip
etag
"f0deb7d8f35a9ec51fc2303f1dbc1d54"
age
56
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2590
x-amz-id-2
5onng+GWqHR9FsE09ekWPUB0/BiVpxjMCJwcM9OmbauuqY6fBpnIiRm087LSCsRUNExiEGdy68k=
x-served-by
cache-hhn11578-HHN
last-modified
Thu, 08 Jul 2021 08:35:57 GMT
server
AmazonS3
x-timer
S1625786486.909192,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
x-amz-request-id
RD207FFVMCN7NP7D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
98
feed-card-placeholder.20210708-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210708-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/associatedpress-apnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96790c4b776eff8c474f94b4c2fa51c74a86056628fb8cede205d2a1cf768397

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xK6EqIut9xxG0ckgLF5CS7FjAV3L.HTp
content-encoding
gzip
etag
"b5d405c8bd229af44a02cc091210f842"
age
38
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
3dmB4CSPtzYaL6kif42ZaR4RxiYRMzGy5XlBOpASZ66/dnlL4Xez+sPY0Bhr+/GyW2cXkq8CQFY=
x-served-by
cache-hhn11578-HHN
last-modified
Thu, 08 Jul 2021 08:36:17 GMT
server
AmazonS3
x-timer
S1625786486.919579,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
x-amz-request-id
089JZ5RGFD58ZYR3
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
65
userx.20210708-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210708-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/associatedpress-apnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f11f4d54ff5202c676622f2b2bbec9f3c16b1370e676ceabea7c0266803b7c8

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XblXSFh1EHZiTE_gXfMCVTbQmTmc8PEE
content-encoding
gzip
etag
"7cba96776e6b1b854101165aeceee1a7"
age
70
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7954
x-amz-id-2
r6Huq2g/LXbWlj1p38SpdiVvwci6hTsGTY+we5zJ4pbUbaoS0aNB/ICZkSgmVa1jkqrvwJ6OZr4=
x-served-by
cache-hhn11578-HHN
last-modified
Thu, 08 Jul 2021 08:35:41 GMT
server
AmazonS3
x-timer
S1625786486.930269,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
x-amz-request-id
AWEEPMT5EVKFMNPF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
26
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
27
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
zpqM1x6+Tj6AaVofODjoA7xYqVZjtO4jS9CaDnOJXVJK9rL0RqaT9tOOjFwDu+ulfgnyHlkMZh8=
x-served-by
cache-hhn11578-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1625786486.939512,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
Y5KRPEVNPJCXYEV6
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
52
x-cache-hits
27
879714ef-95c4-4d70-a731-c26c37dce99b.png
cdn.taboola.com/static/87/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/87/879714ef-95c4-4d70-a731-c26c37dce99b.png
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
980ff66bc47dac7b43521cb5103ca6f3a59acdf369655273309d7a94368816ed

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hKpRQObiryIprgZdMjz4qeaDVIV5rzzP
via
1.1 varnish
etag
"5effa0282b2882a0c7ff2f76644e1539"
age
4214
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8184
x-amz-id-2
gZcZluKOvIzO+XqH/WIV/oLYtVdG37/dBUdfqslIcJ2inNsHH85ch441TCEkY5yTlpwS/TfUjC8=
x-served-by
cache-hhn11578-HHN
last-modified
Mon, 25 Jun 2018 08:54:36 GMT
server
AmazonS3
x-timer
S1625786486.964221,VS0,VE0
date
Thu, 08 Jul 2021 23:21:25 GMT
x-amz-request-id
D3SHA2M01TWNNKGB
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
52
x-cache-hits
6
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:25 GMT
social
il-trc-events.taboola.com/associatedpress-apnews/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/associatedpress-apnews/log/3/social?route=AM:IL:V&tvi2=5434&lti=deflated&ri=1073e730fc596519524cfe25216538c0&sd=v2_f9d77c4ea229a72167e2ae413f9ea099_9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5_1625786485_1625786485_CNawjgYQieo_GLWWtMOoLyABKAEwFjjqxgdA34YQSMOG2ANQ____________AVgAYABosa_ptcr9986tAQ&ui=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&pi=/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&wi=-2834028133200981491&pt=text&vi=1625786485557&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle%22%2C%22sec%22%3A%22AP%20Top%20News%22%2C%22aut%22%3A%5B%22FRANK%20BAJAK%22%5D%2C%22img%22%3A%22https%3A%2F%2Fstorage.googleapis.com%2Fafs-prod%2Fmedia%2Fd207e3790bc44be485f5b6d0916d773a%2F2000.jpeg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A21%3A25.959&id=9380&llvl=1&cv=20210708-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 08 Jul 2021 23:21:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
il-trc-events.taboola.com/associatedpress-apnews/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/associatedpress-apnews/log/3/social?route=AM:IL:V&tvi2=5434&lti=deflated&ri=1073e730fc596519524cfe25216538c0&sd=v2_f9d77c4ea229a72167e2ae413f9ea099_9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5_1625786485_1625786485_CNawjgYQieo_GLWWtMOoLyABKAEwFjjqxgdA34YQSMOG2ANQ____________AVgAYABosa_ptcr9986tAQ&ui=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&pi=/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&wi=-2834028133200981491&pt=text&vi=1625786485557&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22link%22%2C%22nm%22%3A%22linkbox%22%2C%22c%22%3A1%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22In%20crosshairs%20of%20ransomware%20crooks%2C%20cyber%20insurers%20struggle%22%2C%22sec%22%3A%22AP%20Top%20News%22%2C%22aut%22%3A%5B%22FRANK%20BAJAK%22%5D%2C%22img%22%3A%22https%3A%2F%2Fstorage.googleapis.com%2Fafs-prod%2Fmedia%2Fd207e3790bc44be485f5b6d0916d773a%2F2000.jpeg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A21%3A25.959&id=1254&llvl=1&cv=20210708-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 08 Jul 2021 23:21:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
0065ceedd272be4f356c77c0efd2340b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0065ceedd272be4f356c77c0efd2340b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ab66b49de44d348eaa5288a9c5587b09a00ba9700d3fec7b8975056a5c9885d

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:25 GMT
via
1.1 varnish, 1.1 varnish
age
2564870
edge-cache-tag
316537730347715979765982547768343520755,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
52
expiration
expiry-date="Mon, 05 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0065ceedd272be4f356c77c0efd2340b.jpg
content-length
5818
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 04 Jun 2021 07:56:00 GMT
server
nginx
x-timer
S1625786486.992085,VS0,VE0
etag
"df192c2a5beb9f4e641af67e772d0316"
x-served-by
cache-wdc5524-WDC, cache-dca12923-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
18b750e73934b0cdc210baf492866cae.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18b750e73934b0cdc210baf492866cae.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eede0017dee78ca316f8121a6bfdb727201b149d723284ac3f490711c1f5134f

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 08 Jul 2021 23:21:25 GMT
via
1.1 varnish, 1.1 varnish
age
1183127
edge-cache-tag
378290534055236862216371466627337492190,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
52
expiration
expiry-date="Mon, 05 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18b750e73934b0cdc210baf492866cae.jpg
content-length
9452
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 04 Jun 2021 03:22:42 GMT
server
nginx
x-timer
S1625786486.992055,VS0,VE1
etag
"4d9901839846a130334a2ae49646eb7e"
x-served-by
cache-wdc5542-WDC, cache-dca12929-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff121bdcafdc5c158ef3b7b0bc3e3c8207c8b8db9ec25e6298c1a6878950493e

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:25 GMT
via
1.1 varnish, 1.1 varnish
age
2565462
edge-cache-tag
322089413535885002890087190934422546620,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
33
expiration
expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
10816
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 28 May 2021 18:09:31 GMT
server
nginx
x-timer
S1625786486.992085,VS0,VE0
etag
"b491a450215e5f41c3c5aa112a25c72e"
x-served-by
cache-wdc5553-WDC, cache-dca12925-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
81c47cd398bfb36df004c8773a22b024.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52e953fbf1910f6744c4c02762619ab6374f346c4b1ea47f11190cd662799462

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 08 Jul 2021 23:21:25 GMT
via
1.1 varnish, 1.1 varnish
age
2459966
edge-cache-tag
425835379569954214865319743616880450737,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
31
expiration
expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
content-length
5738
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 12 May 2021 09:43:14 GMT
server
nginx
x-timer
S1625786486.992051,VS0,VE1
etag
"787444fceb2177d390e176614b06edbc"
x-served-by
cache-wdc5579-WDC, cache-dca17783-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
a92987abbfe6cc13e84c7f899a8b7616.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a92987abbfe6cc13e84c7f899a8b7616.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d814faf3632614469d21e426e96e614e8a1f4406faed4724edecc1f79647749

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 08 Jul 2021 23:21:25 GMT
via
1.1 varnish, 1.1 varnish
age
1220842
edge-cache-tag
518576802508439941460603037788797432303,411341986282941711410028105536646723243,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
145
expiration
expiry-date="Fri, 16 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a92987abbfe6cc13e84c7f899a8b7616.jpg
content-length
9414
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 15 Jun 2021 11:52:04 GMT
server
nginx
x-timer
S1625786486.992029,VS0,VE1
etag
"ca11a788b223ac9cd56ce6633c4445a6"
x-served-by
cache-wdc5583-WDC, cache-dca17748-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
dc9818e24c339b0f4c066314a7bfe71e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc9818e24c339b0f4c066314a7bfe71e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
884d0c1225c835eeb68da0c793c69d4c8f3876961c8274a9744e3e9d7b330313

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 08 Jul 2021 23:21:25 GMT
via
1.1 varnish, 1.1 varnish
age
2452268
edge-cache-tag
316376964530947663731713002560942685493,411341986282941711410028105536646723243,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
28
expiration
expiry-date="Wed, 16 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc9818e24c339b0f4c066314a7bfe71e.jpg
content-length
15314
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Sun, 16 May 2021 00:23:21 GMT
server
nginx
x-timer
S1625786486.992019,VS0,VE1
etag
"08edacc775c0e1df1b8259e8c9010639"
x-served-by
cache-wdc5560-WDC, cache-dca17748-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
The-Picture-Told-the-Tale-20200927103417-20200927103417.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.crafthought.com/wp-content/uploads/2020/09/27103417/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.crafthought.com/wp-content/uploads/2020/09/27103417/The-Picture-Told-the-Tale-20200927103417-20200927103417.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
433fcdad91d9d05a84db76ae4e351d52e8ec0243689f67172331ca741359f3c5

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
2474912
edge-cache-tag
576997071064135898488816806392315387193,411341986282941711410028105536646723243,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Sun, 27 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.crafthought.com/wp-content/uploads/2020/09/27103417/The-Picture-Told-the-Tale-20200927103417-20200927103417.png
content-length
11302
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 27 May 2021 09:58:14 GMT
server
nginx
x-timer
S1625786486.024535,VS0,VE1
etag
"2bc9689c3e04db240a97f7046ce7437a"
x-served-by
cache-wdc5564-WDC, cache-dca17724-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
2000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_260%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_260%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5481f86f2d091e839c886234e27d39515ad60598c2d807ec79250a01225e9365

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
181417
edge-cache-tag
449640135473046325052155295384394087882,559791408167767404370807861924862539984,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
599
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_260%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
content-length
7520
x-request-id
7648a3c3646e1ad2406686d6124d3c5b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 06 Jul 2021 20:54:19 GMT
server
nginx
x-timer
S1625786486.035004,VS0,VE0
etag
"1f29fcbb8bd6aeb0e53a3d526351b927"
x-served-by
cache-wdc5559-WDC, cache-dca17771-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
2000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8a6b23aa6d5fc070072adce8e8c20c5173525c34186b34c45cce35a4e48c224

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
181468
edge-cache-tag
449640135473046325052155295384394087882,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
474
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
content-length
5504
x-request-id
9c0b67de2efb03ae30930c661bbdebe0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 06 Jul 2021 20:54:19 GMT
server
nginx
x-timer
S1625786486.043242,VS0,VE0
etag
"011b7ff99b0e22664c825ec0db8381a8"
x-served-by
cache-wdc5541-WDC, cache-dca12927-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5
3000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/223c1d629ed74805bb401ae4a02d0b8d/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/223c1d629ed74805bb401ae4a02d0b8d/3000.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bae0ae7c30cbe9a00435d9d895f9abbc6a58ecb66fbea89f92398a6243a35151

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
277925
edge-cache-tag
478264935070470489526526113391334663495,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
5188
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/223c1d629ed74805bb401ae4a02d0b8d/3000.jpeg
content-length
14786
x-request-id
15cafa0e7c8ea0caa7af98680f10fd68
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Mon, 05 Jul 2021 17:49:44 GMT
server
nginx
x-timer
S1625786486.043227,VS0,VE0
etag
"779a9563469f7a27acf6a07969f30198"
x-served-by
cache-wdc5573-WDC, cache-dca17729-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6
2000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/7bf8feb825744767a00162604e176de9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/7bf8feb825744767a00162604e176de9/2000.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
003067fe36f7cf90315dcfd69c0984e974db0bd5f677bfc007ef459fe5fa93bc

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
171773
edge-cache-tag
404450289657252768306346679856992419911,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
526
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/7bf8feb825744767a00162604e176de9/2000.jpeg
content-length
4862
x-request-id
598fc269b2894abb03b0d0e52091ee7c
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Tue, 06 Jul 2021 23:38:31 GMT
server
nginx
x-timer
S1625786486.043356,VS0,VE0
etag
"d2b32654a01206a8e7de1c309ca3737d"
x-served-by
cache-wdc5549-WDC, cache-dca17751-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 3
0065ceedd272be4f356c77c0efd2340b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0065ceedd272be4f356c77c0efd2340b.jpg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ab66b49de44d348eaa5288a9c5587b09a00ba9700d3fec7b8975056a5c9885d

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
2564870
edge-cache-tag
316537730347715979765982547768343520755,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
52
expiration
expiry-date="Mon, 05 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0065ceedd272be4f356c77c0efd2340b.jpg
content-length
5818
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 04 Jun 2021 07:56:00 GMT
server
nginx
x-timer
S1625786486.083450,VS0,VE0
etag
"df192c2a5beb9f4e641af67e772d0316"
x-served-by
cache-wdc5524-WDC, cache-dca12923-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
18b750e73934b0cdc210baf492866cae.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18b750e73934b0cdc210baf492866cae.jpg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eede0017dee78ca316f8121a6bfdb727201b149d723284ac3f490711c1f5134f

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
1183127
edge-cache-tag
378290534055236862216371466627337492190,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
52
expiration
expiry-date="Mon, 05 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18b750e73934b0cdc210baf492866cae.jpg
content-length
9452
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 04 Jun 2021 03:22:42 GMT
server
nginx
x-timer
S1625786486.083948,VS0,VE0
etag
"4d9901839846a130334a2ae49646eb7e"
x-served-by
cache-wdc5542-WDC, cache-dca12929-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff121bdcafdc5c158ef3b7b0bc3e3c8207c8b8db9ec25e6298c1a6878950493e

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
2565462
edge-cache-tag
322089413535885002890087190934422546620,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
33
expiration
expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
10816
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 28 May 2021 18:09:31 GMT
server
nginx
x-timer
S1625786486.084102,VS0,VE0
etag
"b491a450215e5f41c3c5aa112a25c72e"
x-served-by
cache-wdc5553-WDC, cache-dca12925-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
81c47cd398bfb36df004c8773a22b024.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52e953fbf1910f6744c4c02762619ab6374f346c4b1ea47f11190cd662799462

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
2459966
edge-cache-tag
425835379569954214865319743616880450737,485560574337720760582784915800773492179,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
31
expiration
expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
content-length
5738
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 12 May 2021 09:43:14 GMT
server
nginx
x-timer
S1625786486.084147,VS0,VE0
etag
"787444fceb2177d390e176614b06edbc"
x-served-by
cache-wdc5579-WDC, cache-dca17783-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
a92987abbfe6cc13e84c7f899a8b7616.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a92987abbfe6cc13e84c7f899a8b7616.jpg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d814faf3632614469d21e426e96e614e8a1f4406faed4724edecc1f79647749

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
1220842
edge-cache-tag
518576802508439941460603037788797432303,411341986282941711410028105536646723243,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
145
expiration
expiry-date="Fri, 16 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a92987abbfe6cc13e84c7f899a8b7616.jpg
content-length
9414
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 15 Jun 2021 11:52:04 GMT
server
nginx
x-timer
S1625786486.084209,VS0,VE0
etag
"ca11a788b223ac9cd56ce6633c4445a6"
x-served-by
cache-wdc5583-WDC, cache-dca17748-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
dc9818e24c339b0f4c066314a7bfe71e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc9818e24c339b0f4c066314a7bfe71e.jpg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
884d0c1225c835eeb68da0c793c69d4c8f3876961c8274a9744e3e9d7b330313

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
2452268
edge-cache-tag
316376964530947663731713002560942685493,411341986282941711410028105536646723243,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
28
expiration
expiry-date="Wed, 16 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc9818e24c339b0f4c066314a7bfe71e.jpg
content-length
15314
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Sun, 16 May 2021 00:23:21 GMT
server
nginx
x-timer
S1625786486.084254,VS0,VE0
etag
"08edacc775c0e1df1b8259e8c9010639"
x-served-by
cache-wdc5560-WDC, cache-dca17748-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/ Frame 90B6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ddf25ea0b1003423a1b7dc585bc2c8bc79c67a77c86a95e3c5b01e9eab870aa
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/4723254789747150609/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1317
date
Tue, 06 Jul 2021 09:53:41 GMT
expires
Wed, 06 Jul 2022 09:53:41 GMT
last-modified
Thu, 10 Jun 2021 07:55:24 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
221265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 39C5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQBMBdYjnYLuLEamLjuwP4uGm8APa8rXBY9eYs8n6DZXi2vqxCRABIOvI2gtgufjHgNwBoAGAkeGiAsgBCakCXuOVX-jcsz7gAgCoAwHIAwiqBKwCT9BWHNzR1Ocue7rum5wMqXwK1u4Ro4LJRqsZE00aSnS4vjwBDNgyfwPV3gyAS9yIGKJ-nkYq9bNFESXnt69G4nBWr4r60lLdFkPnQd8ro1-n4BV_U2V1ZTdrIHBUsPyP4O9TqMIXv9ZNcPaZqipXeZPbxt9k14gvq8qtUsXapQ78xcpAfVL618jLONy9cDrFkXAAplJsGjpNyOMjvMkBHNXZa0g6Zb0nltVPw819aHmKi2Dwq324FxBR8E6kCgytn7frHy7UTYdqg5QCXGclMSJVzAtg0LaHui2l5TPFE2DkgBMRxZVg8tIxl4RQtovt03152l7OlulRqkuXvv3uHJKnIiy87PxAEVt3fnC96sDJv6zcQHGWxheXDGj8UzaeIAI6hHLAUuw6jj13wASSsZvJuQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH6O6e3QGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQoukF0ggJCIjhgHAQARgdgAoByAsB2BMC0BUBgBcBshcaChgIABIUcHViLTk4ODg2NDg0ODczMDQ3MzQ&sigh=OckA-L_kRH0&template_id=419
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 39C5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 23:02:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 39C5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:20:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 23:20:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39C5 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:26 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 39C5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 23:18:13 GMT
l
www.google.com/ads/measurement/ Frame 39C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLH9Hn117lCZV2HVLzSnilCRTpZA1v13KDvooAFaJV75qxPgjMEUzCr8EFkvDCnp1n_SMp
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/ Frame 84CE 		73 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23bde649527f61cb0d330f3427847934c13a0728538fdbd95820f9f03538fe9d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16438678501148691484/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 08 Jul 2021 23:21:26 GMT
expires
Fri, 08 Jul 2022 23:21:26 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 12 Jun 2020 17:20:41 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 4006 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1ZkodYjnYO2KEamLjuwP4uGm8APRydnfXarl9qHpC-Pv8_0IEAEg68jaC2C5-MeA3AGgAfGZ9vsDyAEJqQJe45Vf6NyzPuACAKgDAcgDCKoEqQJP0FiBl-ND4_UFW1HSosGO4RS5W07yNlmEA4RXekSuDvl2cNnK7EX-uVzE1E1ux39YMc-8fEvTblv6-uqTO5sa2W7y20lRI5gLK7G0dbW4_o_fXAU5dHHJuxWozdxzkRIOKMN-iuFjXdvCkLFFg6coxq2N7tCJy_UfQEfExJ5kguK6UP8ZiqMLQ42r3XI9WGVo-_zwcS-0rm6Cb1rmIEPx5aOlB6Rcoop_cwfnpi_-8rvDD5HFREf8nvv7e2vnOepoXn_8LJjWAGoTH1jhaFz7wheWBddJUKCbVZWhfx5ESC4K_0n3lqFarFjvNxqkig5f5UF826_9vvwNI_MBP3iZpgVcN_qZSi6tyNyGyYJKjVI63ox42K-0j8LxyO1SXCrcKBwU0Wp4zfTABLvJhNgQ4AQBkgUECAQYAZIFBAgFGASgBi6AB_fliQSoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQl8wa0ggJCIjhgHAQARgdgAoByAsB2BMC0BUBmBYBgBcBshcaChgIABIUcHViLTk4ODg2NDg0ODczMDQ3MzQ&sigh=gJPQaZ1RBDI&template_id=419
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 4006 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 23:02:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 4006 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:20:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 23:20:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4006 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:26 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:21:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 4006 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 23:18:13 GMT
l
www.google.com/ads/measurement/ Frame 4006 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcdSaOjoCCSgBziZZNGMLpin6-lyqwhn3D_MT8PHsal99xAP-wdYFnG4uqAp-tsUMRbwiD
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3AD9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apnews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 08 Jul 2021 21:23:29 GMT
expires
Fri, 08 Jul 2022 21:23:29 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7077
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 116C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c873538e2d3ae85d1e8115eed0e0bea173955669a406d570c39cf56f7b180d07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G04PrH/BqTwF0zYyIRRHXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apnews.com/

Response headers

expires
Thu, 08 Jul 2021 23:21:26 GMT
date
Thu, 08 Jul 2021 23:21:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-G04PrH/BqTwF0zYyIRRHXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8a6b23aa6d5fc070072adce8e8c20c5173525c34186b34c45cce35a4e48c224

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
181468
edge-cache-tag
449640135473046325052155295384394087882,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
474
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
content-length
5504
x-request-id
9c0b67de2efb03ae30930c661bbdebe0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 06 Jul 2021 20:54:19 GMT
server
nginx
x-timer
S1625786486.132364,VS0,VE0
etag
"011b7ff99b0e22664c825ec0db8381a8"
x-served-by
cache-wdc5541-WDC, cache-dca12927-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6
3000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/223c1d629ed74805bb401ae4a02d0b8d/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/223c1d629ed74805bb401ae4a02d0b8d/3000.jpeg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bae0ae7c30cbe9a00435d9d895f9abbc6a58ecb66fbea89f92398a6243a35151

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
277925
edge-cache-tag
478264935070470489526526113391334663495,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
5188
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/223c1d629ed74805bb401ae4a02d0b8d/3000.jpeg
content-length
14786
x-request-id
15cafa0e7c8ea0caa7af98680f10fd68
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Mon, 05 Jul 2021 17:49:44 GMT
server
nginx
x-timer
S1625786486.132463,VS0,VE0
etag
"779a9563469f7a27acf6a07969f30198"
x-served-by
cache-wdc5573-WDC, cache-dca17729-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7
2000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/7bf8feb825744767a00162604e176de9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/7bf8feb825744767a00162604e176de9/2000.jpeg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
003067fe36f7cf90315dcfd69c0984e974db0bd5f677bfc007ef459fe5fa93bc

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
171773
edge-cache-tag
404450289657252768306346679856992419911,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
526
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/7bf8feb825744767a00162604e176de9/2000.jpeg
content-length
4862
x-request-id
598fc269b2894abb03b0d0e52091ee7c
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Tue, 06 Jul 2021 23:38:31 GMT
server
nginx
x-timer
S1625786486.132547,VS0,VE0
etag
"d2b32654a01206a8e7de1c309ca3737d"
x-served-by
cache-wdc5549-WDC, cache-dca17751-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 4
The-Picture-Told-the-Tale-20200927103417-20200927103417.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.crafthought.com/wp-content/uploads/2020/09/27103417/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.crafthought.com/wp-content/uploads/2020/09/27103417/The-Picture-Told-the-Tale-20200927103417-20200927103417.png
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
433fcdad91d9d05a84db76ae4e351d52e8ec0243689f67172331ca741359f3c5

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
2474912
edge-cache-tag
576997071064135898488816806392315387193,411341986282941711410028105536646723243,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Sun, 27 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_255%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.crafthought.com/wp-content/uploads/2020/09/27103417/The-Picture-Told-the-Tale-20200927103417-20200927103417.png
content-length
11302
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 27 May 2021 09:58:14 GMT
server
nginx
x-timer
S1625786486.132618,VS0,VE0
etag
"2bc9689c3e04db240a97f7046ce7437a"
x-served-by
cache-wdc5564-WDC, cache-dca17724-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
2000.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_260%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_260%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5481f86f2d091e839c886234e27d39515ad60598c2d807ec79250a01225e9365

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 08 Jul 2021 23:21:26 GMT
via
1.1 varnish, 1.1 varnish
age
181417
edge-cache-tag
449640135473046325052155295384394087882,559791408167767404370807861924862539984,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
599
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_260%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/afs-prod/media/066d4ad9fb0443c4b1f186f769f4dfb8/2000.jpeg
content-length
7520
x-request-id
7648a3c3646e1ad2406686d6124d3c5b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 06 Jul 2021 20:54:19 GMT
server
nginx
x-timer
S1625786486.132996,VS0,VE0
etag
"1f29fcbb8bd6aeb0e53a3d526351b927"
x-served-by
cache-wdc5559-WDC, cache-dca17771-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2891 		143 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Jul 2021 23:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 90B6 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 90B6 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 12:37:33 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 90B6 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 23:21:26 GMT
index.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/ Frame 90B6 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
479c048b9a6c05e29607e7c9f87a39eedaf829c8b459dc19c15383552089229e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
209981
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16369
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 07:55:24 GMT
server
sffe
date
Tue, 06 Jul 2021 13:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 13:01:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0314 		143 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Jul 2021 23:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 39C5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14692fdeb674408dac10f0e7a08a752f5b03c2c8e8eb9be325c0a140d10d3a01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4006 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f21a3c451af2c9dfb35e3599075097cbca03c983e28d311320b10a7eb0f8746e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
back_grapefruit_300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/ Frame 90B6 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/back_grapefruit_300x250.jpg?1622468993070
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aaa0c923a43a0cac8b3f4f1cb18dea8db20784ae26f9c24663fccd5302113e61
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
209277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61787
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 07:55:24 GMT
server
sffe
date
Tue, 06 Jul 2021 13:13:29 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 13:13:29 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 84CE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 18:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 18:13:47 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 84CE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 12:37:33 GMT
u5qa6Bce0_JDlbgkcQuMCffbH_LjsHWDv7QaTzlh7sk.js
pagead2.googlesyndication.com/bg/ Frame 3AD9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u5qa6Bce0_JDlbgkcQuMCffbH_LjsHWDv7QaTzlh7sk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb9a9ae8171ed3f24395b824710b8c09f7db1ff2e3b07583bfb41a4f3961eec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 15:14:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
115623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13289
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 16:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 15:14:23 GMT
grape.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/ Frame 90B6 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/grape.png?1622468993070
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f034d8d0cd9d9a2a24b6d1e89cb973e8295f0e2ff7b9ae9e956eb9d25efe3154
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
211543
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20479
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 07:55:24 GMT
server
sffe
date
Tue, 06 Jul 2021 12:35:43 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 12:35:43 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2891
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlCObEeXO7Brkm5Nbe3xx2Hcq7g-HZIElKpVFcpk-2rMxxkHD4PKVtOyecOhgY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Jul 2021 23:21:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 09-Jul-2021 00:21:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 08 Jul 2021 23:21:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Jul 2021 23:21:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0314
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlCObEeXO7Brkm5Nbe3xx2Hcq7g-HZIElKpVFcpk-2rMxxkHD4PKVtOyecOhgY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Jul 2021 23:21:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 09-Jul-2021 00:21:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 08 Jul 2021 23:21:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Jul 2021 23:21:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
leave.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/ Frame 90B6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/leave.png?1622468993070
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f81b3627b64108f0cf76cff067833e7128ae082b99e50ce449efbf8cc9e6f35
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
243342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7481
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 07:55:24 GMT
server
sffe
date
Tue, 06 Jul 2021 03:45:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 03:45:44 GMT
btn-lg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/ Frame 84CE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/btn-lg.png
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f8533a075cb8aec88d465d31d3e1da76c32ce4c75f155f83db3478aa2ef1052
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
222209
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3218
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 17:20:41 GMT
server
sffe
date
Tue, 06 Jul 2021 09:37:57 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 09:37:57 GMT
text2-lg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/ Frame 84CE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/text2-lg.png
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21de7f8cc9b0400ea4941db213715e2997b1c75380c0dee2df1aff3b88972f7b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1958
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 17:20:41 GMT
server
sffe
date
Thu, 08 Jul 2021 23:21:26 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Jul 2022 23:21:26 GMT
logo-xl.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/ Frame 84CE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/logo-xl.png
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d67ad7eaa996afaedde34c455d243f6792d54585f882c40768ea2ebf81df80c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
222209
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9432
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 17:20:41 GMT
server
sffe
date
Tue, 06 Jul 2021 09:37:57 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 09:37:57 GMT
text1-lg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/ Frame 84CE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/text1-lg.png
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcb67d9a1966cf84da39aa4d9b1a7f89f56bfb59efb28e32c105ba567cef9457
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
192173
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2188
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 17:20:41 GMT
server
sffe
date
Tue, 06 Jul 2021 17:58:33 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 17:58:33 GMT
sigrid-lg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/ Frame 84CE 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16438678501148691484/sigrid-lg.png
Requested by
Host: e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
URL: https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d3fec62c76ee64b16ba98307d09e0c2911cd19c0c92b54db9e3b66b587b996e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
192173
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62410
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 17:20:41 GMT
server
sffe
date
Tue, 06 Jul 2021 17:58:33 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 17:58:33 GMT
leaves_r.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/ Frame 90B6 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/leaves_r.png?1622468993070
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5f587456f5ce3d45ff3e4407644eb324f0a61c35e7f03a0d94b665ae7ee3efc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
233849
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26417
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 07:55:24 GMT
server
sffe
date
Tue, 06 Jul 2021 06:23:57 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:23:57 GMT
leaves_rb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/ Frame 90B6 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4723254789747150609/images/leaves_rb.png?1622468993070
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3196d7a62bb14115f74402b9b7b4e1dd13a1839417277045ff24bcf213f7b355
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
261525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16138
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 07:55:24 GMT
server
sffe
date
Mon, 05 Jul 2021 22:42:41 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 22:42:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021070701&jk=1213583501073380&bg=!c3ClcDTNAAbV4AdB1eA7ACkAdvg8WqzzPFrhHp22_V2LUbcpQSYe9qApaYtJ0S4Q7ECLB9vqgZUDVQIAAACdUgAAAAtoAQcKALB3SDHPBry5szu0-qB1KZC89Dy0cDu-Y6m467eSTsXGixv1IsEtD29zChury7W_B2ijD-2lWnbTrE4sAjycTpqZbgtvP-2Bg7LQAJeYIm3UCEH3RrouYx6E0kK-I6wBKhNib843rGwU4gTN01tosX5TaGfZQuDPi5W9yocVA3uYdTHNkjsXKaQ8kIYC0sIM-ohoj7kanKI1Aj_h1zDWZBEkyQm7ndXkTjseivtm6bmfUpkCbWD0-fYTYl4VxVv957E68rHwVJZkeJeDh5urQZ6k_f-0MeT5V3r3QBnyn3iy1eh_EIE22xfZBgozN6sQb5-2WoDGNH5kblMGPUGUtRqNLO70n9Y565qp1nZ_XGQKwYVMh98UNvfigYE2fAKEixl_bi9znK3NKiTmoyU1BoJDp_zE82o0Hes3ap27QpZ2qm5AzG9A5KWCnqbB3iRW93HHtqlbrQHKGWuS4jYf2id2c3gZI4g0AoYrvbdYHw9_NCCjO9SWhaMvbXzR1FoA5Fq9P4AnypJaoWfjzTfMuDzqAkC5F6vghiQ9zIfwylaTg808BhWsmrfy3l8JbrlnD6PQOc59nYzLMYryZTKH_oxQPXzL8OoM3TZ-EqH4lnd5s_tsb84wnWyzMIB-0wqmVqaV53uLjqK8FQrSlf9f2Lu4pCw5Vv2Ufuc3mkCjM4Nl2wqmEJIkXufBRW1h0RAJziq_WTFapL50r4wl69ySiPLUcVZ5ohXE9bDO-CrU4VXAmpXzqaqwWp5M2ay0F-m0ryHEqU4ljUZNPFVdd1KVR1ow33JPT03InzKitpzYad95GesqyCYXkS53h5FcgwK1ncG1dOjQqPYIrzQPQLq0kR4UyJha-QGY4EHiljh1pSAYbsoMVQr32oITKa97MlmfWqPHooRqWrHyt4-HwAEZ77a9uGVVlUkgHU371iOT_trJzuQO5eWX6SirQetbElzB0TQn8bQ3zrV7t-QJKnuQx38hWeRtXEeRRbKJZpWIKv9TnilJGPxfsfmZo7AG2GGxm9bk7l1YGbn_IlF4cTwrrYSsp5u0sTQ-8UJK8uVymsXjBQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/associatedpress-apnews/log/3/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/associatedpress-apnews/log/3/bulk?tvi2=5434&route=AM%3AIL%3AV&lti=deflated&bulkSize=5
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
57
pragma
no-cache
date
Thu, 08 Jul 2021 23:21:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1625786487.975879,VS0,VE57
x-served-by
cache-hhn11578-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://apnews.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/associatedpress-apnews/log/3/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/associatedpress-apnews/log/3/visible?tvi2=5434&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
54
pragma
no-cache
date
Thu, 08 Jul 2021 23:21:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1625786487.041893,VS0,VE54
x-served-by
cache-hhn11578-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://apnews.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: apnews.com
URL: https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
24295
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Olb+YyDQBKGh7cwueQ5LeIGsXnGNg1fxi90sFl9BDpDVxzFbv82yCyTcgo7/5nBaVt7MgHnSa+E=
x-served-by
cache-hhn11578-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1625786487.087314,VS0,VE0
date
Thu, 08 Jul 2021 23:21:27 GMT
x-amz-request-id
5QBDV5MFESKPZMG3
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
52
x-cache-hits
21342
activeview
pagead2.googlesyndication.com/pcs/ Frame 39C5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstL9M6zAzYW9QfqzIYXvvm-6zAZ3qkWlaEM9LqBHNjhU9F228OjQs42WtDp7okc6zESO6faJqHbny6bMjpgET42ewDO7v_O0Y5Hfkm8Y5MyiDON3pJyZsC1XzGbthTxEcYBbXidLRO-UaNXcWerHqWb&sai=AMfl-YTu22OMgAKGVpafFyh96tDbi0T3w8WWutmhr30bzcFmCWbboY0As11VgqC3ecQrbG-6uGBF58AOVl81JrhsvsCkEThVctFcAnf8xxsJngJogs7urW85TljyXRE-5G0&sig=Cg0ArKJSzCHeZImhgzciEAE&cid=CAASPeRo7tBvK90QjEdawxt-mfhLTt4CZ-5-RT7V7lVT4t0kzSuFvMLj_Gr_FwJRnGZvZo_IQ5j2BpWzgkZpPCw&id=lidar2&mcvt=1000&p=485,1180,735,1480&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210707&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=740412024&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625786485880&dlt=65&rpt=340&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sv
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sv?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
sync.php
pixel.rubiconproject.com/exchange/ Frame 9EF1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 9EF1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=I5pGpRMAgJN5&ev=1&orig=trc&pid=562107
0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=I5pGpRMAgJN5&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 08 Jul 2021 23:21:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
3871

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=I5pGpRMAgJN5&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-hn2gw
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 9EF1
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6382237004404105658&orig=trc
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6382237004404105658&orig=trc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Thu, 08 Jul 2021 23:21:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
3896

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:27 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
da3a515b-9ca1-4017-b64f-7127d62048ff
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6382237004404105658&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9EF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKU94WaUuIcxC_A0eKX1qRU&google_cver=1
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKU94WaUuIcxC_A0eKX1qRU&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
65
date
Thu, 08 Jul 2021 23:21:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1625786488.999250,VS0,VE65
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11578-HHN

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKU94WaUuIcxC_A0eKX1qRU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9EF1 		42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:270
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 9EF1
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7
tbl-x-upstream
10.41.10.104:10213
date
Thu, 08 Jul 2021 23:21:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
3896
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9EF1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c1d6e43-93df-4a82-953f-20f31675ff4b
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c1d6e43-93df-4a82-953f-20f31675ff4b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
52
date
Thu, 08 Jul 2021 23:21:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1625786488.092047,VS0,VE52
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11578-HHN

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c1d6e43-93df-4a82-953f-20f31675ff4b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 9EF1 		43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:27 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 9EF1 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-589cbd599f-h8jcm
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 9EF1 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:27 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 9EF1 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:27 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9EF1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4a421cee-498d-4e20-b8f0-69a98ab90911
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4a421cee-498d-4e20-b8f0-69a98ab90911
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 08 Jul 2021 23:21:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
3854

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 08 Jul 2021 23:21:27 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4a421cee-498d-4e20-b8f0-69a98ab90911
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3240
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 08 Jul 2021 00:00:00 GMT
6.gif
id5-sync.com/c/464/108/2/ Frame 9EF1
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOaAXgS-PwgBJxUEoOw9jC9IxEt_y7QOzSQpDg-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOaAXgS-PwgBJxUEoOw9jC9IxEt_y7QOzSQpDg-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=f0dc6808-94b2-43c5-999e-9b6258f7e567&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPLhJaPZKp2nZ_cpjGpj7eg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6382237004404105658&opid=apx&ops=&utidl=tech:goo:CAESEPLhJaPZKp2nZ_cpjGpj7eg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18826157233&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=9e7a5ff0cc6f879e3c36cf93bf806db0&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=e170d268-0773-4504-98c0-21dc1b6ed16f&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/2/6.gif?puid=7d455a0d-b36f-4c7e-a683-d0ed05cca6b9&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/108/2/6.gif?puid=7d455a0d-b36f-4c7e-a683-d0ed05cca6b9&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.228.227.58 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 23:21:29 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/464/108/2/6.gif?puid=7d455a0d-b36f-4c7e-a683-d0ed05cca6b9&gdpr=1&gdpr_consent=
date
Thu, 08 Jul 2021 23:21:29 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 9EF1
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=o6inVX6xCfOboxDveIjnYA
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=o6inVX6xCfOboxDveIjnYA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Thu, 08 Jul 2021 23:21:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11807

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=o6inVX6xCfOboxDveIjnYA
date
Thu, 08 Jul 2021 23:21:28 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 9EF1 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 08 Jul 2021 23:21:21 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9EF1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=71de3f73d2fd4516a21eaeb87566a19b&ssp=taboola&bsw_param=b601acac-3399-4085-95d3-37f4957f358e&gdpr=0&consent=&gdpr_pd=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b601acac-3399-4085-95d3-37f4957f358e
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b601acac-3399-4085-95d3-37f4957f358e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Thu, 08 Jul 2021 23:21:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7185

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b601acac-3399-4085-95d3-37f4957f358e
date
Thu, 08 Jul 2021 23:21:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9EF1
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd&tbid=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7&query=taboola_hm%3D18b7c76b-db2e-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd&tbid=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7&query=taboola_hm%3D18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1625786488.267027,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11578-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd&tbid=618bd5e3-3f85-4b4b-a824-e44be02fc952-tuct7e10df7&query=taboola_hm%3D18b7c76b-db2e-4e1e-b8b8-6bf27aca63cd&isDirect=0
tbl-x-upstream
10.41.10.199:10213
date
Thu, 08 Jul 2021 23:21:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
5502
sd
u.openx.net/w/1.0/ Frame 9EF1 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:28 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 9EF1
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=832c38ca-bc8a-52be-bcf0-6abbdc17e2c3
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=832c38ca-bc8a-52be-bcf0-6abbdc17e2c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Thu, 08 Jul 2021 23:21:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
3863

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=832c38ca-bc8a-52be-bcf0-6abbdc17e2c3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 9EF1 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-224-87.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:27 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 9EF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=819jFZweQvOG3C664PWD9A&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&ui=819jFZweQvOG3C664PWD9A
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&ui=819jFZweQvOG3C664PWD9A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Thu, 08 Jul 2021 23:21:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
3864

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&ui=819jFZweQvOG3C664PWD9A
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9EF1
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.83.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 08 Jul 2021 23:21:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cZudbZahPOBsYvDOdnPtkk7eaBsnPiYA
content-encoding
gzip
etag
"be95692a7dfb1dc3e8629518230a5ec3"
age
28173
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
899
x-amz-id-2
r6l3tKy2bpJUs2hDEPModElWrdrPvnCgDH9URgDwWqurcptvZXS47FQLozu4toPKdKPNOpwdjow=
x-served-by
cache-hhn11578-HHN
last-modified
Wed, 09 Jun 2021 22:03:44 GMT
server
AmazonS3
x-timer
S1625786488.912638,VS0,VE0
date
Thu, 08 Jul 2021 23:21:27 GMT
vary
Accept-Encoding
x-amz-request-id
MX4Q6N7CBJ0TZF9W
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
52
x-cache-hits
645491
/
pips.taboola.com/ 		64 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:27 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19175-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://apnews.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=9fb89a44-299a-4677-a739-ab4ac3453e0f-tuct7e10df5&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 08 Jul 2021 23:21:28 GMT
Cache-Control
no-store
Server
nginx
Connection
close
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Jul 2021 23:21:28 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9e8b2065-97f3-4907-b557-aef5074fb073&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHYR9Oxi5xjmpoi1VeY-Da0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHYR9Oxi5xjmpoi1VeY-Da0&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:28 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 23:21:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHYR9Oxi5xjmpoi1VeY-Da0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame F811 		291 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=apnews.com
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=apnews.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=4a421cee-498d-4e20-b8f0-69a98ab90911
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apnews.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3305
set-cookie
uid=4a421cee-498d-4e20-b8f0-69a98ab90911; expires=Fri, 08 Jul 2022 23:21:27 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 08 Jul 2021 23:21:28 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Jul 2021 23:21:28 GMT
debug
il-trc-events.taboola.com/associatedpress-apnews/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/associatedpress-apnews/log/2/debug?tim=01%3A21%3A30.931&type=warn&msg=Load%20publisher%20card%3A%20Split%201%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20%23div-gpt-ad-1470255291270-X%20failed%20after%205%20retries&id=8645&cv=20210708-5-RELEASE&lt=deflated&idx=pc&pc=Split%201&st=0&sel=%23div-gpt-ad-1470255291270-X&slot=5&plat=DESK
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
59513
ad4dfdc9-bafe-4f97-bf8f-e707b5d9a393.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ad4dfdc9-bafe-4f97-bf8f-e707b5d9a393.jpg?crop=300:169,smart&width=300&height=169&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c11258c03c80911eada8b5f4614e5214df0b491e0ddb61ac56c86bc1c4cccfb8

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:31 GMT
age
238
etag
"3vC4IVjMBjj1KA//0kDwDUmeja0idzHO2V0vh/8f9V8"
access-control-max-age
86400
fastly-io-info
ifsz=761770 idim=3000x2323 ifmt=jpeg ofsz=9826 odim=300x169 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9826
82904243-888f-457a-aee2-aaef1847568f.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/82904243-888f-457a-aee2-aaef1847568f.jpg?crop=646:436,smart&width=646&height=436&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5caa796413b1c80c2d35d054896901bf4b181a4c9a669d54defad46d099e05e7

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:32 GMT
age
244
etag
"upu/KTZW8cmjAB/bA/2kWLBdY+cqzzqrn7mJp5Ui8jE"
access-control-max-age
86400
fastly-io-info
ifsz=325014 idim=3000x2000 ifmt=jpeg ofsz=21134 odim=646x436 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21134
st
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
fd1b3668b4
bam-cell.nr-data.net/events/1/ 		24 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/fd1b3668b4?a=885832607&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=12068&ck=1&ref=https://apnews.com/article/kaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 08 Jul 2021 23:21:35 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://apnews.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
66bd0cbdea6100a7-AMS
Content-Length
24
3e54d5dc-4260-4a83-99ba-d2930a7b700b.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/3e54d5dc-4260-4a83-99ba-d2930a7b700b.jpg?crop=646:436,smart&width=646&height=436&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
46b610909c02047038751a87fa8989e966a68d157588f99c6966a86c757129c8

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:38 GMT
age
251
etag
"7/4m5mGyg2t6O3BBGsOzN6iaHlV50uiL1AlX8/alMBM"
access-control-max-age
86400
fastly-io-info
ifsz=422923 idim=3000x2000 ifmt=jpeg ofsz=21959 odim=646x436 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21959
st
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ad4dfdc9-bafe-4f97-bf8f-e707b5d9a393.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ad4dfdc9-bafe-4f97-bf8f-e707b5d9a393.jpg?crop=646:436,smart&width=646&height=436&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
185207229b83a35c5dcfebcf8998f3a733915f4e6791bec8bbef7aeff7248cdf

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:45 GMT
age
251
etag
"GaM5OezS77Pq4XwJFOMEWXWBh979OhFN+ol41mtzgyc"
access-control-max-age
86400
fastly-io-info
ifsz=761770 idim=3000x2323 ifmt=jpeg ofsz=37059 odim=646x436 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
37059
fbeacbff-5260-4487-8061-d3e4f3be8e6f.jpg
img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0aafcc17-5299-4bc7-8873-57f6f5fcf912/fbeacbff-5260-4487-8061-d3e4f3be8e6f.jpg?crop=646:436,smart&width=646&height=436&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb41df5dca003cc1c883f40a6b0593ec460248147b218e4d66e18ff456d471f8

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 23:21:51 GMT
age
264
etag
"RF2VM8vQzdOEtTHvAcaLFVP1IvTxLqrcKDg98sUU1/Y"
access-control-max-age
86400
fastly-io-info
ifsz=640515 idim=3000x2000 ifmt=jpeg ofsz=31476 odim=646x436 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
31476
st
capi.connatix.com/tr/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=123018
Requested by
Host: apnews.com
URL: https://apnews.com/newrelic/newrelic.browser.prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.117.14.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-117-14-33.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Jul 2021 23:21:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://apnews.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| titanium-config object| titanium-cacheConfig number| __mobxInstanceCount object| __mobxGlobals number| 2f1acc6c3a606b082e5eef5e54414ffb string| GoogleAnalyticsObject function| ga function| _ object| ntvConfig object| _comscore object| dataLayer object| _prx object| _newsroom object| googletag object| _taboola object| NREUM object| newrelic function| __nr_require function| udm_ object| ns_p object| COMSCORE object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| google_tag_manager number| newsroomStartsLoadingTime object| tbNewsroom object| TRC object| _tblConsole undefined| msg string| pm_pgtp object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| pbjs number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD object| SHOW_ADS_ON_PAGE_LOAD boolean| IS_PREBID_LEGACY function| pbjsChunk object| _pbjsGlobals object| Sailthru object| ggeac object| google_js_reporting_queue object| otStubData undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| Krux function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TBUtils object| TRCImpl boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd object| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| _tb_ext_xp function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| Criteo function| cnxps object| cnx_usr_storage object| _pmk function| TBWidgetFacebook function| TBWidgetLinkbox function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| hh object| _pm_mcg object| Optanon object| OneTrust object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id number| taboola_view_id object| tbopt object| player_instance_6ce89888876a44fbb08300ec91262e39 object| cnxPlugins object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| placementData object| GoogleGcLKhOms string| nam function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _tfa object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_109 object| Criteo_prebid_109

8 Cookies

Domain/Path Name / Value
apnews.com/ Name: kxvisits
Value: 1
apnews.com/ Name: sailthru_pageviews
Value: 1
.apnews.com/ Name: _gat
Value: 1
.apnews.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Jul+09+2021+01%3A21%3A25+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=eb520424-8742-495c-98fd-27cbad4195ce&interactionCount=0&landingPath=https%3A%2F%2Fapnews.com%2Farticle%2Fkaseya-ransomware-attack-0705-4c2272cdd428ddfa1f3644d513566c06&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.apnews.com/ Name: _ga
Value: GA1.2.2140911353.1625786485
apnews.com/ Name: _tb_sess_r
Value:
.apnews.com/ Name: _gid
Value: GA1.2.120959887.1625786485
apnews.com/article Name: ntvSession
Value: {}

1 Console Messages

Source Level URL
Text
console-api warning URL: https://apnews.com/dist/index.js?hash=17a818664fd(Line 2)
Message:
[mobx.array] Attempt to read an array index (9) that is out of bounds (9). Please check length first. Out of bound indices will not be tracked by MobX

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.betweendigital.com
ads.creative-serving.com
adservice.google.be
adservice.google.com
ak.sail-horizon.com
ap.lijit.com
apnews.com
associatedpress-d.openx.net
bam-cell.nr-data.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
bttrack.com
c2.taboola.com
c2shb.ssp.yahoo.com
capi.connatix.com
cd.connatix.com
cdn.krxd.net
cdn.taboola.com
cds.connatix.com
cds.taboola.com
ce.lijit.com
click.email.sans.org
cm.g.doubleclick.net
code.jquery.com
consumer.krxd.net
cookie-matching.mediarithmics.com
dis.criteo.com
e1.emxdgt.com
e4fbcbe6ebde3b6f77a570bbc2d32d45.safeframe.googlesyndication.com
eb2.3lift.com
eu-u.openx.net
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
il-trc-events.taboola.com
images.taboola.com
img.connatix.com
inv-nets.admixer.net
jadserve.postrelease.com
js-agent.newrelic.com
match.adsrvr.org
match.taboola.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.rubiconproject.com
pixel.tapad.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s.ntv.io
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.taboola.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
us-u.openx.net
vid.connatix.com
widget.perfectmarket.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
13.225.87.63
13.225.87.76
13.248.242.197
136.147.189.155
141.226.224.32
141.226.228.48
142.250.181.226
142.250.186.130
146.0.227.107
151.101.114.137
151.101.13.27
151.101.14.133
151.101.14.137
151.101.193.181
151.101.194.137
152.228.227.58
162.247.243.147
172.105.235.90
178.250.0.163
178.250.2.131
18.117.14.33
18.195.155.181
18.195.240.234
18.198.115.155
185.106.33.48
185.33.220.145
185.64.190.80
185.86.137.131
188.42.196.115
192.132.33.46
198.148.27.139
199.232.137.44
2.18.232.130
2.18.234.163
2.21.111.28
2001:4860:4802:38::15
2001:4de0:ac18::1:a:3b
213.19.162.31
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2010
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9b
2a02:2638:1::13
2a02:2638::3
2a04:4e42:3::300
3.120.83.159
35.153.224.87
35.156.223.207
35.157.246.167
35.157.83.29
35.227.248.159
35.244.159.8
51.83.111.34
52.50.226.72
52.59.30.175
54.171.173.220
69.173.144.138
72.251.249.9
003067fe36f7cf90315dcfd69c0984e974db0bd5f677bfc007ef459fe5fa93bc
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
01adc4af47ce665e9911b206fb0e4b4eba6df9aff321705be3072d4894d17069
0516ee8e84cacf9d44db9359a4662904e610f1425df69916546340d68e0aeeee
07b49891502009c6a8c28553ccf9a328edb4495577501e584ad0b14fb0514857
08e0732e5f69f67184d5e8ee7653bf7864256a3576f45916dee1ee22e81ce1ec
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c003108dfa02b1a2ec9b255ed79d9f4bad0b07690342391b19f86536aa103bf
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d814faf3632614469d21e426e96e614e8a1f4406faed4724edecc1f79647749
104ad5631006a4fc099be12c521b4c7509fc92dd32aafd49d7e524897d50ba8b
14692fdeb674408dac10f0e7a08a752f5b03c2c8e8eb9be325c0a140d10d3a01
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185207229b83a35c5dcfebcf8998f3a733915f4e6791bec8bbef7aeff7248cdf
1f81b3627b64108f0cf76cff067833e7128ae082b99e50ce449efbf8cc9e6f35
21de7f8cc9b0400ea4941db213715e2997b1c75380c0dee2df1aff3b88972f7b
221e8fc7cd602e443e8ce468ca5066d2f59d05b7df65d3a7bb6a7813de0f928a
23bde649527f61cb0d330f3427847934c13a0728538fdbd95820f9f03538fe9d
25fdcfaba23fd7e54fa56634fc1d854d48f6e4b55f47b8f781f1f5cdbfd83dee
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
2a5c96e7fbbef892658dda404afd9664fb70a57bff4405d5e87848bb25832c7a
2ef5ec07feb9dad9feb40eda2b8bca5d4253a16dcf05e4bd2098bef0c8b2cf14
3196d7a62bb14115f74402b9b7b4e1dd13a1839417277045ff24bcf213f7b355
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b0fac36347fd3171aa7936fbcd87f3a4a2be883f5c04e5dab6a95daf0d562d0
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
433fcdad91d9d05a84db76ae4e351d52e8ec0243689f67172331ca741359f3c5
441bb139aace6cb80928e294b6fd85ef1426c4831c5fdec14d2d3cf12ea7b3bf
44e7420df69eb936a5f70ac3bde3cd06307690d0eda5414a41803bdc29184a99
46b610909c02047038751a87fa8989e966a68d157588f99c6966a86c757129c8
479c048b9a6c05e29607e7c9f87a39eedaf829c8b459dc19c15383552089229e
4acfab39f8f96827b8ee64fcfd71aef48bbca5fdd3863015070a575b4e22b618
4ad82f0b93c49fd1fe91612de0f72521e67d28f549c7161cb259d9c90f72d212
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5136f8e69ad8af782a107706b0d405de9fc9d6161e43abb13154e01b0c0a37f4
52a99906c963b17f532611544f84fe6862238dea726da107017b279ff7d1a896
52e953fbf1910f6744c4c02762619ab6374f346c4b1ea47f11190cd662799462
5481f86f2d091e839c886234e27d39515ad60598c2d807ec79250a01225e9365
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
56d35f43a026b9e0af64928365c5c79e47e7fce24c70e6ec4458ef95a0e11cfc
5ad2b4bcec8294c787a2685339b58247b67fded6ea3b555869ca59abefd10cbf
5b325763ef2fbb278d2c1d5b63dd792561b21c347493fe64e28d5a8c8e6c5088
5caa796413b1c80c2d35d054896901bf4b181a4c9a669d54defad46d099e05e7
5ddf25ea0b1003423a1b7dc585bc2c8bc79c67a77c86a95e3c5b01e9eab870aa
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f11f4d54ff5202c676622f2b2bbec9f3c16b1370e676ceabea7c0266803b7c8
60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9
6328fec469f37d900b4daff374c86df2e467a1016ab705a1d681c950990b551a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d67ad7eaa996afaedde34c455d243f6792d54585f882c40768ea2ebf81df80c
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7ab66b49de44d348eaa5288a9c5587b09a00ba9700d3fec7b8975056a5c9885d
818ad24001f1eb0eca00da02206812791242abe3c274c0df9990ce77feff0ed1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83a1d1c2b008705c6f1d8f49b9f7c55dbec6c680231c9b201f2fe4c36c22706b
884d0c1225c835eeb68da0c793c69d4c8f3876961c8274a9744e3e9d7b330313
886e93930716f3ca88e4adeb706b6631994435fc44b1150265d6980d97089f0f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e0931e981daaee6451becc26f223146e8b9a69497256351afa321e03d1831a8
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a
96790c4b776eff8c474f94b4c2fa51c74a86056628fb8cede205d2a1cf768397
96cd0a2711eedbe3b0afcbebb15d4474a595a110ff82a0f4c257faf9a03945c8
9809085b9cca779ef02ad8dee06b80d1708ef1f09b5f00939b03e97e1669f53b
980ff66bc47dac7b43521cb5103ca6f3a59acdf369655273309d7a94368816ed
9d3fec62c76ee64b16ba98307d09e0c2911cd19c0c92b54db9e3b66b587b996e
9e0c4237a9bba59c773d6c71187716f568ded2254b6563e29664d0a7e117d21b
9e88ca8edf146fa926d1295145a4e10ad7dc19651e8805031f1d299c9487b29c
9f7adfbf63c029c783a6fa8155cc2df00e86567281a97e91d5c22c3e59e53827
9f8533a075cb8aec88d465d31d3e1da76c32ce4c75f155f83db3478aa2ef1052
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3174aff15d49f1f547a5cac87d90fbf8d39f1e29d134a07a95501db4e40dfbe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5f587456f5ce3d45ff3e4407644eb324f0a61c35e7f03a0d94b665ae7ee3efc
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aaa0c923a43a0cac8b3f4f1cb18dea8db20784ae26f9c24663fccd5302113e61
ad04d08fecaeaf5b047fbd26d37ceef8c43e9f1bc2c61334cdc610e5fe3e8b4c
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae9769560970a5e09a659887213c4880b746a3963917917532aa213643244e96
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b085e7693b6f6fb986fbf421eb0c5cb7defcb4452a7c0bc9adc15308521e1e2b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734
b72ccbde319eb21e476400b3feb71b8386910c6eb042f55b99da0e5115dba487
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b90b1c2f58d258f50c314a0a40ad756db30e9e8383d9fe36bcda0171767b7074
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
bae0ae7c30cbe9a00435d9d895f9abbc6a58ecb66fbea89f92398a6243a35151
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9a9ae8171ed3f24395b824710b8c09f7db1ff2e3b07583bfb41a4f3961eec9
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc3985af5539764db39be50303f371c3790b19eb734daaaa9f87ac183635af3c
bdc224ebe1d589629af4b0896c21c0e56bc2a9f3c9669ffa4708ec1500f63582
be727f15246701502f7954f1016a353fbf623dc2a7c257b82297d788e183689f
c11258c03c80911eada8b5f4614e5214df0b491e0ddb61ac56c86bc1c4cccfb8
c28e0d8918950240a3a0b409a3595681dc0f293b947b705b05af9d360b95cdfa
c30f04d7cf6225e95f7247843557bb69f381f19788edf3cf5282953d3983ea04
c70101e968861bad0dc3bc8b55dc8c08f894071aabbb57527c13c188ff3a6a9b
c873538e2d3ae85d1e8115eed0e0bea173955669a406d570c39cf56f7b180d07
c8a6b23aa6d5fc070072adce8e8c20c5173525c34186b34c45cce35a4e48c224
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d4680b6a097a0d8c52c7f526c25e34aa48ea0899ea15ef9db38c8be726c22455
d5735d675f5a46206c36981345581e15a1acfa2afe6078c70d0add1d2d1a02c5
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6ad8cf433a682e255fe211cab7e00ae66f4a06317b05b135d45868fc47d46ad
d847461f642ac8d81a5dea8096b98828de602496328e1de2cc39fbd6c389f5a7
da67da5bbeee3570ef5d9fbc28527775350d29675ff49f2a476d3d75062ba89f
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dd2ed7599652e573f546d626dd24f93687380b9855413651f422add0fd0210ff
e25bf7009f70dd4c8698009e3e64c3f500428c17dc60be93043a8afdcc8a1507
e36462ad5523a496b43312dbc6d87bac22c47d999c6ee651d878c5de837bab1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2b4278cdc177d7eb89f24fc39758709acb0b56c52d251eb79bccd7a4b90db4
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
ea7b976f9278433ca1331c44ad5debbce191a6a352985ed82d5f4a9716ce9601
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb41df5dca003cc1c883f40a6b0593ec460248147b218e4d66e18ff456d471f8
ed384b5afd77338386a1c9daef1a72417f3d9de3491323f6516bdd81c084fb04
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31
eede0017dee78ca316f8121a6bfdb727201b149d723284ac3f490711c1f5134f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f034d8d0cd9d9a2a24b6d1e89cb973e8295f0e2ff7b9ae9e956eb9d25efe3154
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f21a3c451af2c9dfb35e3599075097cbca03c983e28d311320b10a7eb0f8746e
f48b3f47dd23791e1a0094ca1f32e2b7c4f77bb76474568d491c7395677b1f7c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f68263fe5b5625d43e191628f6f6f46a24e7240d7601fccba4ffbc2afe27754d
f9baa472b88cf1b14d66ecb3d392bd4ac185e64606118d89b88ffc13f7248794
fb0df9de67b174603094389dc19eb0e8c3c266f1b14db50c70d26135d70a0b94
fc888e0597964954fb2b66e42c623a73b28637b32ca0fe2dc4794685d2b718ff
fcb67d9a1966cf84da39aa4d9b1a7f89f56bfb59efb28e32c105ba567cef9457
ff121bdcafdc5c158ef3b7b0bc3e3c8207c8b8db9ec25e6298c1a6878950493e
ff25deca8fa88a1f906e470b60b5aa776d3570160f57da286e8e301fc1df3c2e