www.itworldcanada.com Open in urlscan Pro
64.140.127.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Submission Tags: falconsandbox
Submission: On December 07 via api (December 7th 2020, 2:44:56 pm UTC) from US

Summary HTTP 193 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 18 domains to perform 193 HTTP transactions. The main IP is 64.140.127.168, located in London, Canada and belongs to START-, CA. The main domain is www.itworldcanada.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 28th 2020. Valid for: 3 months.

This is the only time www.itworldcanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	64.140.127.168 64.140.127.168	40788 (START-) (START-)
3	95.100.80.173 95.100.80.173	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
11	2600:9000:210... 2600:9000:2104:c400:3:dffb:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.218.220.0 52.218.220.0	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
14	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
14	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	178.62.192.243 178.62.192.243	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	64.140.127.183 64.140.127.183	40788 (START-) (START-)
4	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	64.140.127.175 64.140.127.175	40788 (START-) (START-)
3	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
4	64.140.127.151 64.140.127.151	40788 (START-) (START-)
39	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1 1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
193	30

38 64.140.127.168 (London, Canada)

ASN40788 (START-, CA)

www.itworldcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.100.80.173 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-80-173.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2104:c400:3:dffb:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.itworldcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.220.0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

933e4121f575eff24ca5bd58343ae40a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

itworldcanada.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.192.243 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 64.140.127.183 (London, Canada)

ASN40788 (START-, CA)

messagent.itworldcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.140.127.175 (London, Canada)

ASN40788 (START-, CA)

tools.itwc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.140.127.151 (London, Canada)

ASN40788 (START-, CA)

bb.itwc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	itworldcanada.com www.itworldcanada.com i.itworldcanada.com messagent.itworldcanada.com	4 MB
43	twimg.com cdn.syndication.twimg.com pbs.twimg.com abs.twimg.com ton.twimg.com	473 KB
19	googlesyndication.com 933e4121f575eff24ca5bd58343ae40a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	404 KB
15	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	121 KB
8	cloudflare.com cdnjs.cloudflare.com	76 KB
8	googletagservices.com www.googletagservices.com	219 KB
8	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	109 KB
5	itwc.ca tools.itwc.ca bb.itwc.ca	27 KB
5	iubenda.com cdn.iubenda.com www.iubenda.com hits-i.iubenda.com	103 KB
4	jsdelivr.net cdn.jsdelivr.net	8 KB
4	disqus.com itworldcanada.disqus.com disqus.com	34 KB
4	google.com 1 redirects adservice.google.com www.google.com	317 B
4	google-analytics.com 1 redirects ssl.google-analytics.com	51 KB
3	disquscdn.com c.disquscdn.com	230 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	35 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	google.de adservice.google.de www.google.de	276 B
2	amazonaws.com s3-us-west-2.amazonaws.com	28 KB
193	18

	Domain	Requested by
38	pbs.twimg.com	www.itworldcanada.com platform.twitter.com
38	www.itworldcanada.com	www.itworldcanada.com securepubads.g.doubleclick.net
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.itworldcanada.com
11	i.itworldcanada.com	www.itworldcanada.com
9	messagent.itworldcanada.com	www.itworldcanada.com
8	cdnjs.cloudflare.com	www.itworldcanada.com
8	www.googletagservices.com	www.itworldcanada.com securepubads.g.doubleclick.net
7	platform.twitter.com	www.itworldcanada.com platform.twitter.com
4	pagead2.googlesyndication.com	www.itworldcanada.com securepubads.g.doubleclick.net
4	bb.itwc.ca	www.itworldcanada.com bb.itwc.ca ajax.googleapis.com
4	cdn.jsdelivr.net	www.itworldcanada.com cdn.jsdelivr.net
4	ssl.google-analytics.com	1 redirects www.itworldcanada.com
3	c.disquscdn.com	itworldcanada.disqus.com
3	www.google.com	1 redirects securepubads.g.doubleclick.net
2	ton.twimg.com	platform.twitter.com
2	abs.twimg.com	www.itworldcanada.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.itworldcanada.com tools.itwc.ca
2	disqus.com	itworldcanada.disqus.com
2	hits-i.iubenda.com	cdn.iubenda.com
2	itworldcanada.disqus.com	www.itworldcanada.com
2	s3-us-west-2.amazonaws.com	www.itworldcanada.com
2	cdn.iubenda.com	www.itworldcanada.com cdn.iubenda.com
1	syndication.twitter.com	1 redirects
1	cdn.syndication.twimg.com	platform.twitter.com
1	tools.itwc.ca	www.itworldcanada.com
1	www.google.de	www.itworldcanada.com
1	stats.g.doubleclick.net	1 redirects
1	www.iubenda.com	cdn.iubenda.com
1	933e4121f575eff24ca5bd58343ae40a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ajax.googleapis.com	www.itworldcanada.com
193	34

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
epubs.itworldcanada.com
www.itbusiness.ca
www.itwc.ca
www.technicity.ca
my.itworldcanada.com
www.nfn.ca
globalnews.ca
ca.linkedin.com
plus.google.com
digital.itwc.ca
lightningpr.ca
www.channeldailynews.com
www.directioninformatique.com
www.iubenda.com

Subject Issuer	Validity	Valid
itworldcanada.com Let's Encrypt Authority X3	`2020-10-28` - `2021-01-26`	3 months	crt.sh
www.iubenda.com DigiCert Secure Site ECC CA-1	`2020-02-18` - `2021-05-19`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
i.itworldcanada.com Amazon	`2020-03-11` - `2021-04-11`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-31` - `2022-01-30`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
messagent.itworldcanada.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
tools.itwc.ca Let's Encrypt Authority X3	`2020-11-14` - `2021-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
bb.itwc.ca Let's Encrypt Authority X3	`2020-10-13` - `2021-01-11`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Frame ID: EC258BFF65BB56002DD4620663F2C934
Requests: 76 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJDlb0aNqOCYxvXaSBJ1l9BoUIInqiAiZeNgC9lkkw08IG7PNsiSAvnGpKNIWxtFtR1IQ5k7PI6sq2x3lGS1YwQc13ei1rpV2MccIIx3s7KGZLBSQk_ePinyHW8lRRRfOsExfy8daht96gFv5pc4-aeGwfE5bhSomIcTyYJQY9ryIqOENpyDT-tPvnMztRlPyurm3kaC17sUCcq1xTa3FC0Rsett6ED21zkVxaLMxMwvzQIctzr8BtBDvKGNgupPT_6CcxyN0IRw&sai=AMfl-YRDG8m431DmSp8hsrUdFfXQRsW4Y6VfG0UQqGH0UalRIvk1GwV8S22dhaYzxUiwAPpjyGzZwB6PmqD4LKCQ60rJZi_LiPD3cRkk5OUd1og0wYbzU5BARVO7gC6c2kU&sig=Cg0ArKJSzGcBOa5AmF-MEAE&adurl=
Frame ID: E005A6B98DC142249D1B7F3796D55F71
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0XNNAbfdA9jQJQa9NXt8jG5aj4RlU-qw_ZI6Ro9PyxYg9dx-TUgVKmvnas1p3HmIa2nW1s2Ngac2VaWaKYOt4buN6nS4gXqxaKvC7-RoY_BoUWIkZWeinCjskTjoMEDbXObQCUbIP5Oez-JdJuBnhrJHE5x-IxEtmZJFG_qZxmMBulV8nIMGw76ClqSbEbyvFXGMtckXDtkIhmqzaZK1hzzjtNU0MDXBuvAQjzrwbe7RSPHzCGf9zLbBwQoHWiT1uTRQjYOhR-3CA18w&sai=AMfl-YQfOFGVDbbOkbJYefgZHa6ZrvygBRyZHwuTyHllUB42ZBqZVFCCz5pc8tIOuxdahkC9vU273i5ZjRZj2QDFUgNR5UHk2wkzuu9yWDesOWHLAf9kshxNu_eF8B7eCRQ&sig=Cg0ArKJSzM_ZDxRxtqhsEAE&urlfix=1&adurl=
Frame ID: 194EB313F95AE31047AE1C5D46B81980
Requests: 5 HTTP requests in this frame

Frame: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Frame ID: 2B82A98E4A81FC4D9118D9D8BD1387B8
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq1u8EbSIo3l9SbbqR6-MNvq_rD_-LzErT6jHqXaGb-BAK5KDZeAPBRz3-Ake805FzceYC0gDOiX3N6Bs8ckwpiYpznkOa94WreUgzw-EOafUfTvaMVe77jxPoL8aQ2hMwBcQwYplZycV95p02Pp73zJwzYy8mFKDygmSdAVyIsU2iaC-x4n0U3m5O5WdbPbMpxcMM-80gAmsUmEHLfBzJ1dK4CjbNCfn41uFvauSIoGhxRiRW0hNavCVdKpxBnPDXb-untKjs7g&sai=AMfl-YTelRld9_2kId0WH3FkL3DzRnqX7FDMA4IECm6QUHY79VjbFqtQXj_4-iNNM2aCUQj66CoFV_DwXDewa2UCMNW7GcT2Wu88fPtN9V01wexMm6zXHVkpMMhbGkb6kTg&sig=Cg0ArKJSzHApD3P6ojv_EAE&adurl=
Frame ID: 2170D5015A9DC4317A1B498A78357942
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRf48gtty3KssE7uLRo4aEGwR2BOwvV8ak8n2Y9UYqyFahHvKPPXhHmRVaHpKN4Gnev3F4RNsfYgzSjEVip4qXEsKz2V4QdU3dzVQNsjTHuDU8sMIwmaQDl5CeWiSRicDwUWb6WNWu_rVkrKHEBo5w7p7kXeftFpyyJLW57Gzdl2J2rYcdoNYT0qijyHP7oJlqzo6ow9Na2ELvx4j-PQNu58I8axOLuhsSbTjyQAuY4lUMeT6Ec_pg4H6nBlnbSfLxUzema-ytPw&sai=AMfl-YQ9cjg7QwVSUplEFAv2vlDrZgJDO0R_Hwk_XTFhTXqmnhWJaIfUhkbTFp-vfnssBCK8UpQVgFDjsKUtCNfOO9r5oXkOEDVuMJAA6Ni63QGd-Wzt_tcP6reUej9W9bk&sig=Cg0ArKJSzDzbepLSF4aXEAE&adurl=
Frame ID: 4D2073E5028F140DF427EF143F647055
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZk-2zbiz_uhSErjJgpWaADKsWehoPX21we7V6SjaiK_Mc4kKpOlH3htExfJEoUhhtbg-Cz8CgzGm4mdScwwwu_S9GWZx6wmykcwHjckqDhoPzZRQ52wIckYHeIE_qlObRkJAB7BOc4ty4qyERyvpHveBf8xk2vNmJjpH9nFc8fCIIGnZbItlhMqOJAsb2oJVwyK90jvEuabSS6lld8joabNp5LKftrZy3oKGfzYDdBoyVQ2TTlkfUOxblO5KatDu9N3CL-UnsIQ&sai=AMfl-YQzqS2aQW8aeAixWw_NRwRBpeuVe_nnOVAlnwGPyYS6HktUqTnVFpxb_SEg4IjypqPhbkM45mNwb4QGADogESxMlE3IKVX_pOOGd8LXP9EeeK9gjbJjnLu2nQu-F0A&sig=Cg0ArKJSzCNCGkAK79WREAE&adurl=
Frame ID: 0B477824C2235B5A35805AEC1B06ABFC
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf_8oahToo_5HK2tLGDEQPhP_8Bkgk-bwNK6AVn2emT6mjQx01wnZUNutit6JrGC-JTKi1p1sFCRSKY4eUkuttf5ZpCUeS9T5mMaByJFs5HJzt4TQaslQQu0YryNicjmx_nX99C48-iZ3JLj-17X80bIoimm27T4m_a6FFytTavAecu8H5IxGw1JrlLyyc2iT1x7Rtwfm6LCcHS8_QPchcM3H26Gd8B6sDs1WEpIxFgu8IB60HY9cks5NbdmkKPguicl-Tab0kSvH7C9c&sai=AMfl-YTu4OSHXaNZ7wuXckJK-5esCQdkZNsNf1cGr9GLalo94_Wsip-w6GZBCFV1BMmqK8TxBtQnNQ993jPxVQAo1cXbV2PcTkgiBnZag8TpxZYCF_m3v1O_mg5FQgq4vFk&sig=Cg0ArKJSzE-LJDrriuegEAE&urlfix=1&adurl=
Frame ID: 8F3D40759B4906C3CA06EBACBEB4ACA4
Requests: 4 HTTP requests in this frame

Frame: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Frame ID: 5663B5C69D82A040A3F038932E9C45E1
Requests: 18 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itworldcanada&t_i=439150%20https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2F%2F439150&t_u=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&t_e=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&t_d=%0A%0ARansomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released%09&t_t=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&s_o=default
Frame ID: 1D009BDCA06B2F20641948425EE983A0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.itworldcanada.com
Frame ID: 75A39386BDD17E5D1B0ADEC8E783B687
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1335946293554769923/3VayvMnm?format=jpg&name=144x144_2
Frame ID: C77412B64E04162076E6EF6344CAE5CD
Requests: 48 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: B84DBBCF761F1B0754D34115017BF637
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1BF67CA536249D955322B4E6E7AD2490
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

193
Requests

100 %
HTTPS

65 %
IPv6

18
Domains

34
Subdomains

30
IPs

6
Countries

6475 kB
Transfer

8688 kB
Size

8
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/user?screen_name=itworldca
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ITWorldCa
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/itworldcanada/
Title:

Search URL Search Domain Scan URL

URL: http://epubs.itworldcanada.com/
Title: Digital Magazines

Search URL Search Domain Scan URL

URL: https://www.itbusiness.ca/cmo-digital#cmo-talks-podcast
Title: CMO Talks

Search URL Search Domain Scan URL

URL: http://www.itwc.ca/contact-us.php
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.technicity.ca/
Title: Technicity GTA

Search URL Search Domain Scan URL

URL: http://my.itworldcanada.com/index.php/user/register
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/user?screen_name=HowardITWC
Title: @HowardITWC

Search URL Search Domain Scan URL

URL: https://www.nfn.ca/
Title: Nipissing First Nation

Search URL Search Domain Scan URL

URL: https://globalnews.ca/news/7499986/translink-suspicious-network-activity-update/
Title: According to Global News

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150&text=Ransomware+update%3A+Documents+from+Calgary+energy+firm+released
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150&t=Ransomware+update%3A+Documents+from+Calgary+energy+firm+released
Title:

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150&source=https://www.itworldcanada.com/
Title:

Search URL Search Domain Scan URL

URL: http://ca.linkedin.com/pub/howard-solomon/22/5a0/aa4
Title: Join Howard Solomon on LinkedIn

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/b/112118513090353224053/+ItworldcanadaITWC/posts
Title:

Search URL Search Domain Scan URL

URL: http://digital.itwc.ca/f/canadiancio
Title: CanadianCIO

Search URL Search Domain Scan URL

URL: https://www.itbusiness.ca/cmo-digital
Title: CMO Digital

Search URL Search Domain Scan URL

URL: http://digital.itwc.ca/f/computer-dealer-news
Title: CDN Magazine

Search URL Search Domain Scan URL

URL: https://lightningpr.ca/
Title: LightningPR

Search URL Search Domain Scan URL

URL: http://www.itwc.ca/
Title: ITWC.ca

Search URL Search Domain Scan URL

URL: http://www.channeldailynews.com/
Title: Channel Daily News.com

Search URL Search Domain Scan URL

URL: http://www.itbusiness.ca/
Title: IT Business.ca

Search URL Search Domain Scan URL

URL: http://www.directioninformatique.com/
Title: Direction Informatique.com

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/70629310/cookie-policy?an=no&s_ck=false&newmarkup=yes
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=478392278&utmhn=www.itworldcanada.com&utme=8(unknown*Author*Pub%20Date*Tags*Categories)9(unknown*Howard%20Solomon*12%2F04%2F2020*%22ransomware%22%2C%22security-strategies%22%2C*%22privacy-and-security%22%2C)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released%20%7C%20IT%20World%20Canada%20News&utmhid=1989398587&utmr=-&utmp=%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&utmht=1607352275615&utmac=UA-2214941-1&utmcc=__utma%3D120853079.1151761211.1607352276.1607352276.1607352276.1%3B%2B__utmz%3D120853079.1607352276.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=980108535&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278&slf_rd=1&random=2053948435

Request Chain 198

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

193 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 439150 Show response
www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/ 83 KB
23 KB 810ms
390ms Document
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 825265fa91dfa03501bbe1761374e4245422501da624e3896f411b8e27171bd8

Request headers

Host: www.itworldcanada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:32 GMT
Server: Apache
Link: <https://www.itworldcanada.com/wp-json/>; rel="https://api.w.org/", <https://www.itworldcanada.com/wp-json/wp/v2/posts/439150>; rel="alternate"; type="application/json", <https://www.itworldcanada.com/?p=439150>; rel=shortlink
Set-Cookie: ukw=a%3A1%3A%7Bi%3A0%3Bi%3A1607352272%3B%7D; expires=Thu, 05-Dec-2030 14:44:32 GMT; Max-Age=315360000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Mon, 07 Dec 2020 15:44:32 GMT
Content-Length: 22387
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 347 B
463 B 82ms
26ms Script
application/javascript 95.100.80.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.80.173 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-173.deploy.static.akamaitechnologies.com
Software: nginx/1.15.8 /
Resource Hash: 4f3e36248ba28189d00f60c7784ae5922d2d2fe31249ee5af56155e3c66685cb

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:34 GMT
content-encoding: br
last-modified: Thu, 03 Dec 2020 21:03:39 GMT
server: nginx/1.15.8
etag: "5fc952ab-c4"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 196
expires: Mon, 07 Dec 2020 17:44:34 GMT

GET
H/1.1 200
OK style.min.css
www.itworldcanada.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 186ms
107ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Sep 2020 22:27:01 GMT
Server: Apache
ETag: "d293-5af9dffdf3914-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7907
Expires: Tue, 07 Dec 2021 14:44:32 GMT

GET
H/1.1 200
OK dashicons.min.css
www.itworldcanada.com/wp-includes/css/ 58 KB
35 KB 295ms
107ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/css/dashicons.min.css?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2020 21:13:21 GMT
Server: Apache
ETag: "e681-5ad55970d811c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 35722
Expires: Tue, 07 Dec 2021 14:44:32 GMT

GET
H/1.1 200
OK wp-ulike.min.css
www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/css/ 16 KB
4 KB 309ms
106ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.4.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: a1c8898d33bf3f16912ed47c3129983b26d904bf43b2216072fdc549376057d7

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:18 GMT
Server: Apache
ETag: "411f-5b25cfad5900e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3207
Expires: Tue, 07 Dec 2021 14:44:32 GMT

GET
H/1.1 200
OK wp-ulike-pro.min.css
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/ 74 KB
9 KB 313ms
108ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 97bc6d7d2e33122be7ffaaa19ec6d7a142c5f0e6a3ac7b861910757148498288

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:22 GMT
Server: Apache
ETag: "12784-5b25cfb1465fe-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9117
Expires: Tue, 07 Dec 2021 14:44:32 GMT

GET
H/1.1 200
OK css-boot-min.css
www.itworldcanada.com/wp-content/themes/the-bootstrap/css/ 214 KB
36 KB 322ms
116ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 9d5c9598ba0e6185bb4dea9dadbe8fccd9c524bd992679e90bf993fe74560210

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Sep 2017 17:14:38 GMT
Server: Apache
ETag: "357f3-559012d92fb80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 36492
Expires: Tue, 07 Dec 2021 14:44:32 GMT

GET
H/1.1 200
OK style.css
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/ 41 KB
9 KB 359ms
115ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/style.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: c378ee06bbd464704602a25e250f382feda809683cd5c43963b1e6abf30caecb

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jul 2018 19:27:47 GMT
Server: Apache
ETag: "a37f-57136f0e6ec75-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8813
Expires: Tue, 07 Dec 2021 14:44:32 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.itworldcanada.com/wp-includes/js/ 14 KB
5 KB 105ms
104ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2020 21:13:21 GMT
Server: Apache
ETag: "37a6-5ad5597108e5c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4671
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK twitter-header.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 320 B
685 B 163ms
103ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/twitter-header.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 7f5048402ac1b8b949d2069ced9d69ebe5813abed5a544d1b487c8ba47273185

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Sat, 20 Apr 2019 17:49:24 GMT
Server: Apache
ETag: "140-586f9db20a63f"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 320
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK facebook-header.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 224 B
588 B 161ms
103ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/facebook-header.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 362eee23121468c42d8586373ce7d2f283984d019575d0e46c8af9aea64d8aec

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Sat, 20 Apr 2019 17:48:59 GMT
Server: Apache
ETag: "e0-586f9d9a2dbf7"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 224
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK linkedin-header.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 346 B
711 B 222ms
162ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/linkedin-header.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: d410a1e115fd1b1c3adc9db99cbee7a9bb0400af95a190e0e37f18615a244e41

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Sat, 20 Apr 2019 17:49:15 GMT
Server: Apache
ETag: "15a-586f9da93cf8f"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 346
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 10ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/4185)
Age: 862
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H/1.1 200
OK blockadblock.js Show response
www.itworldcanada.com/block/ 7 KB
2 KB 106ms
106ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/block/blockadblock.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5ec358949de628946007f95c47064a064b07271b39e4d26a6b0c27a17b3a0faa

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2016 22:23:13 GMT
Server: Apache
ETag: "1c13-52c9fa0d09640-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1961
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK 166.thumbnail.jpg
www.itworldcanada.com/wp-content/uploads/userphoto/ 4 KB
4 KB 156ms
106ms Image
image/jpeg 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/uploads/userphoto/166.thumbnail.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f10aeefb066161f38dadd2ed1267852072f9fc1c7a50971b8bf25d4bf8851d84

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Fri, 22 Jan 2016 15:25:46 GMT
Server: Apache
ETag: "fa1-529edd54af280"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4001
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK cccs.png
www.itworldcanada.com/client/ 98 KB
99 KB 106ms
106ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/client/cccs.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 52147fe45e34218aea3b90fc7c43c622ac32d1fc798016f4e2a371c6a36ccd59

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Fri, 28 Jun 2019 19:08:33 GMT
Server: Apache
ETag: "18904-58c670139304c"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 100612
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H2 200 social-twitter.png
i.itworldcanada.com/uploads/ 2 KB
2 KB 74ms
13ms Image
image/png 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-twitter.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68ad5c98ff4e533be77307b324e6665b79f6d284975447165572ea1df524a29c

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 20:35:44 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 65331
etag: "de128dbea01040e7ab9dab8b02d58a2d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1621
x-amz-cf-id: ONEqivmsOXgyN3ZL8xI2TgHzotCtLHjHEH-IhTmhoSuGeHEoP8H5EQ==

GET
H2 200 social-facebook.png
i.itworldcanada.com/uploads/ 1 KB
2 KB 66ms
15ms Image
image/png 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-facebook.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf4512e8a7ee4d972499eb80f3f2e02beef0d56236f6cbe339befb5d1671e3b1

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 19:01:26 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 70990
etag: "c8286a899fba97e71421080b44ccb8fe"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1437
x-amz-cf-id: H4S0aMQyVXlGOuCWKXufp1qWWl4adRfh0QdpymSvKbOr573kyTiHeg==

GET
H2 200 social-linkedin.png
i.itworldcanada.com/uploads/ 2 KB
2 KB 22ms
21ms Image
image/png 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-linkedin.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9622281558f1979c053d598121153f63ca28439d6532e5a9241be4c3e1e8409

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 19:01:25 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 70990
etag: "a65742486a850f1342b903eb93b923fe"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1672
x-amz-cf-id: IoEuvWSngVTS55RJBc06z4ZIydav6eTGJx9ppxvb22F-XWp_-fyWTg==

GET
H2 200 social-google.png
i.itworldcanada.com/uploads/ 2 KB
2 KB 22ms
22ms Image
image/png 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-google.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 709399bef8af81cbb6b283d0ac709a1cfe3579938cff3ca9f782da29f3a2f927

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 08:50:11 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 21265
etag: "caa9961deecbd083f26ad37267350fb7"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1656
x-amz-cf-id: TO2p7ZwP-aW9alIKzPbYBh9aH62s5hwODwHLCSweBQ53oYeGCik6ew==

GET
H/1.1 200
OK swipebox.min.css
www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/ 4 KB
2 KB 106ms
106ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.4.4
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 21:13:24 GMT
Server: Apache
ETag: "10d4-5a64319847b74-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1221
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK comment_count.js Show response
www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
872 B 105ms
105ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Apr 2019 13:57:55 GMT
Server: Apache
ETag: "379-5862d74d28e47-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 440
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK comment_embed.js Show response
www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/ 1 KB
937 B 113ms
112ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Apr 2019 13:57:55 GMT
Server: Apache
ETag: "47e-5862d74d28e47-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 505
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK jquery.js Show response
www.itworldcanada.com/wp-includes/js/jquery/ 95 KB
33 KB 116ms
111ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 23:50:39 GMT
Server: Apache
ETag: "17a69-58982a1f21bb4-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33776
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK jquery-migrate-1.4.1-wp.js Show response
www.itworldcanada.com/wp-content/plugins/enable-jquery-migrate-helper/js/ 24 KB
8 KB 110ms
105ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f1d749ec752d0bf5719ee501fd4c0fda01b71ed35ffc72dc72e1b07d87209544

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:02 GMT
Server: Apache
ETag: "5f74-5b25cf9df9f1e-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7943
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK wp-ulike.min.js Show response
www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/js/ 8 KB
3 KB 109ms
104ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.4.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f9ddba7253d1097099639398e08133ef6c647bef45df95bc6952274f6c64d15c

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:18 GMT
Server: Apache
ETag: "20ff-5b25cfad5caa6-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2141
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK wp-ulike-pro.min.js Show response
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/js/ 6 KB
2 KB 113ms
108ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/js/wp-ulike-pro.min.js?ver=1.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 625d35a1428612400e5733f4bcffd02e6342038986110cd475c5b7b638643407

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:22 GMT
Server: Apache
ETag: "19f1-5b25cfb14cb8e-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2079
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
s3-us-west-2.amazonaws.com/itworldcanada/js/ 26 KB
27 KB 683ms
176ms Script
application/x-javascript 52.218.220.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/itworldcanada/js/bootstrap.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.220.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f8d1c73670970f54f0c7c9f2993ee14a3ef0e1319c91e5d38ea2e91fce572a9

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:36 GMT
Last-Modified: Tue, 21 Apr 2015 16:14:11 GMT
Server: AmazonS3
x-amz-request-id: C8356652D4804018
ETag: "9e3fd459eb511a77c00372f43028ce08"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 26912
x-amz-id-2: o5+gbXHJVFkJsgtSkj/eIdJjOiL+8Z6Hos7bjmClyi6WCddZQ48d9+ZLy0Gp5xaohRD0Vv6enwY=

GET
H/1.1 200
OK the-bootstrap.min.js Show response
s3-us-west-2.amazonaws.com/itworldcanada/js/ 499 B
902 B 702ms
185ms Script
application/x-javascript 52.218.220.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/itworldcanada/js/the-bootstrap.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.220.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5778b44cba918dfc38ab166b4d6befc29eeeb368e9d7cc1c80179e4919831b79

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:36 GMT
Last-Modified: Tue, 21 Apr 2015 16:14:19 GMT
Server: AmazonS3
x-amz-request-id: B1FAE17F9DC0F478
ETag: "e82ba71d4e06fd6f4ba763034589cf25"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 499
x-amz-id-2: 9r5KJxdy+xx+eRvOT/Mr/E8DsdhXiOsQ9MA2g0RNOTMZ/nKJCEBd8N3ApN8xRApzyPuPkBU5kUQ=

GET
H/1.1 200
OK wp-embed.min.js Show response
www.itworldcanada.com/wp-includes/js/ 1 KB
1 KB 105ms
104ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Apr 2020 22:10:21 GMT
Server: Apache
ETag: "59a-5a410a19e194a-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 769
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK jquery.swipebox.min.js Show response
www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/ 13 KB
4 KB 104ms
104ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.4.4
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 21:13:24 GMT
Server: Apache
ETag: "329f-5a64319848344-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3957
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320045
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 21:50:30 GMT

GET
H2 200 core-7477c61df49044b49eabbd94edfbd933.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/ 610 KB
102 KB 34ms
32ms Script
application/javascript 95.100.80.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-7477c61df49044b49eabbd94edfbd933.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.80.173 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-173.deploy.static.akamaitechnologies.com
Software: nginx/1.15.8 /
Resource Hash: df127da678d7ebec429bdf5bb1dd0f2f9ea307b5d7cc9a20e8829f0cfe1e7f9c

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
last-modified: Thu, 03 Dec 2020 20:57:32 GMT
server: nginx/1.15.8
etag: "5fc9513c-195c9"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
content-type: application/javascript
content-length: 103881
expires: Tue, 07 Dec 2021 14:44:35 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
18 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd10a9ca90a2611a9a5fa86edbd92808fb72bdfbcff366f367ecf84992696191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "716 / 87 of 1000 / last-modified: 1607343165"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18600
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H2 200 pubads_impl_2020120101.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 91ms
33ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

67f7f7a4b931bca20fac7c458969034200f3c64187b84782da9659f07ac5f247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 09:38:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101724
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3020
date: Mon, 07 Dec 2020 13:54:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 07 Dec 2020 15:54:15 GMT

GET
H/1.1 200
OK it-world-logo.png.webp
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 6 KB
7 KB 164ms
105ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/it-world-logo.png.webp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: bc5411929c57859f711fad44490fd37f77674b35daddc719f6cd938a34b93f4b

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Mon, 22 Apr 2019 12:52:48 GMT
Server: Apache
ETag: "19c4-5871df20f9c6f"
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6596
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK glyphicons-halflings.png
www.itworldcanada.com/wp-content/themes/the-bootstrap/img/ 9 KB
10 KB 143ms
106ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/img/glyphicons-halflings.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2bafb4e0acfda84da9c417009cca7bba8a132f69cb73911d0a3f95b50a41e7f6

Request headers

Referer: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Mon, 22 Apr 2019 12:55:22 GMT
Server: Apache
ETag: "24b4-5871dfb38bbff"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 9396
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 17ms
16ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itworldcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itworldcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 133 KB
21 KB 167ms
135ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2630921809279433&correlator=567182715716051&output=ldjh&impl=fifs&eid=21068031&vrg=2020120101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201207&iu_parts=3034%2Cidg.ca.itwcepp&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C900x150%2C160x600%7C300x600%2C300x600%2C300x250%2C300x250%2C900x300%7C970x250%7C900x150%2C1x1&ists=1&prev_scp=pos%3Dleaderboardros%7Cpos%3Dskyscraperros%7Cpos%3Dsupersky%7Cpos%3Dbigboxros%7Cpos%3Dbigbox2ros%7Cpos%3Dfooter%7Cpos%3Dinter&cust_params=wpid%3D439150%26ptype%3Darticle%26c%3Dprivacy-and-security%26t%3Dransomware%252Csecurity-strategies&cookie_enabled=1&bc=31&abxe=1&lmt=1607352275&dt=1607352275423&dlt=1607352274685&idt=626&frm=20&biw=1600&bih=1200&oid=3&adxs=320%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=195%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4251014571%2C2764879362%2C1210744711%2C1640639909%2C823673414%2C3202507738%2C310270821&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&vis=1&dmc=8&scr_x=0&scr_y=0&psz=960x95%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=960x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=706323247.1607352275&ga_sid=1607352275&ga_hid=1989398587&fws=0%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

65451a3d1f6a9ae5695b06d12f438a0d9280da72286240e70ab1f9ef3c77a455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20855
x-xss-protection: 0
google-lineitem-id: 5245125268,5513029149,5515568359,4476637632,5245522535,5530182941,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138297470399,138322247380,138327411392,138215746257,138297470729,138329447820,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.itworldcanada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
933e4121f575eff24ca5bd58343ae40a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 100ms
39ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://933e4121f575eff24ca5bd58343ae40a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK checkmark-like.svg
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/ 1 KB
823 B 136ms
134ms Image
image/svg+xml 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/checkmark-like.svg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: cd7a6996192a36ba247c32e9a19de9c0c3c7f8cc876790594dc93db32c7b051c

Request headers

Referer: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Server: Apache
ETag: "48d-5b25cfb148d0e-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 448
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK checkmark-dislike.svg
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/ 1 KB
885 B 106ms
105ms Image
image/svg+xml 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/checkmark-dislike.svg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5e8dde458697ee3e5605d67f7503ced27c2e78de057c8bc8823c0687618e1439

Request headers

Referer: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Server: Apache
ETag: "56c-5b25cfb1490f6-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 510
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H2 200 GettyImages-658560898-1-620x250.jpg
i.itworldcanada.com/wp-content/uploads/2017/10/ 47 KB
47 KB 18ms
17ms Image
image/jpeg 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2017/10/GettyImages-658560898-1-620x250.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 937171bf8e13eb6101e88c58e044f3318125aae60d388d8e3787717650c0387e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 23:57:05 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 01:22:18 GMT
server: AmazonS3
age: 226050
etag: "bd77d7bd5ac88c4b02ffc0cc12750584"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 48006
x-amz-cf-id: 6EG9FsRxgUFJtfRo95Z1tchM_3mz4ZJVUK8S0fgFbN8IGIWZdGBsKg==
expires: Fri, 22 May 2020 01:22:16 GMT

GET
H2 200 70629310.js Show response
www.iubenda.com/cookie-solution/confs/js/ 95 B
459 B 52ms
50ms Script
application/javascript 95.100.80.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iubenda.com/cookie-solution/confs/js/70629310.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-7477c61df49044b49eabbd94edfbd933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.80.173 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-173.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 69f13734ed35abbf67d28cfe2429d046ff7a152d678bbef712892d022d41f4b0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
access-control-request-method: *
content-encoding: gzip
content-length: 93
last-modified: Mon, 09 Nov 2020 16:30:20 GMT
server: nginx
etag: "5fa96e9c-5f"
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 08 Dec 2020 14:44:35 GMT

GET
H/1.1 200
OK glyphicons-halflings-white.png
www.itworldcanada.com/wp-content/themes/the-bootstrap/img/ 8 KB
8 KB 106ms
106ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/img/glyphicons-halflings-white.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2b4385df8034110da0ef5043307dce11777d5e8d86dfb92d56d207f94988bc57

Request headers

Referer: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Mon, 22 Apr 2019 12:55:21 GMT
Server: Apache
ETag: "1ed2-5871dfb2f74ff"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 7890
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK social-icons.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/universal/ 11 KB
11 KB 103ms
103ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/universal/social-icons.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 19716c9959a569a1b7abac4cf9feaf615c6458a70f9f7948a32355a52ca8c585

Request headers

Referer: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Mon, 22 Apr 2019 12:52:38 GMT
Server: Apache
ETag: "2aa4-5871df17a49df"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10916
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H2 200 CS_3000x1668-e1522241983325-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2018/03/ 10 KB
10 KB 16ms
14ms Image
image/jpeg 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2018/03/CS_3000x1668-e1522241983325-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e2b459e13b4edcc9195d4170de930b7d9cb0395252b74b7d077cebe6e839bac

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 06:42:19 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 01:03:22 GMT
server: AmazonS3
age: 1238537
etag: "e3842db488f8cc09a454e36c98c24972"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 9980
x-amz-cf-id: wdQ4L8ARb1wgU7H4N_-OoLO5-t5ciDPXfe2AKY6oPR3SaX8EEUoQ4g==
expires: Fri, 22 May 2020 01:03:21 GMT

GET
H2 200 GettyImages-1183744751-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2020/10/ 10 KB
11 KB 17ms
16ms Image
image/jpeg 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2020/10/GettyImages-1183744751-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44777ca59800589cd56c476fafe777c8715050535e9e5c7af8dce69a14d65cca

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:19:40 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Fri, 23 Oct 2020 11:57:41 GMT
server: AmazonS3
age: 152696
etag: "199259f269014062a5066c119ab8f496"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 10425
x-amz-cf-id: yk4Oy1nRuY0NISGFkh-VVWjUDEyFlTtoZg4IzERamKqrz1rDHyLptA==
expires: Sat, 23 Oct 2021 11:57:38 GMT

GET
H2 200 GettyImages-1034671072-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2020/12/ 8 KB
8 KB 18ms
16ms Image
image/jpeg 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2020/12/GettyImages-1034671072-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53ebaf3b8f10214fb9fe6ecfda2e63cea96eeaa22de76819e748ebb803d1cece

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 17:13:00 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 16:55:20 GMT
server: AmazonS3
age: 336696
etag: "17e53107a5f6af8a2c9e089403deb0a4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 8055
x-amz-cf-id: jtyJgO2XFeEWnvsNR695YwwrvNcNVJ6zvK5McJg2JCIObWC5t4urjg==
expires: Fri, 03 Dec 2021 16:55:16 GMT

GET
H2 200 GettyImages-539475910-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2019/01/ 13 KB
13 KB 19ms
18ms Image
image/jpeg 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2019/01/GettyImages-539475910-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40add3c2d9c5b4bb8c9d5b17d9c507344cb586e1ae825858345d20c4dc5fc4a2

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:08:35 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 00:24:36 GMT
server: AmazonS3
age: 509761
etag: "bda1afbd36bb4f04465c6c13c43de2e3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 12956
x-amz-cf-id: tBp085wVAFQF6mChE253nZBj39pgAHeiOrUGS5d4REqvoylhhxj-TA==
expires: Fri, 22 May 2020 00:24:34 GMT

GET
H/1.1 200
OK footer-logo-itworld.png.webp
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 5 KB
5 KB 103ms
103ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/footer-logo-itworld.png.webp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f09dff45392cb4466fbc2a7891720f65f495b7a5eb2745feef43607f42eb0dad

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Last-Modified: Mon, 22 Apr 2019 12:52:43 GMT
Server: Apache
ETag: "1396-5871df1c7c9b7"
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5014
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=478392278&utmhn=www.itworldcanada.com&utme=8(unknown*Author*Pub%20Date*Tags*Categories)9(unknown*Howard%20Solomon*12%2F04%2F2020...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278&slf_rd=1&random=2053948435

42 B
107 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278&slf_rd=1&random=2053948435

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=1151761211.1607352276&jid=980108535&_v=5.7.2&z=478392278&slf_rd=1&random=2053948435
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GettyImages-1049736506-e1606787131474-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2020/11/ 11 KB
11 KB 16ms
15ms Image
image/jpeg 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2020/11/GettyImages-1049736506-e1606787131474-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54361f98333885ce45e91df597a9d4488b808568e2e8621d7870e6c1b5ca0a9e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 02:04:04 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 01:45:35 GMT
server: AmazonS3
age: 564032
etag: "871cb531ec5d2c40813b8ea53341e449"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 11056
x-amz-cf-id: z1coeJOdEtaw-M1f5JbBxHU7ZDeglopuj4Bpj_5e0jur0h9ZFgkFng==
expires: Wed, 01 Dec 2021 01:45:32 GMT

GET
H2 200 FEATURE-Gavel-court-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2014/08/ 7 KB
7 KB 18ms
17ms Image
image/jpeg 2600:9000:2104:c400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2014/08/FEATURE-Gavel-court-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8df44b1e4f8ad283e77835a377d6dd6073a08e92297a69690a641968177f01b

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 09:23:19 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 02:25:16 GMT
server: AmazonS3
age: 451277
etag: "6ffe6c2f01909302085825fd88f48855"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 6832
x-amz-cf-id: DyzPlMZ7r3TJaNu4Ah66BZ9e6Fz84IwF3ZkGMHQkxqHetN32fFSelg==
expires: Fri, 22 May 2020 02:25:15 GMT

GET
H/1.1 200
OK count.js Show response
itworldcanada.disqus.com/ 1 KB
2 KB 67ms
21ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itworldcanada.disqus.com/count.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2134775
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 10 Nov 2020 20:21:10 GMT
Server: nginx
ETag: "5faaf636-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: EE5o3Mqou4wwu-WGJXyjKPgESqmhylWa5ujMwcwbFrRaqCqiwn1iXQ==

GET
H/1.1 200
OK embed.js Show response
itworldcanada.disqus.com/ 70 KB
23 KB 345ms
300ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itworldcanada.disqus.com/embed.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

19cad1ec4a79433a6fd44e1d9919a8bf3e3ab1ae98081e39b3ad8a049f613948

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:35 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23287

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E005 0
0 35ms
35ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJDlb0aNqOCYxvXaSBJ1l9BoUIInqiAiZeNgC9lkkw08IG7PNsiSAvnGpKNIWxtFtR1IQ5k7PI6sq2x3lGS1YwQc13ei1rpV2MccIIx3s7KGZLBSQk_ePinyHW8lRRRfOsExfy8daht96gFv5pc4-aeGwfE5bhSomIcTyYJQY9ryIqOENpyDT-tPvnMztRlPyurm3kaC17sUCcq1xTa3FC0Rsett6ED21zkVxaLMxMwvzQIctzr8BtBDvKGNgupPT_6CcxyN0IRw&sai=AMfl-YRDG8m431DmSp8hsrUdFfXQRsW4Y6VfG0UQqGH0UalRIvk1GwV8S22dhaYzxUiwAPpjyGzZwB6PmqD4LKCQ60rJZi_LiPD3cRkk5OUd1og0wYbzU5BARVO7gC6c2kU&sig=Cg0ArKJSzGcBOa5AmF-MEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/ Frame E005 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd5620e6f30c9ca43274e1e0a5f9424f97f0dd821a582b22e995586483815392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 23:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7482
x-xss-protection: 0
server: cafe
etag: 4206736668346422230
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Dec 2020 23:14:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame E005 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E005 76 KB
29 KB 45ms
29ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H3-Q050 200 10981063740043562181
tpc.googlesyndication.com/simgad/ Frame E005 59 KB
59 KB 37ms
21ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10981063740043562181

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9728d0830cc0fa28abeaae1af3c39b3fb8eee8caee07bc32ddf26e75fab07bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 08:34:03 GMT
x-content-type-options: nosniff
age: 540632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60222
x-xss-protection: 0
last-modified: Tue, 10 Dec 2019 20:47:46 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Dec 2021 08:34:03 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 194E 0
0 38ms
38ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0XNNAbfdA9jQJQa9NXt8jG5aj4RlU-qw_ZI6Ro9PyxYg9dx-TUgVKmvnas1p3HmIa2nW1s2Ngac2VaWaKYOt4buN6nS4gXqxaKvC7-RoY_BoUWIkZWeinCjskTjoMEDbXObQCUbIP5Oez-JdJuBnhrJHE5x-IxEtmZJFG_qZxmMBulV8nIMGw76ClqSbEbyvFXGMtckXDtkIhmqzaZK1hzzjtNU0MDXBuvAQjzrwbe7RSPHzCGf9zLbBwQoHWiT1uTRQjYOhR-3CA18w&sai=AMfl-YQfOFGVDbbOkbJYefgZHa6ZrvygBRyZHwuTyHllUB42ZBqZVFCCz5pc8tIOuxdahkC9vU273i5ZjRZj2QDFUgNR5UHk2wkzuu9yWDesOWHLAf9kshxNu_eF8B7eCRQ&sig=Cg0ArKJSzM_ZDxRxtqhsEAE&urlfix=1&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H/1.1 200
OK nano.php Show response
www.itworldcanada.com/creative/20099%20IBM/ Frame 2B82 7 KB
2 KB 150ms
105ms Document
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 7b2dd206926e0e699f7f7734f1c7296433bac2a3d57e9d768abaff6c7c3343b5

Request headers

Host: www.itworldcanada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ukw=a%3A1%3A%7Bi%3A0%3Bi%3A1607352272%3B%7D; __utma=120853079.1151761211.1607352276.1607352276.1607352276.1; __utmc=120853079; __utmz=120853079.1607352276.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=120853079.1.10.1607352276; __gads=ID=4de7c855c676ef93-229903c657b900fe:T=1607352275:S=ALNI_Mbq_MblTI7NB3BvObZhzxPnY3NQxw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

Date: Mon, 07 Dec 2020 14:44:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Mon, 07 Dec 2020 15:44:33 GMT
Content-Length: 2142
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 194E 76 KB
29 KB 42ms
31ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2170 0
0 37ms
36ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq1u8EbSIo3l9SbbqR6-MNvq_rD_-LzErT6jHqXaGb-BAK5KDZeAPBRz3-Ake805FzceYC0gDOiX3N6Bs8ckwpiYpznkOa94WreUgzw-EOafUfTvaMVe77jxPoL8aQ2hMwBcQwYplZycV95p02Pp73zJwzYy8mFKDygmSdAVyIsU2iaC-x4n0U3m5O5WdbPbMpxcMM-80gAmsUmEHLfBzJ1dK4CjbNCfn41uFvauSIoGhxRiRW0hNavCVdKpxBnPDXb-untKjs7g&sai=AMfl-YTelRld9_2kId0WH3FkL3DzRnqX7FDMA4IECm6QUHY79VjbFqtQXj_4-iNNM2aCUQj66CoFV_DwXDewa2UCMNW7GcT2Wu88fPtN9V01wexMm6zXHVkpMMhbGkb6kTg&sig=Cg0ArKJSzHApD3P6ojv_EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/ Frame 2170 18 KB
8 KB 14ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd5620e6f30c9ca43274e1e0a5f9424f97f0dd821a582b22e995586483815392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 23:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7482
x-xss-protection: 0
server: cafe
etag: 4206736668346422230
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Dec 2020 23:14:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame 2170 3 KB
2 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2170 76 KB
29 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2170 0
0 24ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqE7n1yzUD0PgTd7FaAPKT1IVMafv-2-79FCYldGS2BfowXMGgg-i_NlwDhPHmg1OrVnnl
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 4891711456426938153
tpc.googlesyndication.com/simgad/ Frame 2170 197 KB
197 KB 74ms
64ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4891711456426938153

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b851fe77a41bea3f7075bcae337eb9b7fba6fc03218ccfe58a77ca04afb3e413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Oct 2020 20:05:43 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201730
x-xss-protection: 0
expires: Tue, 07 Dec 2021 14:44:35 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D20 0
0 41ms
36ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRf48gtty3KssE7uLRo4aEGwR2BOwvV8ak8n2Y9UYqyFahHvKPPXhHmRVaHpKN4Gnev3F4RNsfYgzSjEVip4qXEsKz2V4QdU3dzVQNsjTHuDU8sMIwmaQDl5CeWiSRicDwUWb6WNWu_rVkrKHEBo5w7p7kXeftFpyyJLW57Gzdl2J2rYcdoNYT0qijyHP7oJlqzo6ow9Na2ELvx4j-PQNu58I8axOLuhsSbTjyQAuY4lUMeT6Ec_pg4H6nBlnbSfLxUzema-ytPw&sai=AMfl-YQ9cjg7QwVSUplEFAv2vlDrZgJDO0R_Hwk_XTFhTXqmnhWJaIfUhkbTFp-vfnssBCK8UpQVgFDjsKUtCNfOO9r5oXkOEDVuMJAA6Ni63QGd-Wzt_tcP6reUej9W9bk&sig=Cg0ArKJSzDzbepLSF4aXEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/ Frame 4D20 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd5620e6f30c9ca43274e1e0a5f9424f97f0dd821a582b22e995586483815392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 23:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7482
x-xss-protection: 0
server: cafe
etag: 4206736668346422230
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Dec 2020 23:14:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame 4D20 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D20 76 KB
29 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H3-Q050 200 17459772440423434161
tpc.googlesyndication.com/simgad/ Frame 4D20 45 KB
45 KB 13ms
8ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17459772440423434161

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4718c4cca275eac50770a046d3f1cc09c426f758687bf0aa5a54c21e46d098e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 19:45:22 GMT
x-content-type-options: nosniff
age: 500353
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45735
x-xss-protection: 0
last-modified: Wed, 01 Nov 2017 20:33:17 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Dec 2021 19:45:22 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0B47 0
0 35ms
35ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZk-2zbiz_uhSErjJgpWaADKsWehoPX21we7V6SjaiK_Mc4kKpOlH3htExfJEoUhhtbg-Cz8CgzGm4mdScwwwu_S9GWZx6wmykcwHjckqDhoPzZRQ52wIckYHeIE_qlObRkJAB7BOc4ty4qyERyvpHveBf8xk2vNmJjpH9nFc8fCIIGnZbItlhMqOJAsb2oJVwyK90jvEuabSS6lld8joabNp5LKftrZy3oKGfzYDdBoyVQ2TTlkfUOxblO5KatDu9N3CL-UnsIQ&sai=AMfl-YQzqS2aQW8aeAixWw_NRwRBpeuVe_nnOVAlnwGPyYS6HktUqTnVFpxb_SEg4IjypqPhbkM45mNwb4QGADogESxMlE3IKVX_pOOGd8LXP9EeeK9gjbJjnLu2nQu-F0A&sig=Cg0ArKJSzCNCGkAK79WREAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/ Frame 0B47 18 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd5620e6f30c9ca43274e1e0a5f9424f97f0dd821a582b22e995586483815392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 23:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7482
x-xss-protection: 0
server: cafe
etag: 4206736668346422230
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Dec 2020 23:14:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame 0B47 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B47 76 KB
29 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 0B47 0
0 27ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0MhX5BXjpLVSsWRQIlObnniLywdWuknAcNvPVfsK0xTDLDOtHPzFuM01krEFlagDEHDFD
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 4617766650203790942
tpc.googlesyndication.com/simgad/ Frame 0B47 53 KB
53 KB 22ms
8ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4617766650203790942

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

818cb2544d8517efd8aeb84c37930c5836ac9f5ad1fc1b784cb0ca3f9757b0f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 08:33:49 GMT
x-content-type-options: nosniff
age: 540646
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54307
x-xss-protection: 0
last-modified: Tue, 10 Dec 2019 20:49:40 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Dec 2021 08:33:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F3D 0
0 43ms
36ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf_8oahToo_5HK2tLGDEQPhP_8Bkgk-bwNK6AVn2emT6mjQx01wnZUNutit6JrGC-JTKi1p1sFCRSKY4eUkuttf5ZpCUeS9T5mMaByJFs5HJzt4TQaslQQu0YryNicjmx_nX99C48-iZ3JLj-17X80bIoimm27T4m_a6FFytTavAecu8H5IxGw1JrlLyyc2iT1x7Rtwfm6LCcHS8_QPchcM3H26Gd8B6sDs1WEpIxFgu8IB60HY9cks5NbdmkKPguicl-Tab0kSvH7C9c&sai=AMfl-YTu4OSHXaNZ7wuXckJK-5esCQdkZNsNf1cGr9GLalo94_Wsip-w6GZBCFV1BMmqK8TxBtQnNQ993jPxVQAo1cXbV2PcTkgiBnZag8TpxZYCF_m3v1O_mg5FQgq4vFk&sig=Cg0ArKJSzE-LJDrriuegEAE&urlfix=1&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK carousel.php Show response
www.itworldcanada.com/creative/21083%20Zscaler/ Frame 5663 6 KB
2 KB 119ms
106ms Document
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: ffa8d91a0b669b8a76d588dda5d3f3bba0c2eaeea7c555991d40e6de68b339d5

Request headers

Host: www.itworldcanada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ukw=a%3A1%3A%7Bi%3A0%3Bi%3A1607352272%3B%7D; __utma=120853079.1151761211.1607352276.1607352276.1607352276.1; __utmc=120853079; __utmz=120853079.1607352276.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=120853079.1.10.1607352276; __gads=ID=4de7c855c676ef93-229903c657b900fe:T=1607352275:S=ALNI_Mbq_MblTI7NB3BvObZhzxPnY3NQxw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

Date: Mon, 07 Dec 2020 14:44:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Mon, 07 Dec 2020 15:44:33 GMT
Content-Length: 2119
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F3D 76 KB
29 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:35 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E005 0
22 B 35ms
35ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoJi3IsYUF1X7Gwe4DXID69hrbJ0RC4eqcsDPB9gtl446AxyS41TnkTzih6WJLIgNUnX3Z9RF04sQmucZxS_H7aBoQgnsUft1gPrKwMoYdCXGaHKOal7AQFeyBSR2Oh2Iqwn_oVrng2agqo2X68IWgf9fcO8Qt6ECjx2iW90ia9ZkbIGhEWyhiXY-YIpOubl9Q2RA-IxQ-bPz4ww-KAss8g5988EiDQzg4GA2KpxrjsB0V7Q1oZ1HQwjcIyQbOn3jrh5geVCkrwE4T&sai=AMfl-YRh1Sl8CvE2snuVnasA1driw1lYElYrQuiseJNKJiuPKdHee_03REamUPVbWkOfoCxmSP_e926HtqhhTeFH9Ua2NxzWlfdIouJaiqHl9HJo6r8pgdYg_eilUGc5i7Y&sig=Cg0ArKJSzNn4YaJGGI88EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E005 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e809100ad8df0fb3ddee7f096396c3cac769b9b2a69d2ccb838b09bee60a61fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 194E 0
22 B 35ms
34ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscrKyXDbd_jH5Igb-agVAPmzqyzei01gcX5-MGWir3AAZN_D-lZBicjgneismSmbCTbTGZjcszEGl2g4p5oMLr_lw-0ZPw1py9SqSGHPIh2QrXPVj6gJqVi-i2YXxn6-Yt_4mPDVV2yB8gPbw2gNd9Vn0sdDl4mhlUa7zk8qTUsBdWzXGl_4mPXdInqyGYPtYPsqAavpUnGrfE-M89Lo1h2NUiDlyquDdcoj8G54bc7o_hYWnzVjNmun9dRciR59ZkCNDC3p4DoD9ERc7Yww&sai=AMfl-YTpRpBXR0vIwYhy5INzedwF-6ogImRuGkAWKA19VHNCTxMSf_ch7DxQfEn82GZ1a-gc2RsDjQO85m68cntCfF8L_PQwZdgCqmlmxC6pDXnrXYrdmAni3yu3Hhbrmts&sig=Cg0ArKJSzLKilAUfKUTtEAE&urlfix=1&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 194E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 611ab37975baafae5ca1a8e81d08be0b2203ead89163348f275b9e356176e312

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2170 0
22 B 36ms
36ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdu1ShCsgc6emim3av9Gqn1D-eG65J3vpGLhUoLj7LAv1j0itNOgsZn7IJYuWtOs_YhRKolyH9A-fgRv7CrkU1MK5oSIz6lcu2-CEKgeD46Fu6b1BGxirO1Ms30MkbTn4Z4jaz2otWL9YYJvIY821h0yrJF8wTptxuvW0ZYHUAsGBR7dB4KhbgStsfYJmyk6hozpGk2ooG-DLL87WfnEtSAHfcCBplAsk0Ux7-k_6u3dB9Nm6N4ygJz5Gh90SI_UWc5Z8hGnDiCqBQ&sai=AMfl-YRxzbWjkQLlwR4vYUm1pKgVGxiPWTX-zeH4qqIw9aWK9tNGgc9abPVKYajdDZAuFNDklfPGCgJ0_qaw9ovhSaWCEAcxvNdhNI5id_ggsxKE4ydxMseP1RiUfGCPgNo&sig=Cg0ArKJSzOhd6TZ-lqZHEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2170 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d30ce8d086475902017b59f85a55aebf6e2261a52f9be66d5935792717c29b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0B47 0
22 B 36ms
35ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyIc4fjZvhjetDzTbG6TaJ0JMJw6DmSuBnOkIV3TONWA9P4tE3S_iXPFdyFIpXWMVe7AML12Po7e82RFu65o-Y99p79ESYXiCxTqvTXZ-Wwzt5LmZqmukZLaL2KHLmePM6R4kqoNYx4RuflKBEhqMjfAE3eHYPyVi4hTd9HNftDvTuO_1h4agm8rVpsPovzkb5EItCNSMlN6D0OunfQTQfSlcKzLhWw7nEHpadv1mLP194SnkUaMKuxAZGGxzrPLh2dikIj_xCMhAx&sai=AMfl-YQYYTvr3kFeWrNNYzDRLZmBnLCuUXQP0BonLJ9T1s22Mjs8kCg4LpgkxtycVM2eajMZ1Tv5-ZmCIi8ax2fI_6ezZJwKh2zK06GeGBgF6Gu-9BM-SEjNBhCtPn_qN_I&sig=Cg0ArKJSzP6Ej3O3ZQ9LEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0B47 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 262c8173762faa1f18c1c4c0ee00790bf4931f82e4317d163ad626f3b04edc89

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D20 0
22 B 35ms
35ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8bioHEyuB-1oy7e84ANPNSeMFSVdHDV3to_3T6n4Z_XjmE3LGgycegdXxhuwkTnirFG-UREDVGuQIUFJvzDpPLFhYXpZbvvJ2ZK21nZW6ymkds3h19qAwQZuUVp-4MX3azlrjdIdwBbii55Fse8dCHgNkzXpJhjOQm-aQ1DYWNLh1veKNn64YwJBQcmTcxRXT5PpWtU9FQhjYp5dfepgMpkikfUS4w7gptKBwlAKt9CHHVVRVeGwtDPTmOMdgT7O31QdEd4dFIBnA&sai=AMfl-YSu-iddJKGxr_kJf3aMpAPEmdwZqsHpdh7LcHoiMiaNt9NNmJ5-yQ_8vXytPar2ScxQGX5okutX-sbBsm0b43sUrX3xRGSPRJrtw_fULYTKss8UGL9InBkWWjoieWo&sig=Cg0ArKJSzEcqDC_v7ESTEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4D20 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96aff6c11d4c69361642400cc79a9afa8e73b929f50cca7f9908ddfc53d01197

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F3D 0
22 B 36ms
36ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv08yvGusmrPMzqu3xN6Y8kLPT7ewQCVa8p5c0VYfZcfSKkerJgHTHgVqcy_rBCTQ4EVmpM8ofWw84RyVqTMwdLiFVvG4f9hnkSNSBtnYe1_-91WnWuQiWOjMh4LIH9BhzTElpkj0ZuTzmOszeyi2boerr-gR1VRHq8jcu_TPAsCt10g7zL3BtoacfW5o2XuEiHqIx0qtYpuU59pSIZx52N4ACWYmNJEKf3r9siLBEzXk5rRaVz9JJdmXoeksl75wwq-RYWM1SclBl3rpDN-w&sai=AMfl-YQl5VOIs_WJpTvg5r8OnMgC53ahwPS1eFlpLTN0VG9PPxVS2xEalFIrxpJ61_IPh0_5006qLASvRBIE7QcXcMWKbLCBtU8CN_djUdI3L80OIiEKoLoX3IqKGNAH8S0&sig=Cg0ArKJSzO_QZIWjfuEnEAE&urlfix=1&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8F3D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d41d625635c2d65d419c8fe8d27dbad4f3ac88bc554ea4f86143e8644fe468

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
404 B 58ms
56ms XHR
text/plain 178.62.192.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-7477c61df49044b49eabbd94edfbd933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.192.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
server: nginx
x-influxdb-build: OSS
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://www.itworldcanada.com
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: b9ea3b11-389a-11eb-b0ed-0242ac110002
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version: 1.8.2
x-request-id: b9ea3b11-389a-11eb-b0ed-0242ac110002

OPTIONS
H2 204 write
hits-i.iubenda.com/ Frame 0
0 65ms
19ms Other
text/plain 178.62.192.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Server: 178.62.192.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://www.itworldcanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 07 Dec 2020 14:44:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ Frame 2B82 2 KB
1 KB 17ms
16ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 396290
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 745
cf-request-id: 06df426bf700002ba19b855000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-897"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jxr4h%2BRFJqEjGSPXC%2Bw9Oua4jodU6NL%2Bnga8IQqFf0jd6L9ytBSc5g44L%2Fn%2Bl%2FyghIKhI2LCCQh7yxgOr029%2BLAI4%2FtMaouRJ3DW5V2gDGDTdn85OAEAdiYfLgufMeXhDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068cbab82ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H/1.1 200
OK slick.css
www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/ Frame 2B82 4 KB
2 KB 108ms
107ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/slick.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: a1088626aba0f660beb249dd05b5c40758eddbb679fea13dc602344b28f7de9e

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2017 19:58:56 GMT
Server: Apache
ETag: "ffa-55a08fd180000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1146
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK style.css
www.itworldcanada.com/client/ToolStyle/Nanosite/ Frame 2B82 9 KB
3 KB 105ms
105ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/client/ToolStyle/Nanosite/style.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 200e849c74e63b2b9e49c61810aa1be286a0a0d027df991172cb140efc3e1cc0

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 18:25:37 GMT
Server: Apache
ETag: "2369-56a4bd084aa40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2367
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H/1.1 200
OK logo.jpg
messagent.itworldcanada.com/images/leadgen/ITW15-120/ Frame 2B82 22 KB
22 KB 507ms
194ms Image
image/jpeg 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/leadgen/ITW15-120/logo.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 99bd6f1b9200158ed6e116b066442807c53d07abfea61a5e56e7a9e0254ef2e0

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Mon, 31 Aug 2015 19:35:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0746c3524e4d01:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 22435

GET
H/1.1 200
OK ITW-20099d.PNG
messagent.itworldcanada.com/images/regpages2020/20099/ Frame 2B82 58 KB
59 KB 550ms
223ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/regpages2020/20099/ITW-20099d.PNG
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 88a88f1028b6e8eee714eae78840dd6b515b3e53de01ed59d002462810d9b557

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Fri, 02 Oct 2020 13:53:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e67b8b65c398d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 59750

GET
H/1.1 200
OK ITW-20099c.PNG
messagent.itworldcanada.com/images/regpages2020/20099/ Frame 2B82 24 KB
25 KB 552ms
223ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/regpages2020/20099/ITW-20099c.PNG
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc33beb8434216e9c0fc4bc75a45a732a62d4619f35b492d67279ad4192b46df

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Fri, 02 Oct 2020 13:53:21 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "39b7b263c398d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 25002

GET
H/1.1 200
OK ITW-20099b.PNG
messagent.itworldcanada.com/images/regpages2020/20099/ Frame 2B82 1 MB
1 MB 552ms
224ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/regpages2020/20099/ITW-20099b.PNG
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 12f773c74b8afeb0327dabc1724b42724961b5f86b73e8b92747a1f5d68cafcb

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Fri, 02 Oct 2020 13:53:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80663e60c398d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1297129

GET
H/1.1 200
OK ITW-20099A.PNG
messagent.itworldcanada.com/images/regpages2020/20099/ Frame 2B82 50 KB
50 KB 553ms
225ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/regpages2020/20099/ITW-20099A.PNG
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 62369cc2c7eccdda6a06498ee6ea33d1a79600e2d0a0eb8eba5e2d3f48decde0

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Fri, 02 Oct 2020 13:53:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f6ade5dc398d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 50877

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ Frame 2B82 82 KB
26 KB 18ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 440309
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 26660
cf-request-id: 06df426c0000002ba19b857000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zPdT6qGHDME%2FI9Zn3ty47eCm3BZkKovpT8%2FaKBJW8CsKtEHJB6j%2B%2Ft52HbREvzUEFKCe8kHsRpLzCRXPUyuJZmrlQSB4D3fpBNakLPObRGsT%2FCFscigLB54kiLq7hJuldg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068ccad22ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/ Frame 2B82 7 KB
3 KB 23ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 299375
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2687
cf-request-id: 06df426c0000002ba1f5815000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1c20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jvPlve%2B3PIiCt89qF24OcvCKXOKl1EA9utK%2BW7OvgzvAB1kkjuRxBoNmn2NKj9MroM0fp51KvAnpIfyTojHOOcjVldB0w%2FaxfjEoMJwTesk2WpRbB3HIFNyzWM%2Fo7Hv5qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068ccae02ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.3.15/ Frame 2B82 31 KB
7 KB 23ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.3.15/slick.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f5e26e6801b6a835e3b22bddaa410b96768b33e226622e315d2b219b64c29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 440299
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6962
cf-request-id: 06df426c0100002ba1b6944000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-7d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=crmvkjsQ3a0yUPGQ9qxBboTrIyZDElEdNUGhAe6LP04jJFYRRnBNWzDBTVeIsurzgFbpTTg%2FUzsUfaVhbq%2FZR9cmgEQpoR0URm8NP4%2F96qCUFLZCjVW8sB2QQhNiFP2kHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068ccae42ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H3-Q050 200 ga.js Show response
ssl.google-analytics.com/ Frame 2B82 45 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3020
date: Mon, 07 Dec 2020 13:54:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 07 Dec 2020 15:54:15 GMT

GET
H/1.1 200
OK slick.css
www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/ Frame 2B82 0
2 KB 107ms
105ms Other
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/slick.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/creative/20099%20IBM/nano.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2017 19:58:56 GMT
Server: Apache
ETag: "ffa-55a08fd180000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1146
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ Frame 5663 2 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 396290
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 745
cf-request-id: 06df426c0500002ba1c3340000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-897"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ep%2BELCXNaqlvYFnGk%2BatoDUf7%2B9gIxJpwaQgW29CA3D0knviQULBF9ThVxD3g4Twf%2FuG5rBI9irApNTf8BCcjq%2FvEh9tRESHg8Wk6kKdGL8f7XXcrUhLXUdgPGZUd6NMvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068ccae62ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/jquery.slick/1.3.8/ Frame 5663 4 KB
1 KB 28ms
6ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.3.8/slick.css

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6789f364ba25e1f7a0516fd10093ac81e60c3c37a7751398171cabba2685a94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 60256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1151
etag: W/"1022-O2lyt3OBaMGxWX01KyVjZcasF5s"
x-served-by: cache-fra19123-FRA
date: Mon, 07 Dec 2020 14:44:35 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK carousel_tool_generate.css
tools.itwc.ca/css/ Frame 5663 9 KB
9 KB 420ms
104ms Stylesheet
text/css 64.140.127.175
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.itwc.ca/css/carousel_tool_generate.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.140.127.175 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 20bf1c8cad038b62a5490e0396d1fe02240e5508566f768864144e167c0a1b55

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:19 GMT
Last-Modified: Tue, 05 Feb 2019 01:31:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag: "2242-5811b900305e1"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8770

GET
H/1.1 200
OK Zscaler.png
messagent.itworldcanada.com/images/logos/Zscalar/ Frame 5663 23 KB
24 KB 593ms
206ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/logos/Zscalar/Zscaler.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 814ef758a51b8c5735a202d29cbe551bf6fd9fe2320df1b07d9e70095bf06ed5

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Tue, 05 Nov 2019 12:44:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "aa6a77b8d693d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23963

GET
H/1.1 200
OK ITW-21083C.PNG
messagent.itworldcanada.com/images/RegPages2021/21083Zscaler/ Frame 5663 1022 KB
1022 KB 706ms
204ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/RegPages2021/21083Zscaler/ITW-21083C.PNG
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b1b3b386b7e2cfcc7c6ac72a27cf1dd2857a0138e96bab61aff35ee4b0b0d26

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Wed, 04 Nov 2020 18:41:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a11731adab2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1046229

GET
H/1.1 200
OK ITW-21083B.PNG
messagent.itworldcanada.com/images/RegPages2021/21083Zscaler/ Frame 5663 818 KB
818 KB 708ms
158ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/RegPages2021/21083Zscaler/ITW-21083B.PNG
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2866c1a0d0dee5240cffd59a617b50e10664a3d4e2d48b69fe4f39a566f5825d

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Wed, 04 Nov 2020 18:41:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "463ba018dab2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 837211

GET
H/1.1 200
OK ITW-21083A.PNG
messagent.itworldcanada.com/images/RegPages2021/21083Zscaler/ Frame 5663 776 KB
776 KB 756ms
161ms Image
image/png 64.140.127.183
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messagent.itworldcanada.com/images/RegPages2021/21083Zscaler/ITW-21083A.PNG
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 64.140.127.183 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9917eebdb0ed8335cddec0225f7f0abd09df9906331bf57edc694c9661bbdfde

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:10 GMT
Last-Modified: Wed, 04 Nov 2020 18:41:21 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "889e4217dab2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 794244

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ Frame 5663 82 KB
26 KB 17ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 440309
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 26660
cf-request-id: 06df426c0500002ba19b858000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wUJo5NbMQ8oxflLABGnsIEVDC0lOyarC7hpd03hZMlYrZLRzKFCY%2F%2F2REC9Ptdg4ysPcudQEx7F9SqD2rLCDwsiM0X67JNYuvLQHSXAlzQzfPuStdipV00zBsq7uynoKOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068cdb002ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/ Frame 5663 7 KB
3 KB 23ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 299375
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2687
cf-request-id: 06df426c0900002ba1baa4e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1c20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B%2FBbUm4ud3H%2F8QKJxkXGoo2%2F59UuAKGnTez%2FlLNtFpmTo3ZiqiQJ9ELacrQQJ5hkCBmt0F6HymqVXZv1uZUUtG%2BHY%2F4Zg%2F3wdtvAi2iFWa8jdLzw480Y8L3g9%2FslgzE3mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068cdb022ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.3.15/ Frame 5663 31 KB
7 KB 18ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.3.15/slick.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f5e26e6801b6a835e3b22bddaa410b96768b33e226622e315d2b219b64c29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 440299
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6962
cf-request-id: 06df426c0500002ba106036000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-7d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GUtqYDFZfhuojlPSmjsGcspWPNm3%2FeDwf0dLBGv%2BnisonwHo40QjIcMIGg1HjmL58DmBsirFE%2FPZZ%2FgNFLGwEx6%2BQcnu6HO4Z1n2XPrJR7s7tSvB7%2FATH44m4g4vuQiM%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf068cdb042ba1-FRA
expires: Sat, 27 Nov 2021 14:44:35 GMT

GET
H/1.1 200
OK index.js Show response
www.itworldcanada.com/client/WebOpsAds/19079-JAMF/Carousel/js/ Frame 5663 321 B
599 B 105ms
103ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/client/WebOpsAds/19079-JAMF/Carousel/js/index.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5b825c8fa71955826463b9eb8a7794f1a62cfd9b31610c4ffc81993980050096

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Mar 2017 18:51:07 GMT
Server: Apache
ETag: "141-54aa131aa7cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 167
Expires: Tue, 07 Dec 2021 14:44:33 GMT

GET
H3-Q050 200 ga.js Show response
ssl.google-analytics.com/ Frame 5663 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3020
date: Mon, 07 Dec 2020 13:54:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 07 Dec 2020 15:54:15 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/jquery.slick/1.3.8/ Frame 5663 0
1 KB 26ms
6ms Other
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.3.8/slick.css

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/creative/21083%20Zscaler/carousel.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 60256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1151
etag: W/"1022-O2lyt3OBaMGxWX01KyVjZcasF5s"
x-served-by: cache-fra19123-FRA
date: Mon, 07 Dec 2020 14:44:35 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 39ms
22ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1527847
strict-transport-security: max-age=300; includeSubdomains
content-length: 22655
cf-request-id: 06df426c320000dfff100ab000000001
timing-allow-origin: *
last-modified: Thu, 19 Nov 2020 22:06:27 GMT
server: cloudflare
etag: "5fb6ec63-587f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 5fdf068d1f02dfff-FRA
x-amz-cf-id: U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires: Fri, 19 Nov 2021 22:20:27 GMT

GET
H2 200 common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js
c.disquscdn.com/next/embed/ 0
93 KB 33ms
16ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 572486
strict-transport-security: max-age=300; includeSubdomains
content-length: 94783
cf-request-id: 06df426c320000dfffc10a3000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 23:25:14 GMT
server: cloudflare
etag: "5fc57f5a-1723f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 5fdf068d1f05dfff-FRA
x-amz-cf-id: qTlIsgJeiVKYLpKJk7-tZpsLzHRMZ2jhKj-dLst3ozr307jdRNXxtw==
expires: Tue, 30 Nov 2021 23:43:04 GMT

GET
H2 200 lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
c.disquscdn.com/next/embed/ 0
114 KB 41ms
24ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1451650
strict-transport-security: max-age=300; includeSubdomains
content-length: 116379
cf-request-id: 06df426c320000dfffb72ea000000001
timing-allow-origin: *
last-modified: Fri, 20 Nov 2020 19:08:20 GMT
server: cloudflare
etag: "5fb81424-1c69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C1
accept-ranges: bytes
cf-ray: 5fdf068d1f06dfff-FRA
x-amz-cf-id: yaoISWtZa_Htm13y7eXpFluexrytRU8scoM6I0rwGiOxoIOb1BdMdg==
expires: Sat, 20 Nov 2021 19:30:24 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
10 KB 69ms
21ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:36 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 9
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9280
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 2B82 2 KB
664 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/client/ToolStyle/Nanosite/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

735c136528612f775a92a5c23b77764db00d30a288817822c2af3bd1fcf67520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/client/ToolStyle/Nanosite/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 14:25:32 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 14:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:36 GMT

GET
H/1.1 404
Not Found ajax-loader.gif
www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/ Frame 2B82 8 KB
8 KB 491ms
491ms Image
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/ajax-loader.gif
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/slick.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 75b2d1e15ed5593acaee03e77ea578c205ac1bbb2c6e05fd308d82f65fd937f1

Request headers

Referer: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/slick.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:34 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://www.itworldcanada.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=94
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2B82 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.itworldcanada.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 05:31:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 551572
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Wed, 01 Dec 2021 05:31:44 GMT

GET
H/1.1 200
OK slick.woff
www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/ Frame 2B82 1 KB
2 KB 106ms
106ms Font
application/font-woff 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/slick.woff
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/slick.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Origin: https://www.itworldcanada.com
Referer: https://www.itworldcanada.com/client/WebOpsAds/PrathResources/NanoCaroV2/slick.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Dec 2020 14:44:34 GMT
Content-Encoding: gzip
Server: Apache
ETag: "564-55a08f6a80d00-gzip"
Vary: Accept-Encoding
Content-Type: application/font-woff
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1343
Expires: Tue, 07 Dec 2021 14:44:34 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 1D00 0
0 154ms
153ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=itworldcanada&t_i=439150%20https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2F%2F439150&t_u=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&t_e=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&t_d=%0A%0ARansomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released%09&t_t=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&s_o=default

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

Connection: keep-alive
Content-Length: 2759
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 04 Dec 2020 23:33:23 GMT
ETag: W/"lounge:view:8301440192.8e13e3cc2a377b8f527aa2497470e770.2"
Content-Encoding: gzip
Date: Mon, 07 Dec 2020 14:44:36 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK cube.js Show response
bb.itwc.ca/js/ 9 KB
9 KB 429ms
101ms Script
text/x-javascript 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/js/cube.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 1f822027b6c82d89cf087cfcf56e7e755a870111faf04c87cf626108f7b5263e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:19 GMT
Last-Modified: Thu, 30 May 2019 19:45:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag: "240f-58a2024af034e"
Content-Type: text/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9231

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 75A3 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.itworldcanada.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1111264
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Dec 2020 14:44:36 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A9)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 200
OK moment~timeline~tweet.ae149926685a43cb146e35371430188e.js Show response
platform.twitter.com/js/ 23 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/418E) /
Resource Hash: a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:52 GMT
Server: ECS (fcn/418E)
Age: 1111264
Etag: "e124818066aeec3e87b656a0a1df57e4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 7650

GET
H/1.1 200
OK timeline.687eed636a16648c9f0b1f72d7fa68bd.js Show response
platform.twitter.com/js/ 21 KB
7 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.687eed636a16648c9f0b1f72d7fa68bd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4187) /
Resource Hash: 2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:52 GMT
Server: ECS (fcn/4187)
Age: 1111263
Etag: "4802138c5d5b0d168458837da333276e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6648

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 176 KB
13 KB 18ms
18ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_itworldca_old&dnt=false&domain=www.itworldcanada.com&lang=en&screen_name=itworldca&suppress_response_codes=true&t=1785946&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D25) /

Resource Hash

0aeca41772a0900acc8d7a22f7edb41ae64cded071053d745df398a411b4fd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 13262
x-xss-protection: 0
x-response-time: 174
last-modified: Mon, 07 Dec 2020 14:41:06 GMT
server: ECS (lcy/1D25)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Mon, 07 Dec 2020 14:49:36 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 64e2c805bf316c767c9e73d06e7c7b0f
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 009c0f1800f8c91a
access-contol-allow-origin: platform.twitter.com

GET
H2 200 3VayvMnm
pbs.twimg.com/card_img/1335946293554769923/ Frame C774 4 KB
4 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335946293554769923/3VayvMnm?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 2559
x-cache: HIT
content-length: 3649
x-response-time: 135
surrogate-key: card_img card_img/bucket/9 card_img/1335946293554769923
last-modified: Mon, 07 Dec 2020 13:54:31 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80205445bba855f3dbe0b005e9e8d956
accept-ranges: bytes

GET
H2 200 un5gslFZ
pbs.twimg.com/card_img/1334276417203277826/ Frame C774 5 KB
5 KB 11ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334276417203277826/un5gslFZ?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 5200
x-cache: HIT
content-length: 4837
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1334276417203277826
last-modified: Wed, 02 Dec 2020 23:19:02 GMT
server: ECS (fcn/419A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 62e1149b44b1bb52d3f6c862df97febb
accept-ranges: bytes

GET
H2 200 1f449.png
abs.twimg.com/emoji/v2/72x72/ Frame C774 423 B
737 B 33ms
6ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f449.png

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FB1) /

Resource Hash

9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 10095553
x-ton-expected-size: 423
x-cache: HIT
content-length: 423
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECAcc (frc/8FB1)
etag: "LFXrh3o/sfOGHVbERP/uFQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6f0e48e5eb99b612b9c73708adfaf2ac
accept-ranges: bytes
expires: Tue, 07 Dec 2021 14:44:36 GMT

GET
H2 200 YuX3kb7D
pbs.twimg.com/card_img/1334456088666763264/ Frame C774 6 KB
6 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334456088666763264/YuX3kb7D?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 351633
x-cache: HIT
content-length: 5813
x-response-time: 134
surrogate-key: card_img card_img/bucket/6 card_img/1334456088666763264
last-modified: Thu, 03 Dec 2020 11:12:59 GMT
server: ECS (fcn/40E8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 963bee28d789054713d84657ba017cc0
accept-ranges: bytes

GET
H2 200 6GF5KFCX
pbs.twimg.com/card_img/1335888240373608448/ Frame C774 51 KB
51 KB 10ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335888240373608448/6GF5KFCX?format=jpg&name=1200x627

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

82fd32ca1b865a8184024f0f84f05aa06bfa79a27e598d804193becc9b3e22b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 16582
x-cache: HIT
content-length: 52001
x-response-time: 197
surrogate-key: card_img card_img/bucket/3 card_img/1335888240373608448
last-modified: Mon, 07 Dec 2020 10:03:50 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bbf4a8375dbbf54b2dfd55f40e1c642c
accept-ranges: bytes

GET
H2 200 zbKK4M7Y
pbs.twimg.com/card_img/1335888211785211904/ Frame C774 25 KB
25 KB 16ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335888211785211904/zbKK4M7Y?format=jpg&name=1200x627

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

4b40447ac6803c7967a6db273bfafcda8e161b7b32f2e2c25e24693e86aae9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 16729
x-cache: HIT
content-length: 25749
x-response-time: 188
surrogate-key: card_img card_img/bucket/1 card_img/1335888211785211904
last-modified: Mon, 07 Dec 2020 10:03:43 GMT
server: ECS (fcn/41AC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9abc5dd72bac5b30b43fbf94c636b483
accept-ranges: bytes

GET
H2 200 E-0JHBSN
pbs.twimg.com/card_img/1334579076963528704/ Frame C774 10 KB
10 KB 11ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334579076963528704/E-0JHBSN?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

0155c8aec6021d07eba9a80bd27f35a093ae8c4fc9a7a7f731b4e5a90a6b5e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 328427
x-cache: HIT
content-length: 9967
x-response-time: 141
surrogate-key: card_img card_img/bucket/9 card_img/1334579076963528704
last-modified: Thu, 03 Dec 2020 19:21:41 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 47514401f1bd19b88ebf48a5e8ba8436
accept-ranges: bytes

GET
H2 200 1f33b.png
abs.twimg.com/emoji/v2/72x72/ Frame C774 835 B
978 B 33ms
7ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f33b.png

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA8) /

Resource Hash

cec65ee7ed23f5724798c193f8570661a789c210836ee2c8cb7dd16aacbcee18

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 18407808
x-ton-expected-size: 835
x-cache: HIT
content-length: 835
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:29 GMT
server: ECAcc (frc/8EA8)
etag: "PMtdmpls9tAhrdseUWTMCw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 266f448d5faec4386f6eecf8f3939db0
accept-ranges: bytes
expires: Tue, 07 Dec 2021 14:44:36 GMT

GET
H2 200 OOoHU7ja
pbs.twimg.com/card_img/1334911109585920003/ Frame C774 6 KB
6 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334911109585920003/OOoHU7ja?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 247503
x-cache: HIT
content-length: 5751
x-response-time: 135
surrogate-key: card_img card_img/bucket/4 card_img/1334911109585920003
last-modified: Fri, 04 Dec 2020 17:21:04 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5a14a6e0ea08baaa15528dd519f20da
accept-ranges: bytes

GET
H2 200 xLvEW5g3
pbs.twimg.com/card_img/1333907074791710723/ Frame C774 5 KB
6 KB 10ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333907074791710723/xLvEW5g3?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

f07242a796179a5a0fbb8d23b885f4f6f7b5b74190ed7e1bbb8dc4f31d4ea296

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 161047
x-cache: HIT
content-length: 5555
x-response-time: 130
surrogate-key: card_img card_img/bucket/6 card_img/1333907074791710723
last-modified: Tue, 01 Dec 2020 22:51:24 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3ffa99800b6a535215f5a3688c40b486
accept-ranges: bytes

GET
H2 200 Mi3-Xlmk
pbs.twimg.com/card_img/1333463210163318786/ Frame C774 5 KB
5 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333463210163318786/Mi3-Xlmk?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 233368
x-cache: HIT
content-length: 4733
x-response-time: 142
surrogate-key: card_img card_img/bucket/5 card_img/1333463210163318786
last-modified: Mon, 30 Nov 2020 17:27:38 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 28dbd8f04a2a669171bf082eb56cb439
accept-ranges: bytes

GET
H2 200 AJBapCmX
pbs.twimg.com/card_img/1333886245894717442/ Frame C774 9 KB
9 KB 11ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333886245894717442/AJBapCmX?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

ddb7f028e2d7feef307275850a96ab7450bc59ea4f45882bed8f17948d52a219

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 227363
x-cache: HIT
content-length: 9221
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1333886245894717442
last-modified: Tue, 01 Dec 2020 21:28:38 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f5c979f52148a1d15c128518a22413b2
accept-ranges: bytes

GET
H2 200 xtMj8Av-
pbs.twimg.com/card_img/1334956741080051718/ Frame C774 28 KB
28 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334956741080051718/xtMj8Av-?format=jpg&name=1200x627

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

1c268de4574f9053d106713ad28283a8bead807bea5b69337afc6703b303e442

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 238800
x-cache: HIT
content-length: 28464
x-response-time: 210
surrogate-key: card_img card_img/bucket/7 card_img/1334956741080051718
last-modified: Fri, 04 Dec 2020 20:22:24 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 478ff7ddcc75471e6e7b7d4a897a3393
accept-ranges: bytes

GET
H2 200 O5mgrjfb
pbs.twimg.com/card_img/1334247045696266241/ Frame C774 5 KB
5 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334247045696266241/O5mgrjfb?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 265494
x-cache: HIT
content-length: 4837
x-response-time: 138
surrogate-key: card_img card_img/bucket/1 card_img/1334247045696266241
last-modified: Wed, 02 Dec 2020 21:22:19 GMT
server: ECS (fcn/40E5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7507b507af47e7478b1216be6ccb6332
accept-ranges: bytes

GET
H2 200 pVipIEex
pbs.twimg.com/card_img/1334332554468528129/ Frame C774 4 KB
4 KB 13ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334332554468528129/pVipIEex?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EB) /

Resource Hash

ab0b4f010f42951473657ecbde7bf9f2893779d6241e0b8d45bd474879031ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 341740
x-cache: HIT
content-length: 4100
x-response-time: 124
surrogate-key: card_img card_img/bucket/6 card_img/1334332554468528129
last-modified: Thu, 03 Dec 2020 03:02:06 GMT
server: ECS (fcn/40EB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1af10b5b1b6076e86d33df0ec896dee2
accept-ranges: bytes

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame C774 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:48 GMT
Server: ECS (fcn/4195)
Age: 1111264
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:48 GMT
Server: ECS (fcn/4195)
Age: 1111264
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 3VayvMnm
pbs.twimg.com/card_img/1335946293554769923/ Frame C774 4 KB
4 KB 13ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335946293554769923/3VayvMnm?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 2559
x-cache: HIT
content-length: 3649
x-response-time: 135
surrogate-key: card_img card_img/bucket/9 card_img/1335946293554769923
last-modified: Mon, 07 Dec 2020 13:54:31 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80205445bba855f3dbe0b005e9e8d956
accept-ranges: bytes

GET
H2 200 un5gslFZ
pbs.twimg.com/card_img/1334276417203277826/ Frame C774 5 KB
5 KB 13ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334276417203277826/un5gslFZ?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 5200
x-cache: HIT
content-length: 4837
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1334276417203277826
last-modified: Wed, 02 Dec 2020 23:19:02 GMT
server: ECS (fcn/419A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 62e1149b44b1bb52d3f6c862df97febb
accept-ranges: bytes

GET
H2 200 YuX3kb7D
pbs.twimg.com/card_img/1334456088666763264/ Frame C774 6 KB
6 KB 11ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334456088666763264/YuX3kb7D?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 351633
x-cache: HIT
content-length: 5813
x-response-time: 134
surrogate-key: card_img card_img/bucket/6 card_img/1334456088666763264
last-modified: Thu, 03 Dec 2020 11:12:59 GMT
server: ECS (fcn/40E8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 963bee28d789054713d84657ba017cc0
accept-ranges: bytes

GET
H2 200 6GF5KFCX
pbs.twimg.com/card_img/1335888240373608448/ Frame C774 51 KB
51 KB 11ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335888240373608448/6GF5KFCX?format=jpg&name=1200x627

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

82fd32ca1b865a8184024f0f84f05aa06bfa79a27e598d804193becc9b3e22b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 16582
x-cache: HIT
content-length: 52001
x-response-time: 197
surrogate-key: card_img card_img/bucket/3 card_img/1335888240373608448
last-modified: Mon, 07 Dec 2020 10:03:50 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bbf4a8375dbbf54b2dfd55f40e1c642c
accept-ranges: bytes

GET
H2 200 zbKK4M7Y
pbs.twimg.com/card_img/1335888211785211904/ Frame C774 25 KB
25 KB 12ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335888211785211904/zbKK4M7Y?format=jpg&name=1200x627

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

4b40447ac6803c7967a6db273bfafcda8e161b7b32f2e2c25e24693e86aae9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 16729
x-cache: HIT
content-length: 25749
x-response-time: 188
surrogate-key: card_img card_img/bucket/1 card_img/1335888211785211904
last-modified: Mon, 07 Dec 2020 10:03:43 GMT
server: ECS (fcn/41AC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9abc5dd72bac5b30b43fbf94c636b483
accept-ranges: bytes

GET
H2 200 E-0JHBSN
pbs.twimg.com/card_img/1334579076963528704/ Frame C774 10 KB
10 KB 11ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334579076963528704/E-0JHBSN?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

0155c8aec6021d07eba9a80bd27f35a093ae8c4fc9a7a7f731b4e5a90a6b5e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 328427
x-cache: HIT
content-length: 9967
x-response-time: 141
surrogate-key: card_img card_img/bucket/9 card_img/1334579076963528704
last-modified: Thu, 03 Dec 2020 19:21:41 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 47514401f1bd19b88ebf48a5e8ba8436
accept-ranges: bytes

GET
H2 200 yL2oxjWh_normal.jpg
pbs.twimg.com/profile_images/1260203853540188160/ Frame C774 2 KB
2 KB 11ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1260203853540188160/yL2oxjWh_normal.jpg

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

e66e1dc6e3acf767cf93a2e582232e70169db2dd55b107986cdd453831acb347

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 519283
x-cache: HIT
content-length: 2263
x-response-time: 172
surrogate-key: profile_images profile_images/bucket/1 profile_images/1260203853540188160
last-modified: Tue, 12 May 2020 13:41:06 GMT
server: ECS (fcn/40D4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 95d7b75f3417ad80749336aa584359e8
accept-ranges: bytes

GET
H2 200 Eob8qFEUYAAnTgI
pbs.twimg.com/media/ Frame C774 19 KB
19 KB 12ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Eob8qFEUYAAnTgI?format=jpg&name=360x360

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

5ff4860203872657d699192f548799c7a82b6a213ec69a01ba738356d7f0331b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 218850
x-cache: HIT
content-length: 19006
x-response-time: 142
surrogate-key: media media/bucket/2 media/1335032139406925824
last-modified: Sat, 05 Dec 2020 01:22:00 GMT
server: ECS (fcn/41A9)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c3f643a6586e4fb6da3cf442f32cb0c5
accept-ranges: bytes

GET
H2 200 EoZ4o9KUYAABH0L
pbs.twimg.com/media/ Frame C774 19 KB
19 KB 12ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EoZ4o9KUYAABH0L?format=jpg&name=360x360

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

ec5eef8293c6aae268347d13da74a7faa0189c1b3b89d6e40cf4b9e6e02c7d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 255132
x-cache: HIT
content-length: 19229
x-response-time: 145
surrogate-key: media media/bucket/4 media/1334886984569872384
last-modified: Fri, 04 Dec 2020 15:45:12 GMT
server: ECS (fcn/40DE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7834ab1a019795ef4555595eea1b9439
accept-ranges: bytes

GET
H2 200 EoatEqLUcAEOfQF
pbs.twimg.com/media/ Frame C774 11 KB
11 KB 10ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EoatEqLUcAEOfQF?format=jpg&name=240x240

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B3) /

Resource Hash

c4673c2068d4a0ee6ac6ee8426f30d8c9bd341350fc261b4f6bab4409432b5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 241681
x-cache: HIT
content-length: 10996
x-response-time: 147
surrogate-key: media media/bucket/7 media/1334944635114778625
last-modified: Fri, 04 Dec 2020 19:34:17 GMT
server: ECS (fcn/40B3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4bf84b4c81f835580dad5920a5191007
accept-ranges: bytes

GET
H2 200 EoatExGVgAIOMc3
pbs.twimg.com/media/ Frame C774 12 KB
12 KB 10ms
9ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EoatExGVgAIOMc3?format=png&name=240x240

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

3463b3ae5f71ff44a6bb5730fe1dc1b99f4329b7df481e202831fec6e8bdf94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 241681
x-cache: HIT
content-length: 12528
x-response-time: 132
surrogate-key: media media/bucket/0 media/1334944636972924930
last-modified: Fri, 04 Dec 2020 19:34:18 GMT
server: ECS (fcn/4186)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: afe3c3f3c2df1d8b579befcf03089084
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame C774 44 KB
7 KB 9ms
6ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418637
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 64ae87e129e8b165f1ce1176293cd112
accept-ranges: bytes
expires: Mon, 14 Dec 2020 14:44:36 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 11ms
9ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418637
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 64ae87e129e8b165f1ce1176293cd112
accept-ranges: bytes
expires: Mon, 14 Dec 2020 14:44:36 GMT

GET
DATA 200
OK truncated
/ Frame C774 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C774 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C774 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C774 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C774 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C774 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5663 2 KB
975 B 34ms
21ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: tools.itwc.ca
URL: https://tools.itwc.ca/css/carousel_tool_generate.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

735c136528612f775a92a5c23b77764db00d30a288817822c2af3bd1fcf67520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tools.itwc.ca/css/carousel_tool_generate.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 13:35:53 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 14:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:36 GMT

GET
H2 200 ajax-loader.gif
cdn.jsdelivr.net/jquery.slick/1.3.8/ Frame 5663 4 KB
4 KB 7ms
6ms Image
image/gif 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.3.8/ajax-loader.gif

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery.slick/1.3.8/slick.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/jquery.slick/1.3.8/slick.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 381253
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4178
etag: W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
x-served-by: cache-fra19123-FRA
date: Mon, 07 Dec 2020 14:44:36 GMT
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 5663 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.itworldcanada.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 05:31:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 551572
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Wed, 01 Dec 2021 05:31:44 GMT

GET
H2 200 slick.woff
cdn.jsdelivr.net/jquery.slick/1.3.8/fonts/ Frame 5663 1 KB
2 KB 18ms
6ms Font
font/woff 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.3.8/fonts/slick.woff

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery.slick/1.3.8/slick.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.itworldcanada.com
Referer: https://cdn.jsdelivr.net/jquery.slick/1.3.8/slick.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 1555770
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1380
etag: W/"564-r5HBLw9Aak+AGus7OYdo/kHY+GQ"
x-served-by: cache-fra19144-FRA
date: Mon, 07 Dec 2020 14:44:36 GMT
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3VayvMnm
pbs.twimg.com/card_img/1335946293554769923/ Frame C774 4 KB
4 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335946293554769923/3VayvMnm?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 2559
x-cache: HIT
content-length: 3649
x-response-time: 135
surrogate-key: card_img card_img/bucket/9 card_img/1335946293554769923
last-modified: Mon, 07 Dec 2020 13:54:31 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80205445bba855f3dbe0b005e9e8d956
accept-ranges: bytes

GET
H2 200 un5gslFZ
pbs.twimg.com/card_img/1334276417203277826/ Frame C774 5 KB
5 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334276417203277826/un5gslFZ?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 5200
x-cache: HIT
content-length: 4837
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1334276417203277826
last-modified: Wed, 02 Dec 2020 23:19:02 GMT
server: ECS (fcn/419A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 62e1149b44b1bb52d3f6c862df97febb
accept-ranges: bytes

GET
H2 200 YuX3kb7D
pbs.twimg.com/card_img/1334456088666763264/ Frame C774 6 KB
6 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334456088666763264/YuX3kb7D?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 351633
x-cache: HIT
content-length: 5813
x-response-time: 134
surrogate-key: card_img card_img/bucket/6 card_img/1334456088666763264
last-modified: Thu, 03 Dec 2020 11:12:59 GMT
server: ECS (fcn/40E8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 963bee28d789054713d84657ba017cc0
accept-ranges: bytes

GET
H2 200 E-0JHBSN
pbs.twimg.com/card_img/1334579076963528704/ Frame C774 10 KB
10 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334579076963528704/E-0JHBSN?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

0155c8aec6021d07eba9a80bd27f35a093ae8c4fc9a7a7f731b4e5a90a6b5e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 328427
x-cache: HIT
content-length: 9967
x-response-time: 141
surrogate-key: card_img card_img/bucket/9 card_img/1334579076963528704
last-modified: Thu, 03 Dec 2020 19:21:41 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 47514401f1bd19b88ebf48a5e8ba8436
accept-ranges: bytes

GET
H2 200 OOoHU7ja
pbs.twimg.com/card_img/1334911109585920003/ Frame C774 6 KB
6 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334911109585920003/OOoHU7ja?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 247503
x-cache: HIT
content-length: 5751
x-response-time: 135
surrogate-key: card_img card_img/bucket/4 card_img/1334911109585920003
last-modified: Fri, 04 Dec 2020 17:21:04 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5a14a6e0ea08baaa15528dd519f20da
accept-ranges: bytes

GET
H2 200 OOoHU7ja
pbs.twimg.com/card_img/1334911109585920003/ Frame C774 6 KB
6 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334911109585920003/OOoHU7ja?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 247503
x-cache: HIT
content-length: 5751
x-response-time: 135
surrogate-key: card_img card_img/bucket/4 card_img/1334911109585920003
last-modified: Fri, 04 Dec 2020 17:21:04 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5a14a6e0ea08baaa15528dd519f20da
accept-ranges: bytes

GET
H2 200 xLvEW5g3
pbs.twimg.com/card_img/1333907074791710723/ Frame C774 5 KB
6 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333907074791710723/xLvEW5g3?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

f07242a796179a5a0fbb8d23b885f4f6f7b5b74190ed7e1bbb8dc4f31d4ea296

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 161047
x-cache: HIT
content-length: 5555
x-response-time: 130
surrogate-key: card_img card_img/bucket/6 card_img/1333907074791710723
last-modified: Tue, 01 Dec 2020 22:51:24 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3ffa99800b6a535215f5a3688c40b486
accept-ranges: bytes

GET
H2 200 Mi3-Xlmk
pbs.twimg.com/card_img/1333463210163318786/ Frame C774 5 KB
5 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333463210163318786/Mi3-Xlmk?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 233368
x-cache: HIT
content-length: 4733
x-response-time: 142
surrogate-key: card_img card_img/bucket/5 card_img/1333463210163318786
last-modified: Mon, 30 Nov 2020 17:27:38 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 28dbd8f04a2a669171bf082eb56cb439
accept-ranges: bytes

GET
H2 200 AJBapCmX
pbs.twimg.com/card_img/1333886245894717442/ Frame C774 9 KB
9 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333886245894717442/AJBapCmX?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

ddb7f028e2d7feef307275850a96ab7450bc59ea4f45882bed8f17948d52a219

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 227363
x-cache: HIT
content-length: 9221
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1333886245894717442
last-modified: Tue, 01 Dec 2020 21:28:38 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f5c979f52148a1d15c128518a22413b2
accept-ranges: bytes

GET
H/1.1 200
OK cryptojs.js Show response
bb.itwc.ca/js/ 8 KB
8 KB 101ms
101ms Script
text/x-javascript 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/js/cryptojs.js
Requested by: Host: bb.itwc.ca
URL: https://bb.itwc.ca/js/cube.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 75fb7639af36293cf3b45f8eb3cde61b59dcc6b9dec93e23785a9eb62e119d73

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:44:19 GMT
Last-Modified: Sat, 24 Mar 2018 02:29:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag: "1fe9-5681f50ed26f8"
Content-Type: text/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8169

GET
H2 200 Mi3-Xlmk
pbs.twimg.com/card_img/1333463210163318786/ Frame C774 5 KB
5 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333463210163318786/Mi3-Xlmk?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 233368
x-cache: HIT
content-length: 4733
x-response-time: 142
surrogate-key: card_img card_img/bucket/5 card_img/1333463210163318786
last-modified: Mon, 30 Nov 2020 17:27:38 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 28dbd8f04a2a669171bf082eb56cb439
accept-ranges: bytes

GET
H2 200 O5mgrjfb
pbs.twimg.com/card_img/1334247045696266241/ Frame C774 5 KB
5 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334247045696266241/O5mgrjfb?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 265494
x-cache: HIT
content-length: 4837
x-response-time: 138
surrogate-key: card_img card_img/bucket/1 card_img/1334247045696266241
last-modified: Wed, 02 Dec 2020 21:22:19 GMT
server: ECS (fcn/40E5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7507b507af47e7478b1216be6ccb6332
accept-ranges: bytes

GET
H2 200 YuX3kb7D
pbs.twimg.com/card_img/1334456088666763264/ Frame C774 6 KB
6 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334456088666763264/YuX3kb7D?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 351633
x-cache: HIT
content-length: 5813
x-response-time: 134
surrogate-key: card_img card_img/bucket/6 card_img/1334456088666763264
last-modified: Thu, 03 Dec 2020 11:12:59 GMT
server: ECS (fcn/40E8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 963bee28d789054713d84657ba017cc0
accept-ranges: bytes

GET
H2 200 OOoHU7ja
pbs.twimg.com/card_img/1334911109585920003/ Frame C774 6 KB
6 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334911109585920003/OOoHU7ja?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 247503
x-cache: HIT
content-length: 5751
x-response-time: 135
surrogate-key: card_img card_img/bucket/4 card_img/1334911109585920003
last-modified: Fri, 04 Dec 2020 17:21:04 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5a14a6e0ea08baaa15528dd519f20da
accept-ranges: bytes

GET
H2 200 pVipIEex
pbs.twimg.com/card_img/1334332554468528129/ Frame C774 4 KB
4 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334332554468528129/pVipIEex?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EB) /

Resource Hash

ab0b4f010f42951473657ecbde7bf9f2893779d6241e0b8d45bd474879031ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:36 GMT
x-content-type-options: nosniff
age: 341740
x-cache: HIT
content-length: 4100
x-response-time: 124
surrogate-key: card_img card_img/bucket/6 card_img/1334332554468528129
last-modified: Thu, 03 Dec 2020 03:02:06 GMT
server: ECS (fcn/40EB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1af10b5b1b6076e86d33df0ec896dee2
accept-ranges: bytes

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E005 42 B
176 B 15ms
15ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOYznxK4EmSpawLeil4RhVem-zDVQdXWJuZ5U2c6eMumA9QdheAHU21ASzo2_kZAcll9JF6Lu0KPCLJMSC4tf1CCmGhzvyft91gK923MY&sig=Cg0ArKJSzGALAjeNfhSYEAE&adk=4251014571&tt=-1&bs=1600%2C1200&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&p=209,436,299,1164&mcvt=1081&rs=0&ht=0&tfs=128&tls=1209&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=10&niot_cbk=117&md=2&btr=0&cpmav=0&lm=2&rst=1607352275674&dlt&rpt=266&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C5551&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-8-11-11-0-0-0&tvt=1202&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201202

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 14:44:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 194E 42 B
108 B 15ms
15ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspMedCcO_WiJNmofiOz60SNQgCD54dRNc9RHbWtdtA72l7C9lPcpQrvrxF_OFE8WcK15MfIQ_YuVfbn_FBikdYFiK3EDU2fT1Sx38XxG8&sig=Cg0ArKJSzPXHri48CY82EAE&adk=2764879362&tt=-1&bs=1600%2C1200&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&p=329,970,929,1270&mcvt=1074&rs=0&ht=0&tfs=118&tls=1192&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=5&niot_cbk=100&md=2&btr=0&cpmav=0&lm=2&rst=1607352275681&dlt&rpt&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C5551&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1190&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201202

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 14:44:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame B84D
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.itworldcanada.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1111264
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Dec 2020 14:44:37 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4185)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 07 Dec 2020 14:44:37 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 07 Dec 2020 14:44:37 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: 41b834e492a140a33ed400cece75cada
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 133
x-transaction: 0099ba5e005e7da8
x-tsa-request-body-time: 15
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

OPTIONS
H/1.1 200
OK /
bb.itwc.ca/index.php/api/activity/recordActivity/ Frame 0
0 421ms
107ms Other
application/json 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/index.php/api/activity/recordActivity/
Protocol: HTTP/1.1
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/7.1.33
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.itworldcanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Mon, 07 Dec 2020 14:44:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Accept
Content-Length: 16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd464454c8e47c02a06814c15f2e94fce4a11479ff50708aeded4f249c0355ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 14:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6520
x-xss-protection: 0

POST
H/1.1 201
Created / Show response
bb.itwc.ca/index.php/api/activity/recordActivity/ 139 B
856 B 115ms
115ms XHR
application/json 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/index.php/api/activity/recordActivity/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/7.1.33
Resource Hash: 9a39aaa38fa81d09add78df98e617fcb81f14a21f87fd6eff72af371d68441c2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Authorization: itwc:7ff9c633b97cbc3851070d507c43a2ee3f1dd125ea96296dff3aa818a5746f57:1607352278430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 07 Dec 2020 14:44:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Accept
Content-Length: 139
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 07 Dec 2020 14:44:38 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1BF6 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 07 Dec 2020 13:41:13 GMT
expires: Tue, 07 Dec 2021 13:41:13 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3805
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 15ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120101&jk=2630921809279433&bg=!ammlaUnNAAXKjztBylgJ6NrKU1TnYAIAAABSUgAAAAtoAQcKAXcrfTtFubrntKNmGIcGlBXzg1fAX3BDXx2XD_KibYalRyAYYkkdc8aslsWS6HHBFlSHZ3BipsgO21t69UFaspD5P7o7yCiHyU9PgKH2CqYS1lsnyIdwboYoikfLTJu5HDeyA-tMpu1fUmToK6bf0lo0zXUf0tRWTfT4Cyejwupj9HfD6YLSOOXjtwqqEja8kzmKc7wc9EOvLqsbN-zm8B_z9MbIlyAUpN8nAeOhvZxWBFoENgEy_ExsJ6FQaz4rG28tgRIqoclM4PJ6rY7uWf1ZoxCus0xbFprRUYK0mos_rPuQzKYDXuCndPci6pUqvKTZUhN5mA9gBSjns2MjCgg-N_zpQmpEssP-81ElOBp5RYrxfQzEUDic8x2fSwf4w9fL5qaJrRYMTXfB6lN3rBBBuHO0OJ0jpi0v6ZunGG4TvRk9zhKekIRSLL1bhV9YAahMp1m1EUEOcB-3wh6VFPqioyosCUqlpFEh06TfPnInbT1_x_mKyCOZAb68L_bC0PCygXeBJKBJblx0ozuVmV-h0yZPnH3YZIGdv6jqXcIDUdaG7oDHmos1aGqI0zth44IEWZofKY52Y2wwCOJlUKxKIMYRda_HYtTfb0rBnSqWgqrgIk3XA_9YH3Q10YokKfLvo6u4IHwCvodZUZu2Q8DZkmf9JbRuBnX0zWOBLZU0JVsEZPDiFURzf0vA-sgD65jpTOlJ2xe95dSXBKgBGi6ESo1Oa_KkAWEa6SV_VJk7DirNpnU6_Xn4uRpzpbpDr3B96gF5sOLpdWBI5-P6KPSOumUg69c5R2MKW2nDRtBd3qhKNGHRHBeF8owqvPCMj7KB0Qv00EemlO85LZaxyTBRW0eN885iuh-QQNv114Zur_J9e7JfhEqcKjoZf3K82f-V5Rj6utlbo110dh6VDr-NGmUjyTMZcPcuZxAGWz8oCOsTYwV2knVPUIet9LHvZjcFauHtNtgSIN1fkUCFLfwP-hnvaWD9YH8qpFxrVZCNtBYPuUB4QNU63NDFDA4LXEtWH8-6_PEE6YySpXdbNRFxlLljmC9-3f3UmczA1oQ3Q2kwlZ0vCiDqdGalYwvzba4P19-SHaiglg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 14:44:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.itworldcanada.com/	1970-01-20 08:00:24	Name: wpusers Value: MjAyMC0xMi0wNyAxNC40NC4zNg==
www.itworldcanada.com/	1970-01-23 06:05:12	Name: ukw Value: a%3A2%3A%7Bi%3A0%3Bi%3A1607352272%3Bi%3A1%3Bi%3A1607352274%3B%7D
.itworldcanada.com/	1970-01-19 23:50:48	Name: __gads Value: ID=4de7c855c676ef93-229903c657b900fe:T=1607352275:S=ALNI_Mbq_MblTI7NB3BvObZhzxPnY3NQxw
.itworldcanada.com/	1969-12-31 23:59:59	Name: __utmc Value: 120853079
.itworldcanada.com/	1970-01-19 14:29:14	Name: __utmb Value: 120853079.1.10.1607352276
.itworldcanada.com/	1970-01-20 08:00:24	Name: __utma Value: 120853079.1151761211.1607352276.1607352276.1607352276.1
.itworldcanada.com/	1970-01-19 14:29:12	Name: __utmt Value: 1
.itworldcanada.com/	1970-01-19 18:52:00	Name: __utmz Value: 120853079.1607352276.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js(Line 6) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][setOption] The option "debug" he was assigned to "true"
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][on] A type of event "detected" was added
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][on] A type of event "notDetected" was added
console-api	log	URL: https://www.itworldcanada.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp(Line 23) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][onload->eventCallback] A check loading is launched
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_creatBait] Bait has been created
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][check] An audit was requested with a loop
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][check] A check is in progress ...
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (1/5 ~1ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (2/5 ~51ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (3/5 ~101ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (4/5 ~151ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (5/5 ~201ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_stopLoop] A loop has been stopped
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_destroyBait] Bait has been removed
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][emitEvent] An event with a negative detection was called
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][emitEvent] Call function 1/1
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][clearEvent] The event list has been cleared

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

933e4121f575eff24ca5bd58343ae40a.safeframe.googlesyndication.com
abs.twimg.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bb.itwc.ca
c.disquscdn.com
cdn.iubenda.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdnjs.cloudflare.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
hits-i.iubenda.com
i.itworldcanada.com
itworldcanada.disqus.com
messagent.itworldcanada.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
s3-us-west-2.amazonaws.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
tools.itwc.ca
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagservices.com
www.itworldcanada.com
www.iubenda.com
104.244.42.8
151.101.112.134
151.101.128.134
178.62.192.243
216.58.206.2
2600:9000:2104:c400:3:dffb:fe80:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2606:4700::6812:a913
2a00:1450:4001:802::2004
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:816::2001
2a00:1450:4001:817::2001
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::200a
2a00:1450:400c:c02::9c
2a04:4e42:3::621
52.218.220.0
64.140.127.151
64.140.127.168
64.140.127.175
64.140.127.183
95.100.80.173
0155c8aec6021d07eba9a80bd27f35a093ae8c4fc9a7a7f731b4e5a90a6b5e6a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0aeca41772a0900acc8d7a22f7edb41ae64cded071053d745df398a411b4fd9f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12f773c74b8afeb0327dabc1724b42724961b5f86b73e8b92747a1f5d68cafcb
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19716c9959a569a1b7abac4cf9feaf615c6458a70f9f7948a32355a52ca8c585
19cad1ec4a79433a6fd44e1d9919a8bf3e3ab1ae98081e39b3ad8a049f613948
1c268de4574f9053d106713ad28283a8bead807bea5b69337afc6703b303e442
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f822027b6c82d89cf087cfcf56e7e755a870111faf04c87cf626108f7b5263e
200e849c74e63b2b9e49c61810aa1be286a0a0d027df991172cb140efc3e1cc0
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
20bf1c8cad038b62a5490e0396d1fe02240e5508566f768864144e167c0a1b55
2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a
262c8173762faa1f18c1c4c0ee00790bf4931f82e4317d163ad626f3b04edc89
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2866c1a0d0dee5240cffd59a617b50e10664a3d4e2d48b69fe4f39a566f5825d
2b1b3b386b7e2cfcc7c6ac72a27cf1dd2857a0138e96bab61aff35ee4b0b0d26
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2b4385df8034110da0ef5043307dce11777d5e8d86dfb92d56d207f94988bc57
2bafb4e0acfda84da9c417009cca7bba8a132f69cb73911d0a3f95b50a41e7f6
3463b3ae5f71ff44a6bb5730fe1dc1b99f4329b7df481e202831fec6e8bdf94e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
362eee23121468c42d8586373ce7d2f283984d019575d0e46c8af9aea64d8aec
40add3c2d9c5b4bb8c9d5b17d9c507344cb586e1ae825858345d20c4dc5fc4a2
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44777ca59800589cd56c476fafe777c8715050535e9e5c7af8dce69a14d65cca
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4718c4cca275eac50770a046d3f1cc09c426f758687bf0aa5a54c21e46d098e4
4b40447ac6803c7967a6db273bfafcda8e161b7b32f2e2c25e24693e86aae9b5
4f3e36248ba28189d00f60c7784ae5922d2d2fe31249ee5af56155e3c66685cb
4f8d1c73670970f54f0c7c9f2993ee14a3ef0e1319c91e5d38ea2e91fce572a9
52147fe45e34218aea3b90fc7c43c622ac32d1fc798016f4e2a371c6a36ccd59
53ebaf3b8f10214fb9fe6ecfda2e63cea96eeaa22de76819e748ebb803d1cece
54361f98333885ce45e91df597a9d4488b808568e2e8621d7870e6c1b5ca0a9e
5778b44cba918dfc38ab166b4d6befc29eeeb368e9d7cc1c80179e4919831b79
5b825c8fa71955826463b9eb8a7794f1a62cfd9b31610c4ffc81993980050096
5e8dde458697ee3e5605d67f7503ced27c2e78de057c8bc8823c0687618e1439
5ec358949de628946007f95c47064a064b07271b39e4d26a6b0c27a17b3a0faa
5ff4860203872657d699192f548799c7a82b6a213ec69a01ba738356d7f0331b
611ab37975baafae5ca1a8e81d08be0b2203ead89163348f275b9e356176e312
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d
62369cc2c7eccdda6a06498ee6ea33d1a79600e2d0a0eb8eba5e2d3f48decde0
625d35a1428612400e5733f4bcffd02e6342038986110cd475c5b7b638643407
63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614
64d41d625635c2d65d419c8fe8d27dbad4f3ac88bc554ea4f86143e8644fe468
65451a3d1f6a9ae5695b06d12f438a0d9280da72286240e70ab1f9ef3c77a455
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6789f364ba25e1f7a0516fd10093ac81e60c3c37a7751398171cabba2685a94f
67f7f7a4b931bca20fac7c458969034200f3c64187b84782da9659f07ac5f247
68ad5c98ff4e533be77307b324e6665b79f6d284975447165572ea1df524a29c
68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a
69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8
69f13734ed35abbf67d28cfe2429d046ff7a152d678bbef712892d022d41f4b0
6d30ce8d086475902017b59f85a55aebf6e2261a52f9be66d5935792717c29b0
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
709399bef8af81cbb6b283d0ac709a1cfe3579938cff3ca9f782da29f3a2f927
735c136528612f775a92a5c23b77764db00d30a288817822c2af3bd1fcf67520
75b2d1e15ed5593acaee03e77ea578c205ac1bbb2c6e05fd308d82f65fd937f1
75fb7639af36293cf3b45f8eb3cde61b59dcc6b9dec93e23785a9eb62e119d73
763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d
7b2dd206926e0e699f7f7734f1c7296433bac2a3d57e9d768abaff6c7c3343b5
7e2b459e13b4edcc9195d4170de930b7d9cb0395252b74b7d077cebe6e839bac
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7f5048402ac1b8b949d2069ced9d69ebe5813abed5a544d1b487c8ba47273185
814ef758a51b8c5735a202d29cbe551bf6fd9fe2320df1b07d9e70095bf06ed5
818cb2544d8517efd8aeb84c37930c5836ac9f5ad1fc1b784cb0ca3f9757b0f3
825265fa91dfa03501bbe1761374e4245422501da624e3896f411b8e27171bd8
82fd32ca1b865a8184024f0f84f05aa06bfa79a27e598d804193becc9b3e22b9
88a88f1028b6e8eee714eae78840dd6b515b3e53de01ed59d002462810d9b557
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
937171bf8e13eb6101e88c58e044f3318125aae60d388d8e3787717650c0387e
96aff6c11d4c69361642400cc79a9afa8e73b929f50cca7f9908ddfc53d01197
9728d0830cc0fa28abeaae1af3c39b3fb8eee8caee07bc32ddf26e75fab07bda
97bc6d7d2e33122be7ffaaa19ec6d7a142c5f0e6a3ac7b861910757148498288
9917eebdb0ed8335cddec0225f7f0abd09df9906331bf57edc694c9661bbdfde
99bd6f1b9200158ed6e116b066442807c53d07abfea61a5e56e7a9e0254ef2e0
9a39aaa38fa81d09add78df98e617fcb81f14a21f87fd6eff72af371d68441c2
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
9d5c9598ba0e6185bb4dea9dadbe8fccd9c524bd992679e90bf993fe74560210
a1088626aba0f660beb249dd05b5c40758eddbb679fea13dc602344b28f7de9e
a1c8898d33bf3f16912ed47c3129983b26d904bf43b2216072fdc549376057d7
a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf
ab0b4f010f42951473657ecbde7bf9f2893779d6241e0b8d45bd474879031ef9
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
b851fe77a41bea3f7075bcae337eb9b7fba6fc03218ccfe58a77ca04afb3e413
b9622281558f1979c053d598121153f63ca28439d6532e5a9241be4c3e1e8409
b9f5e26e6801b6a835e3b22bddaa410b96768b33e226622e315d2b219b64c29f
bc5411929c57859f711fad44490fd37f77674b35daddc719f6cd938a34b93f4b
bf4512e8a7ee4d972499eb80f3f2e02beef0d56236f6cbe339befb5d1671e3b1
c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3
c378ee06bbd464704602a25e250f382feda809683cd5c43963b1e6abf30caecb
c4673c2068d4a0ee6ac6ee8426f30d8c9bd341350fc261b4f6bab4409432b5b5
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
cd10a9ca90a2611a9a5fa86edbd92808fb72bdfbcff366f367ecf84992696191
cd464454c8e47c02a06814c15f2e94fce4a11479ff50708aeded4f249c0355ae
cd7a6996192a36ba247c32e9a19de9c0c3c7f8cc876790594dc93db32c7b051c
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cec65ee7ed23f5724798c193f8570661a789c210836ee2c8cb7dd16aacbcee18
d410a1e115fd1b1c3adc9db99cbee7a9bb0400af95a190e0e37f18615a244e41
d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9
dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91
dc33beb8434216e9c0fc4bc75a45a732a62d4619f35b492d67279ad4192b46df
dd5620e6f30c9ca43274e1e0a5f9424f97f0dd821a582b22e995586483815392
ddb7f028e2d7feef307275850a96ab7450bc59ea4f45882bed8f17948d52a219
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df127da678d7ebec429bdf5bb1dd0f2f9ea307b5d7cc9a20e8829f0cfe1e7f9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595
e66e1dc6e3acf767cf93a2e582232e70169db2dd55b107986cdd453831acb347
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e809100ad8df0fb3ddee7f096396c3cac769b9b2a69d2ccb838b09bee60a61fd
ec5eef8293c6aae268347d13da74a7faa0189c1b3b89d6e40cf4b9e6e02c7d1f
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452
f07242a796179a5a0fbb8d23b885f4f6f7b5b74190ed7e1bbb8dc4f31d4ea296
f09dff45392cb4466fbc2a7891720f65f495b7a5eb2745feef43607f42eb0dad
f10aeefb066161f38dadd2ed1267852072f9fc1c7a50971b8bf25d4bf8851d84
f1d749ec752d0bf5719ee501fd4c0fda01b71ed35ffc72dc72e1b07d87209544
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f8df44b1e4f8ad283e77835a377d6dd6073a08e92297a69690a641968177f01b
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
f9ddba7253d1097099639398e08133ef6c647bef45df95bc6952274f6c64d15c
ffa8d91a0b669b8a76d588dda5d3f3bba0c2eaeea7c555991d40e6de68b339d5

www.itworldcanada.com Open in urlscan Pro 64.140.127.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

193 Requests

100 %HTTPS

65 %IPv6

18 Domains

34 Subdomains

30 IPs

6 Countries

6475 kBTransfer

8688 kBSize

8 Cookies

25 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.itworldcanada.com Open in urlscan Pro
64.140.127.168 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

100 %
HTTPS

65 %
IPv6

18
Domains

34
Subdomains

30
IPs

6
Countries

6475 kB
Transfer

8688 kB
Size

8
Cookies

193 HTTP transactions
13 data transactions