www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
Submission: On September 30 via api (September 30th 2020, 10:02:56 pm UTC) from US

Summary HTTP 49 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 13 domains to perform 49 HTTP transactions. The main IP is 2a04:4e42:1b::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.188 151.101.65.188	54113 (FASTLY) (FASTLY)
2	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	34.102.213.242 34.102.213.242	15169 (GOOGLE) (GOOGLE)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
2	2.21.38.40 2.21.38.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	72.247.178.32 72.247.178.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	72.247.178.19 72.247.178.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff18	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff11	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	18.132.99.227 18.132.99.227	16509 (AMAZON-02) (AMAZON-02)
2	52.16.26.2 52.16.26.2	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:f1:... 2a02:26f0:f1:29b::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
49	17

21 2a04:4e42:1b::444 (Ascension Island) 1 redirects

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.188 (United States)

ASN54113 (FASTLY, US)

at.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.213.242 (United States)

ASN15169 (GOOGLE, US)
PTR: 242.213.102.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.38.40 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-38-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.178.32 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a72-247-178-32.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.178.19 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a72-247-178-19.deploy.static.akamaitechnologies.com

kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff18 (Germany) 1 redirects

ASN201011 (NETZBETRIEB-GMBH, DE)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff11 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.99.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-99-227.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.26.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-26-2.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:29b::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

684d0d38.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cbsistatic.com zdnet1.cbsistatic.com zdnet4.cbsistatic.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com	588 KB
6	cookielaw.org cdn.cookielaw.org	116 KB
5	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	80 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net	1 KB
4	zdnet.com 1 redirects www.zdnet.com urs.zdnet.com	186 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	114 KB
3	go-mpulse.net c.go-mpulse.net	53 KB
3	cbsi.com production-cmp.isgprivacy.cbsi.com at.cbsi.com	14 KB
2	nr-data.net bam.nr-data.net	455 B
2	doubleclick.net securepubads.g.doubleclick.net	110 KB
1	akstat.io 684d0d38.akstat.io	354 B
1	onetrust.com geolocation.onetrust.com	552 B
1	newrelic.com js-agent.newrelic.com	11 KB
49	13

	Domain	Requested by
7	zdnet1.cbsistatic.com	www.zdnet.com zdnet4.cbsistatic.com zdnet1.cbsistatic.com zdnet2.cbsistatic.com
6	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
4	zdnet4.cbsistatic.com	www.zdnet.com zdnet1.cbsistatic.com zdnet2.cbsistatic.com
3	confiant-integrations.global.ssl.fastly.net	zdnet3.cbsistatic.com confiant-integrations.global.ssl.fastly.net
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net zdnet1.cbsistatic.com
3	zdnet2.cbsistatic.com	www.zdnet.com zdnet4.cbsistatic.com
3	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
3	www.zdnet.com	1 redirects zdnet3.cbsistatic.com
2	geo.moatads.com	z.moatads.com
2	bam.nr-data.net	js-agent.newrelic.com
2	securepubads.g.doubleclick.net	zdnet3.cbsistatic.com securepubads.g.doubleclick.net
2	at.cbsi.com	zdnet3.cbsistatic.com
1	684d0d38.akstat.io	c.go-mpulse.net
1	px.moatads.com
1	mb.moatads.com	z.moatads.com
1	fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	z.moatads.com	zdnet3.cbsistatic.com
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	js-agent.newrelic.com	www.zdnet.com
1	production-cmp.isgprivacy.cbsi.com	www.zdnet.com
49	24

This site contains links to these domains. Also see Links.

Domain
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
www.cbsinteractive.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
legalterms.cbsinteractive.com
narratives.zdnet.com
ca.privacy.cbs
cbsi.secure.force.com
academy.zdnet.com
privacy.cbs
onetrust.com

Subject Issuer	Validity	Valid
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2021-06-18`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.isgprivacy.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-10-14`	2 years	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-29` - `2021-05-07`	7 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.at.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-12-17` - `2021-12-21`	2 years	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
Frame ID: 86E271192A64B0F8D855BB0C8429A50D
Requests: 51 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: CED0654EB1F035146EF0C54D9048DCFB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware- HTTP 301
https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/ Page URL

Page Statistics

49
Requests

100 %
HTTPS

39 %
IPv6

13
Domains

24
Subdomains

17
IPs

6
Countries

1273 kB
Transfer

3789 kB
Size

5
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/highlights
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/
Title: CA Privacy/Info We Collect

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/donotsell
Title: CA Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://privacy.cbs/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware- HTTP 301
https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pspmcqd0h HTTP 302
https://kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 48

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pspmcqd0h HTTP 302
https://fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net/eum/results.txt

49 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
Redirect Chain

https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-
https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

453 KB
134 KB

767ms
767ms

Document
text/html

2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62240b053e936a4d203bb2f5aab431156162657bfc0a814bc3b5229890c9a1c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Wed, 30 Sep 2020 22:02:37 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 279f0cc1-ee86-44fa-b188-9601bea522b3
x-xss-protection: 1; mode=block
date: Wed, 30 Sep 2020 22:02:38 GMT
cache-control: max-age=5400, private
expires: Wed, 30 Sep 2020 23:32:37 GMT
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 136635

Redirect headers

status: 301
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Wed, 30 Sep 2020 22:02:37 GMT
location: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 7ca65156-b1c2-4afc-9fda-f77962006701
x-xss-protection: 1; mode=block
date: Wed, 30 Sep 2020 22:02:37 GMT
cache-control: max-age=5400, private
expires: Wed, 30 Sep 2020 23:32:37 GMT
set-cookie: fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 9142

GET
H2 200 main-0c5dc10ce7-rev.css
zdnet1.cbsistatic.com/fly/css/core/ 352 KB
59 KB 20ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

03f515b478fe0b05e19d3a4bdfc288892709860c909bdf96bc7ed70823ae848b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21899
status: 200
vary: Accept-Encoding
content-length: 59579
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 15:54:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "89e623f1720147b858706186441f5df0"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Oct 2020 15:57:04 GMT

GET
H2 200 default-a2ace010e5-rev.css
zdnet4.cbsistatic.com/fly/css/feature/error/ 3 KB
1 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/css/feature/error/default-a2ace010e5-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c962a3b7cfe8a48c590acfe1518f14455d788d4b6e5e81a10e71bf04a1a3847e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21274
status: 200
vary: Accept-Encoding
content-length: 806
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 15:54:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Oct 2020 16:07:27 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 12 KB
5 KB 25ms
11ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

396197a350c5f917f454cb764fa31f624d64f8fbac73445c4d2862bad7ca22bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Jao9NEADO7fIr5d6S3evQw==
age: 4287
status: 200
vary: Accept-Encoding
content-length: 3891
cf-request-id: 0582a3047b00002c32c1812200000001
x-ms-lease-status: unlocked
last-modified: Wed, 30 Sep 2020 01:42:56 GMT
server: cloudflare
etag: 0x8D864E227CE20EC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 06710208-101e-0060-44d4-969dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5db13ab3f8722c32-FRA

GET
H2 200 optanon-v1.1.0.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 35 KB
11 KB 29ms
6ms Script
application/x-javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

526ff6ea2b855832cbf56ba8224802e6733809956f095e906508685118260b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
x-cache: HIT
status: 200
x-cache-hits: 8599
vary: Accept-Encoding
content-length: 10330
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4066-HHN
access-control-allow-origin: *
last-modified: Thu, 23 Jul 2020 20:18:39 GMT
x-timer: S1601503358.095679,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "ddd7ab9b11ecdd0ecf2bb232e1a61ef2"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-amz-id-2: THd80bxDslVDA+ByPFjuhRaq4jcBqtAwv3e4A2dkNm77CljWtQ24m/SFInAXlIRhIQzpwlBI72Y=

GET
H2 200 wsl-2-with-linux-gui.png
zdnet3.cbsistatic.com/hub/i/r/2020/05/19/d3a2b1ad-b045-4373-93dd-6fbe7481376f/thumbnail/170x128/58bed2d59ee3c42eaddca8d3c8fe8918/ 17 KB
16 KB 11ms
8ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/05/19/d3a2b1ad-b045-4373-93dd-6fbe7481376f/thumbnail/170x128/58bed2d59ee3c42eaddca8d3c8fe8918/wsl-2-with-linux-gui.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d0eb226d970ba7502652aee8562131bbbe53f2230eead3a758e34c7a64dda060

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2839
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 16739
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Sep 2020 17:14:26 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f8f343b88084cc424c76d360f2e3a98a"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Nov 2020 21:15:09 GMT

GET
H2 200 united-nations.jpg
zdnet3.cbsistatic.com/hub/i/r/2020/09/29/c59b8893-30d7-4356-8b63-2e8c8aa313d9/thumbnail/170x128/0080d814de0d5c32446039e165a475d1/ 7 KB
6 KB 10ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/09/29/c59b8893-30d7-4356-8b63-2e8c8aa313d9/thumbnail/170x128/0080d814de0d5c32446039e165a475d1/united-nations.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

600ef47607b28374602e53064f1113581f3c13617153a147d143ce399bb15fc4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7892
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 6435
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 19:50:51 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"b793d05e967a6fee7216981111a8b8e4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Nov 2020 19:50:52 GMT

GET
H2 200 new-pixels.png
zdnet1.cbsistatic.com/hub/i/r/2020/09/30/01fe4bfb-4fe3-473c-ad9d-ef825480861e/thumbnail/170x128/f9d085c161dd1a983108d225b639edea/ 29 KB
29 KB 9ms
7ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/09/30/01fe4bfb-4fe3-473c-ad9d-ef825480861e/thumbnail/170x128/f9d085c161dd1a983108d225b639edea/new-pixels.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

74f471f0cd1247d01fbb806a2ea70ca21ab2237a0077a6a849510a9542c69f2b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9974
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 29884
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 19:16:23 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f4b974b39d27ca41a4f208f252d0dda6"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Nov 2020 19:16:24 GMT

GET
H2 200 multicloud2-anyaberkut.jpg
zdnet4.cbsistatic.com/hub/i/r/2020/09/30/03c7751c-ae7b-4c31-b67d-eed6b6319839/thumbnail/170x128/c4748711299025462a9576297c061a4b/ 11 KB
10 KB 115ms
114ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/09/30/03c7751c-ae7b-4c31-b67d-eed6b6319839/thumbnail/170x128/c4748711299025462a9576297c061a4b/multicloud2-anyaberkut.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2bab2a7d9ae09a563ec869df70ac7593ca3d454dcb5599a289fd576a4cdea613

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10797
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10312
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 19:02:36 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"3f06168467cc238cfdcd0f13495deb7b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Nov 2020 19:02:41 GMT

GET
H2 200 pixel-event-26.png
zdnet2.cbsistatic.com/hub/i/r/2020/09/30/e3d4f2bc-b3b1-4de6-9b16-e6c45a428a4a/thumbnail/170x128/ff1f3579bad46adf7566a65092ec534c/ 37 KB
37 KB 11ms
9ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/09/30/e3d4f2bc-b3b1-4de6-9b16-e6c45a428a4a/thumbnail/170x128/ff1f3579bad46adf7566a65092ec534c/pixel-event-26.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2b8993fdbbdbaa7c7772ab67af2f8b35b483c220d2370f60fa53b436a220844a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12026
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 37426
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 18:37:54 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"84c249c779b2cddd61f79b8005260481"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Nov 2020 18:54:08 GMT

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/js/libs/ 16 KB
6 KB 10ms
8ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600861
status: 200
vary: Accept-Encoding
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Sep 2020 16:34:32 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5704d524a91e5eb554ad180d31e6b8b4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Sep 2020 23:08:05 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame CED0 202 KB
51 KB 27ms
10ms Script
application/javascript 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:38 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Sep 2020 14:51:08 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51580

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet4.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 12ms
7ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
x-content-type-options: nosniff
age: 21861
status: 200
vary: Accept-Encoding
content-length: 1265
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 15:55:07 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Oct 2020 15:57:14 GMT

GET
H2 200 heading-background.jpg
zdnet1.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/features/error/ 140 KB
140 KB 10ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/features/error/heading-background.jpg

Requested by

Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/css/feature/error/default-a2ace010e5-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b1f579e670be15d02e597a6e56446cfa817823f405c53c1dff7687778db77365

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/css/feature/error/default-a2ace010e5-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
x-content-type-options: nosniff
age: 13942
status: 200
vary: Accept-Encoding
content-length: 142971
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 15:55:06 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Oct 2020 18:10:09 GMT

GET
H2 200 mag-white-thin.png
zdnet2.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/core/ 313 B
405 B 10ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/core/mag-white-thin.png

Requested by

Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/css/feature/error/default-a2ace010e5-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

043334a3b53a20272803ebd25d336a9fce14549c76660a3c70bc2aff99108c76

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/css/feature/error/default-a2ace010e5-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
x-content-type-options: nosniff
age: 21023
status: 200
vary: Accept-Encoding
content-length: 313
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Sep 2020 17:32:17 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Oct 2020 15:36:16 GMT

GET
H2 200 logo.png
zdnet1.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1601480692-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
x-content-type-options: nosniff
age: 21861
status: 200
vary: Accept-Encoding
content-length: 4105
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 15:55:07 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Oct 2020 15:57:14 GMT

GET
H2 200 Regular.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 19ms
6ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
x-content-type-options: nosniff
age: 513642
status: 200
vary: Accept-Encoding
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Sep 2020 15:27:12 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2d636d9395b2da27ce67040250333ca4"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Fri, 24 Sep 2021 23:15:07 GMT

GET
H2 200 Semibold.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 13ms
12ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet1.cbsistatic.com/fly/css/core/main-0c5dc10ce7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
x-content-type-options: nosniff
age: 18691357
status: 200
vary: Accept-Encoding
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f78"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
H2 200 bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/ 3 KB
2 KB 27ms
13ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee26698ba715b7f02f6741abe5e5961af3c14623793ead7fc87586ec4c6cfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: CgmHkoWIevwSz28QYQPOiA==
age: 4027
status: 200
vary: Accept-Encoding
content-length: 1198
cf-request-id: 0582a3053f000096e0fda07200000001
x-ms-lease-status: unlocked
last-modified: Wed, 23 Sep 2020 21:21:23 GMT
server: cloudflare
etag: 0x8D860069F5D2A34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b1dddfa3-b01e-000b-2047-93c092000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5db13ab5397896e0-FRA

GET
H2 200 nr-1177.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 95ms
31ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1177.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-amz-request-id: 4F930AF2622C2177
x-cache: HIT
status: 200
content-length: 10405
x-amz-id-2: U7tObmI036MTRpBI0DMqANsZED0ff6ySLFb6J6xUAvrjeydJkzxfcOtpUXwF34MJgKtcfhq4e+o=
x-served-by: cache-hhn4028-HHN
last-modified: Tue, 18 Aug 2020 17:23:32 GMT
server: AmazonS3
x-timer: S1601503358.361868,VS0,VE0
etag: "97c8d5802b0de603104986846cdc509a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 12170

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/f2ef76-fly/js/ 687 KB
211 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/f2ef76-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

91be959887e9b943a95b97f808556ab250ceec7f3a88a78169adc44c16b9c702

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21899
status: 200
vary: Accept-Encoding
content-length: 215138
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Sep 2020 15:54:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a44743901de6ac68c75bf0be095eb270"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Oct 2020 15:57:05 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 199 B
552 B 34ms
19ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2154546b704f7d5c6e5591d881ab658002274121117419717ddcff13f3082482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5db13ab56c5a05f1-FRA
cf-request-id: 0582a3055e000005f1958c6200000001

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame CED0 2 KB
1 KB 253ms
240ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5338345&v=1.632.0&if=&sl=0&si=iae0xbhzaaq-qhhrwe&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: edbf1f4010bce7fb96109fe3251af567c7df334ac770b4fb5afd2a0e81e6d2fb

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 849

OPTIONS
H2 200 diff
at.cbsi.com/lib/api/v1/zdnet/prod/config/ Frame 0
0 243ms
204ms Other
text/html 151.101.65.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff
Protocol: H2
Server: 151.101.65.188 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 51 KB
17 KB 152ms
53ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/f2ef76-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

c37128d7c136878ba67aee6533465497848a8915cec7ce8b4ec38b09d78a830f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "649 / 355 of 1000 / last-modified: 1601484567"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17456
x-xss-protection: 0
expires: Wed, 30 Sep 2020 22:02:38 GMT

GET
H2 200 diff Show response
at.cbsi.com/lib/api/v1/zdnet/prod/config/ 17 KB
4 KB 18ms
18ms Fetch
application/json 151.101.65.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/f2ef76-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

968ede1bc7a993d7e204a461d70f4d0b353997581d96ecad31fb73084af9f08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cat: JVtlA0Lkw
Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
version: v2.16.1
variant: minified
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
x-dns-prefetch-control: off
x-cache: HIT
status: 200
ttl: 900s
content-length: 3667
x-xss-protection: 1; mode=block
x-served-by: cache-cph20625-CPH
access-control-allow-origin: https://www.zdnet.com
server: Google Frontend
x-timer: S1601503359.627804,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/3fa4f283561761de6a66a340fab76270d376bd0e
x-download-options: noopen
vary: Accept-Encoding, Origin
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 8490213aa88fc912323a4aa24e8d777b
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.6.0/ 338 KB
72 KB 10ms
9ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xs4BplpA7QV+zkRYpo3+wA==
age: 4296
status: 200
vary: Accept-Encoding
content-length: 73082
cf-request-id: 0582a305ce00002c32c1826200000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:33 GMT
server: cloudflare
etag: 0x8D85529F2EBAD26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1e426827-501e-014a-591f-87aed4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5db13ab61c522c32-FRA

GET
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam.nr-data.net/1/ 57 B
275 B 505ms
141ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1177.96a4d39&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFmICXlVHcABYRRZCXXtNCFRcVgwhXFcCRVRNAgNCQlxEI1xQF0VKXGgHV1U%3D&rst=1403&ck=1&ref=https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/&ap=312&be=1023&fe=1263&dc=1219&perf=%7B%22timing%22:%7B%22of%22:1601503357017,%22n%22:0,%22r%22:0,%22re%22:248,%22f%22:248,%22dn%22:248,%22dne%22:248,%22c%22:248,%22ce%22:248,%22rq%22:249,%22rp%22:1016,%22rpe%22:1032,%22dl%22:1019,%22di%22:1219,%22ds%22:1219,%22de%22:1219,%22dc%22:1263,%22l%22:1263,%22le%22:1264%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1226&fcp=1226&at=SBQQGwsYTRQbWUQKS05L&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1177.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 223ms
157ms Script
application/javascript 34.102.213.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.213.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

242.213.102.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
via: 1.1 google
last-modified: Mon, 13 Apr 2020 17:57:02 GMT
etag: "5e94a7ee-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/ 116 KB
21 KB 14ms
13ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e80376975d3f98601d3a30ae895cf2e208b2eb8721e2148cafb68199bc4b5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: oP9Zi6r/B5nZXTsCgNE9Bg==
age: 3901
status: 200
vary: Accept-Encoding
content-length: 20948
cf-request-id: 0582a305f2000096e0fda09200000001
x-ms-lease-status: unlocked
last-modified: Wed, 23 Sep 2020 21:21:51 GMT
server: cloudflare
etag: 0x8D86006B03B3E5B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8ec31db4-901e-013a-39fa-91dd10000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5db13ab659f196e0-FRA

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 61 KB
12 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449709
status: 200
vary: Accept-Encoding
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Sep 2020 15:27:01 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2c465e2fb4210298ffa3da58c47eec2a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Oct 2020 16:44:08 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 277ms
265ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1601503358461&s=0fe91d3d7e3f2f57f86d3c66282fb8e6167a9856c85ade6ca1658ad7f1516f9d
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 1e187afd7f6eb7bf81a312484e9e20ae4a7bd5025bcd14ad60b5d409d87f9432

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 790

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 12 KB
4 KB 12ms
11ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R7qOr1WClmhADOzbz5s+Bw==
age: 4295
status: 200
vary: Accept-Encoding
content-length: 3248
cf-request-id: 0582a3060a000096e0fda0a200000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:24 GMT
server: cloudflare
etag: 0x8D85529EDFDCA3B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 30bbd80c-d01e-0039-2d20-879842000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5db13ab67a0096e0-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 59 KB
14 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f41d262f537f1329c6064a806883f5190553aab846f9502fcbc1019733084712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: EfpHrcaijYvjeK3GWqeR1Q==
age: 4279
status: 200
vary: Accept-Encoding
content-length: 14244
cf-request-id: 0582a3060b000096e0fda0b200000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:25 GMT
server: cloudflare
etag: 0x8D85529EEB5A310
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6ae9c599-b01e-0088-2420-87603f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5db13ab67a0396e0-FRA

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 192 KB
41 KB 100ms
31ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/f2ef76-fly/js/main.default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea4eb8300951b9f5d55b9733e79b44fe6ac49a4b1ea8060423823de627c35800

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:38 GMT
Content-Encoding: gzip
Age: 3346
X-Cache: HIT
Connection: keep-alive
Content-Length: 41816
x-amz-id-2: cmFnW28WsW/OF0vK/F64JoD1sU6aFipBX7ctnZtH9FAq+Ooq9fCWSVQ0sC19hPm/C29WL16bbiM=
X-Served-By: cache-hhn4080-HHN
Last-Modified: Wed, 30 Sep 2020 20:45:22 GMT
Server: AmazonS3
X-Timer: S1601503359.637284,VS0,VE0
ETag: "09a5a9593b9958028421f19d8af784c6"
x-amz-request-id: 4Y0V4SCP6SCKEQCW
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 191

GET
H2 200 pubads_impl_2020092201.js Show response
securepubads.g.doubleclick.net/gpt/ 264 KB
93 KB 55ms
54ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 08:40:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94816
x-xss-protection: 0
expires: Wed, 30 Sep 2020 22:02:38 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/cbsprebidheader506831276743/ 227 KB
78 KB 101ms
34ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/f2ef76-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 16b0024d58d87c8e947ab32a0cc821c49742f166d16f56841743cb1321e69b19

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 23:55:31 GMT
server: AmazonS3
x-amz-request-id: 3D69ED45AB3A484E
etag: "6504555cb39be778f3f5b82e8ecfe9f4"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21745
accept-ranges: bytes
content-length: 79864
x-amz-id-2: bJA9CGBFs5nIpvoHpZREHUEUfJE2oitroNKNutmNQeDKF+me5Z6whDdPFc7dlEOCxMvpDbXTwmc=

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202009241526/ 156 KB
51 KB 31ms
31ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202009241526/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b4e202f1d3388754c2cea940e1c86612f0f9bb61886973d97ade599adab7ac

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:38 GMT
Content-Encoding: gzip
Age: 68
X-Cache: HIT
Connection: keep-alive
Content-Length: 51646
x-amz-id-2: p+wuEDCuJWr/8g50ujRY0kJmZ67J5pCT3cG1BU4TtsLkzkLodZ048l88/CkWR5VjxdDGf/hlD+s=
X-Served-By: cache-hhn4080-HHN
Last-Modified: Thu, 24 Sep 2020 20:30:39 GMT
Server: AmazonS3
X-Timer: S1601503359.731576,VS0,VE0
ETag: "0cea574dd501306c77b63eac3cf917a9"
x-amz-request-id: 6CC5A2650350B3B1
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 84

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202009241526/ 62 KB
22 KB 76ms
31ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202009241526/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bef0496bcfb29ed7195b5688e1ed12d05351c7ab6a99d4bdc2bc3671a373c9ba

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:38 GMT
Content-Encoding: gzip
Age: 247
X-Cache: HIT
Connection: keep-alive
Content-Length: 21494
x-amz-id-2: ubZHN3qi4wjiGJSQ1CV75bFuwX/Vqb7Vbfk/VrezZXoudZz2VkOfGsYuU8Hmklf4exXgi4Ij76A=
X-Served-By: cache-hhn4080-HHN
Last-Modified: Thu, 24 Sep 2020 20:30:40 GMT
Server: AmazonS3
X-Timer: S1601503359.776581,VS0,VE0
ETag: "fbeceb2f6a4b4e85b160899f8c158053"
x-amz-request-id: 3EC04FF312F2319D
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 136

GET
H2 200 default-d0c47e9e38-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 57 KB
14 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/default-d0c47e9e38-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0cfe76357d6b81d716ea7824fd1aafb3776d540c531b47f09aa2554e604eca05

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224548
status: 200
vary: Accept-Encoding
content-length: 14670
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Sep 2020 15:27:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6ffddd1228adae3e8a8cf4b51aa2f993"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Oct 2020 07:32:57 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
1 KB 159ms
158ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/f2ef76-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24f7911ec7b278dfa88b349d9716b6c3cdaa69c02b2c5bcd9885a1055985a777

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Wed, 30 Sep 2020 22:02:38 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
x-tx-id: 53ab63d7-8ec2-491b-a244-a017469f261c
content-type: application/json
status: 200
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

results.txt Show response
kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net/eum/ Frame CED0
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pspmcqd0h
https://kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

125ms
32ms

XHR
text/plain

72.247.178.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 72.247.178.19 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a72-247-178-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Wed, 30 Sep 2020 22:02:38 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net/eum/ Frame CED0
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pspmcqd0h
https://fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

65ms
4ms

XHR
text/plain

2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 22:02:38 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net/eum/results.txt
Date: Wed, 30 Sep 2020 22:02:38 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 263 B
437 B 160ms
67ms Script
text/html 18.132.99.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fgeorgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-%2F&pcode=cbsprebidheader506831276743&callback=MoatNadoAllJsonpRequest_31796112
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.99.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-99-227.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 59e0ce1a8845105ac3ee400dc10abf2d36be9e52c7beb5f2720af1283664dbb3

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:39 GMT
server: TornadoServer/4.5.3
etag: "710daa86ca9ced849e5a5b42c941656d6f05d6a3"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 263

GET
H2 200 n.js Show response
geo.moatads.com/ 126 B
300 B 158ms
53ms Script
text/html 52.16.26.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fgeorgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1601503358836&de=713480507699&rx=163337829586&m=0&ar=3ad1957-clean&iw=0b4ad6e&q=1&cb=0&cu=1601503358836&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fgeorgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-%2F&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1226%3A1226%3A1264%3A1219&fs=183802&na=1103082144&cs=0&callback=DOMlessLLDcallback_31796112
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.26.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-26-2.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 3c0587a1ad6b79af37a753f1403a61ff500da2c2b2babd8cb5db27dcb66b06d8

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:39 GMT
server: TornadoServer/4.5.3
etag: "cab857b023863e95bb125e31ad7b649825f2fe6e"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 126

GET
H2 200 n.js Show response
geo.moatads.com/ 127 B
303 B 157ms
52ms Script
text/html 52.16.26.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fgeorgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1601503358836&de=713480507699&rx=163337829586&m=0&ar=3ad1957-clean&iw=0b4ad6e&q=2&cb=0&cu=1601503358836&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fgeorgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-%2F&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1226%3A1226%3A1264%3A1219&fs=183802&na=836032353&cs=0&callback=MoatDataJsonpRequest_31796112
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.26.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-26-2.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: fdcb4287976a495a807d3471e29576eb3ed1c220937b213b8774f8e7723bfdaa

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 22:02:39 GMT
server: TornadoServer/4.5.3
etag: "397bc525293487d4bf0f3b0a13547985d1faf7fb"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 127

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 44ms
42ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1601503358836&de=525220411666&d=CBS_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=3ad1957-clean&iw=0b4ad6e&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=zdnet.com&bd=zdnet.com%2Farticle%2Fgeorgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-&ac=1&bq=11&f=0&na=1689076083&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 22:02:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 30 Sep 2020 22:02:38 GMT

POST
H/1.1 204
No Content /
684d0d38.akstat.io/ 0
354 B 289ms
275ms Other
image/gif 2a02:26f0:f1:29b::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684d0d38.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:f1:29b::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 30 Sep 2020 22:02:39 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Wed, 30 Sep 2020 22:02:39 GMT

POST
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam.nr-data.net/events/1/ 24 B
180 B 121ms
121ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1177.96a4d39&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFmICXlVHcABYRRZCXXtNCFRcVgwhXFcCRVRNAgNCQlxEI1xQF0VKXGgHV1U%3D&rst=11403&ck=1&ref=https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1177.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zdnet.com/	1970-01-19 13:01:48	Name: RT Value: "z=1&dm=zdnet.com&si=iae0xbhzaaq&ss=kfpxqzrb&sl=0&tt=0"
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
.zdnet.com/	1970-01-19 13:01:48	Name: fly_device Value: desktop
.zdnet.com/	1970-01-19 13:01:48	Name: fly_geo Value: {"countryCode": "de"}

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 394) Message: Found registered service worker: [object ServiceWorkerRegistration]
console-api	info	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 379) Message: Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 237) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 237) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 88) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 88) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 237) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 237) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-/(Line 237) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684d0d38.akstat.io
at.cbsi.com
bam.nr-data.net
c.go-mpulse.net
cdn.cookielaw.org
confiant-integrations.global.ssl.fastly.net
fiaqj6absjkbikqbasqbgoaafbpxkad6-pspmcq-4c8059389-clienttons-s.akamaihd.net
geo.moatads.com
geolocation.onetrust.com
js-agent.newrelic.com
kjtbj22i66zcax3vab7a-pspmcq-cf2eeb532-clientnsv4-s.akamaihd.net
mb.moatads.com
production-cmp.isgprivacy.cbsi.com
px.moatads.com
securepubads.g.doubleclick.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
urs.zdnet.com
www.zdnet.com
z.moatads.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
151.101.113.194
151.101.114.110
151.101.65.188
162.247.242.20
172.217.23.162
18.132.99.227
2.21.38.40
2606:4700:10::6814:b944
2606:4700::6810:9440
2a01:4a0:1338:28::c38a:ff11
2a01:4a0:1338:28::c38a:ff18
2a02:26f0:6c00:192::11a6
2a02:26f0:f1:29b::11a6
2a04:4e42:1b::444
34.102.213.242
52.16.26.2
72.247.178.19
72.247.178.32
03f515b478fe0b05e19d3a4bdfc288892709860c909bdf96bc7ed70823ae848b
043334a3b53a20272803ebd25d336a9fce14549c76660a3c70bc2aff99108c76
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cfe76357d6b81d716ea7824fd1aafb3776d540c531b47f09aa2554e604eca05
12b4e202f1d3388754c2cea940e1c86612f0f9bb61886973d97ade599adab7ac
16b0024d58d87c8e947ab32a0cc821c49742f166d16f56841743cb1321e69b19
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1e187afd7f6eb7bf81a312484e9e20ae4a7bd5025bcd14ad60b5d409d87f9432
2154546b704f7d5c6e5591d881ab658002274121117419717ddcff13f3082482
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
24f7911ec7b278dfa88b349d9716b6c3cdaa69c02b2c5bcd9885a1055985a777
2b8993fdbbdbaa7c7772ab67af2f8b35b483c220d2370f60fa53b436a220844a
2bab2a7d9ae09a563ec869df70ac7593ca3d454dcb5599a289fd576a4cdea613
396197a350c5f917f454cb764fa31f624d64f8fbac73445c4d2862bad7ca22bf
3c0587a1ad6b79af37a753f1403a61ff500da2c2b2babd8cb5db27dcb66b06d8
526ff6ea2b855832cbf56ba8224802e6733809956f095e906508685118260b70
59e0ce1a8845105ac3ee400dc10abf2d36be9e52c7beb5f2720af1283664dbb3
5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7
5ee26698ba715b7f02f6741abe5e5961af3c14623793ead7fc87586ec4c6cfc1
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
600ef47607b28374602e53064f1113581f3c13617153a147d143ce399bb15fc4
62240b053e936a4d203bb2f5aab431156162657bfc0a814bc3b5229890c9a1c4
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
74f471f0cd1247d01fbb806a2ea70ca21ab2237a0077a6a849510a9542c69f2b
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
91be959887e9b943a95b97f808556ab250ceec7f3a88a78169adc44c16b9c702
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
968ede1bc7a993d7e204a461d70f4d0b353997581d96ecad31fb73084af9f08a
9e80376975d3f98601d3a30ae895cf2e208b2eb8721e2148cafb68199bc4b5aa
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b1f579e670be15d02e597a6e56446cfa817823f405c53c1dff7687778db77365
bef0496bcfb29ed7195b5688e1ed12d05351c7ab6a99d4bdc2bc3671a373c9ba
c37128d7c136878ba67aee6533465497848a8915cec7ce8b4ec38b09d78a830f
c962a3b7cfe8a48c590acfe1518f14455d788d4b6e5e81a10e71bf04a1a3847e
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0eb226d970ba7502652aee8562131bbbe53f2230eead3a758e34c7a64dda060
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4eb8300951b9f5d55b9733e79b44fe6ac49a4b1ea8060423823de627c35800
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
edbf1f4010bce7fb96109fe3251af567c7df334ac770b4fb5afd2a0e81e6d2fb
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f41d262f537f1329c6064a806883f5190553aab846f9502fcbc1019733084712
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
fdcb4287976a495a807d3471e29576eb3ed1c220937b213b8774f8e7723bfdaa
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:1b::444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

49 Requests

100 %HTTPS

39 %IPv6

13 Domains

24 Subdomains

17 IPs

6 Countries

1273 kBTransfer

3789 kBSize

5 Cookies

26 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

39 %
IPv6

13
Domains

24
Subdomains

17
IPs

6
Countries

1273 kB
Transfer

3789 kB
Size

5
Cookies

49 HTTP transactions
7 data transactions