gblock.greenhousedata.com Open in urlscan Pro
207.189.124.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/uCe-Cxk79gSjWJJiBEq04?domain=gblock.greenhousedata.com
Effective URL:
https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Cl...
Submission: On January 16 via manual (January 16th 2020, 11:25:08 pm UTC) from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 207.189.124.49, located in United States and belongs to ASN-VINS - ViaWest, US. The main domain is gblock.greenhousedata.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 9th 2018. Valid for: 2 years.

This is the only time gblock.greenhousedata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	207.211.31.64 207.211.31.64	14135 (NAVISITE-...) (NAVISITE-EAST-2 - Navisite)
12 14	207.189.124.49 207.189.124.49	13649 (ASN-VINS) (ASN-VINS - ViaWest)
14	13.224.196.129 13.224.196.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	68.168.245.251 68.168.245.251	33561 (GREENHOUS...) (GREENHOUSE-WY - Green House Data)
17	3

2 207.211.31.64 (United States) 2 redirects

ASN14135 (NAVISITE-EAST-2 - Navisite, Inc., US)

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 207.189.124.49 (United States) 12 redirects

ASN13649 (ASN-VINS - ViaWest, US)

gblock.greenhousedata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.224.196.129 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-129.fra2.r.cloudfront.net

ci49.aocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d2w6xpi8n6bm6u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.168.245.251 (Laramie, United States)

ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US)
PTR: 68.168.245.251.STATIC.GREENHOUSEDATA.NET

www.greenhousedata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	greenhousedata.com 12 redirects gblock.greenhousedata.com www.greenhousedata.com	66 KB
11	aocdn.net ci49.aocdn.net	19 KB
3	cloudfront.net d2w6xpi8n6bm6u.cloudfront.net	6 KB
2	mimecast.com 2 redirects protect-us.mimecast.com	1 KB
17	4

	Domain	Requested by
14	gblock.greenhousedata.com	12 redirects gblock.greenhousedata.com
11	ci49.aocdn.net	gblock.greenhousedata.com
3	d2w6xpi8n6bm6u.cloudfront.net	gblock.greenhousedata.com
2	protect-us.mimecast.com	2 redirects
1	www.greenhousedata.com	gblock.greenhousedata.com
17	5

This site contains no links.

Subject Issuer	Validity	Valid
gblock.greenhousedata.com Go Daddy Secure Certificate Authority - G2	`2018-04-09` - `2020-04-14`	2 years	crt.sh
*.actonsoftware.com Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
*.greenhousedata.com Go Daddy Secure Certificate Authority - G2	`2019-04-18` - `2021-04-21`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ
Frame ID: E45ABF93F1BFA7DF0D316CAE04D8266B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protect-us.mimecast.com/s/uCe-Cxk79gSjWJJiBEq04?domain=gblock.greenhousedata.com HTTP 307
https://protect-us.mimecast.com/redirect/eNplUV2r1DAQ_Ssl4Nu2TbL92C6IdxXx5SreXeuDFEo2Hbu1zQfJVEXxvzvVi4g-JMy... HTTP 307
https://gblock.greenhousedata.com/acton/ct/7540/s-194d-1909/Bct/l-sf-lead-000c/l-sf-lead-000c:7c0c6/ct0_0/1?si... HTTP 302
https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPrepare... Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

89 kB
Transfer

83 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/uCe-Cxk79gSjWJJiBEq04?domain=gblock.greenhousedata.com HTTP 307
https://protect-us.mimecast.com/redirect/eNplUV2r1DAQ_Ssl4Nu2TbL92C6IdxXx5SreXeuDFEo2Hbu1zQfJVEXxvzvVi4g-JMycnDM5M_OdBe2RHZla4GumpzXob2q-Az_pa3AzhJhpZ9iOLU6zo9ixABomjzgZoLysGymqal9zzumNCskdgzgNFMhC8kpyWe0YGnzjBhIwzg9UbPIUSl5koqwyUdfbIdhvurI87NgaFmLcEH08dnmXj1f6f87GAGBvbo0wKFSbsy5XGp3tco1dXpcF7_KYiqYY6OJNlz_f8CWNH9MF1JCSTf1vfqw119VWgfckF8_I_tN37-WT_Sm25sGrt-sDmYNtSi8_9O1FFFUq-xft5VTzU9P01CPnQpS96NeIEIykuodUFk11qMt9XW2tKRof-6MhhHxvyA303J7vCdAkdgaC_j2pv7nRDoGg0agwA052vPt_EmzbzTg5S0QfHILGdI2ZoUVpFfGREtfrJyKclY3OfFEBkhOi0nNMzsr4pPWJs8kFFUKi7JDcO62W5JX7DMEasBjZr2W-dqulVbHHdtmPnxtss_Y HTTP 307
https://gblock.greenhousedata.com/acton/ct/7540/s-194d-1909/Bct/l-sf-lead-000c/l-sf-lead-000c:7c0c6/ct0_0/1?sid=TV2%3AsUmQpaPuQ HTTP 302
https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t/2/1/t.gif HTTP 302
https://ci49.aocdn.net/acton/imgs/t/2/1/t.gif

Request Chain 1

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t/3/1/t.gif HTTP 302
https://ci49.aocdn.net/acton/imgs/t/3/1/t.gif

Request Chain 2

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t/594/1/t.gif HTTP 302
https://ci49.aocdn.net/acton/imgs/t/594/1/t.gif

Request Chain 3

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tl/c.png HTTP 302
https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tl/c.png

Request Chain 4

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t.gif HTTP 302
https://ci49.aocdn.net/acton/imgs/t.gif

Request Chain 5

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tr/c.png HTTP 302
https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tr/c.png

Request Chain 6

https://gblock.greenhousedata.com/cdnr/49/acton/attachment/7540/f-7c9bf03f-afa9-44da-8fc9-141bbf442b77/2/-/-/-/-/image.png HTTP 302
https://ci49.aocdn.net/acton/attachment/7540/f-7c9bf03f-afa9-44da-8fc9-141bbf442b77/2/-/-/-/-/image.png

Request Chain 8

https://gblock.greenhousedata.com/cdnr/49/acton/attachment/7540/f-0286/2/-/-/-/-/image.png HTTP 302
https://ci49.aocdn.net/acton/attachment/7540/f-0286/2/-/-/-/-/image.png

Request Chain 12

https://gblock.greenhousedata.com/cdnr/49/acton/attachment/7540/f-008b/1/-/-/-/-/image.gif HTTP 302
https://ci49.aocdn.net/acton/attachment/7540/f-008b/1/-/-/-/-/image.gif

Request Chain 14

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/bl/c.png HTTP 302
https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/bl/c.png

Request Chain 15

https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/br/c.png HTTP 302
https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/br/c.png

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set showPreparedMessage Show response gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/ Redirect Chain https://protect-us.mimecast.com/s/uCe-Cxk79gSjWJJiBEq04?domain=gblock.greenhousedata.com https://protect-us.mimecast.com/redirect/eNplUV2r1DAQ_Ssl4Nu2TbL92C6IdxXx5SreXeuDFEo2Hbu1zQfJVEXxvzvVi4g-JMycnDM5M_OdBe2RHZla4GumpzXob2q-Az_pa3AzhJhpZ9iOLU6zo9ixABomjzgZoLysGymqal9zzumNCskdgzgNFMhC... https://gblock.greenhousedata.com/acton/ct/7540/s-194d-1909/Bct/l-sf-lead-000c/l-sf-lead-000c:7c0c6/ct0_0/1?sid=TV2%3AsUmQpaPuQ https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20Sta...	43 KB 43 KB	688ms 180ms	Document text/html	207.189.124.49 ViaWest
General Check archive.org Show headers Download Go to Full URL https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.189.124.49 , United States, ASN13649 (ASN-VINS - ViaWest, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `95604b0fccbfe49b0c1796fb78edc7fabb27168ad4cb9a4f0123c68fdb86af6f` Request headers Host gblock.greenhousedata.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Cookie wp7540="AYXTDs-lM-sLHK-TTTJ:AJTJZDtlnDl-UCXK-UCTCDDDWBJBHXDgNssDDLFl-UCXK-UCTCFJmT_T^UYACVUATBC" Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers Server Apache-Coyote/1.1 Set-Cookie JSESSIONID=833BD4312C081A161134DE07C518DC0C; Path=/acton/; Secure; HttpOnly Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Date Thu, 16 Jan 2020 23:24:49 GMT Connection close Redirect headers Server Apache-Coyote/1.1 Set-Cookie wp7540="AYXTDs-lM-sLHK-TTTJ:AJTJZDtlnDl-UCXK-UCTCDDDWBJBHXDgNssDDLFl-UCXK-UCTCFJmT_T^UYACVUATBC"; Version=1; Domain=.greenhousedata.com; Max-Age=31536000; Expires=Fri, 15-Jan-2021 23:24:49 GMT; Path=/ P3P CP="ALL CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Content-Length 0 Date Thu, 16 Jan 2020 23:24:48 GMT Connection close
GET H/1.1	200 OK	t.gif ci49.aocdn.net/acton/imgs/t/2/1/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t/2/1/t.gif https://ci49.aocdn.net/acton/imgs/t/2/1/t.gif	43 B 377 B	91ms 21ms	Image image/gif	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/t/2/1/t.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `d935b0e09e536d72eb4486b967514f6c3a5407d81363387997b61ad5365da122` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 19:11:18 GMT Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 15212 X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 43 X-Amz-Cf-Id 2zmw4dtsMIWlym2_H806GbM7sJYwr7_PjNGSnfqspS8cYIw0eCOEoQ== Redirect headers Location https://ci49.aocdn.net/acton/imgs/t/2/1/t.gif Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	t.gif ci49.aocdn.net/acton/imgs/t/3/1/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t/3/1/t.gif https://ci49.aocdn.net/acton/imgs/t/3/1/t.gif	43 B 377 B	21ms 21ms	Image image/gif	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/t/3/1/t.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `6057780775b7debb0f88b78111f6b2e21a3adb49fbb3132e328831e430a086a0` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 19:11:18 GMT Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 15211 X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 43 X-Amz-Cf-Id gFF7cc0FTU6Rd3i99fu7g85E9CJlkzQn_QwpXXE3-K8orYDZlg9VSA== Redirect headers Location https://ci49.aocdn.net/acton/imgs/t/3/1/t.gif Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	t.gif ci49.aocdn.net/acton/imgs/t/594/1/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t/594/1/t.gif https://ci49.aocdn.net/acton/imgs/t/594/1/t.gif	63 B 397 B	23ms 22ms	Image image/gif	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/t/594/1/t.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `84979635b7a4ee7b3dcc2999889542462028a3fa187ae3cd83cd0ac9a4024d77` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 19:11:18 GMT Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 15212 X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 63 X-Amz-Cf-Id F9qQyKrDBSmnMwNhu1WWTptnIEUDgrHWw_MPc_oWhxa2s5_RWAygXQ== Redirect headers Location https://ci49.aocdn.net/acton/imgs/t/594/1/t.gif Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	c.png ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tl/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tl/c.png https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tl/c.png	142 B 477 B	45ms 21ms	Image image/png	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tl/c.png Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `17ee34a47bae484d1eae8f9f8e25202197c7684b54cfea2cfe59dec95ab1de16` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 19:11:18 GMT Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 15211 X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 142 X-Amz-Cf-Id tn8QMhaBSaZpcEqvrS4gc1mIAVx6__jvjJ8IEiZyzKgbLiXu2zfxkQ== Redirect headers Location https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tl/c.png Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	t.gif ci49.aocdn.net/acton/imgs/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/t.gif https://ci49.aocdn.net/acton/imgs/t.gif	43 B 416 B	42ms 21ms	Image image/gif	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/t.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 06:39:08 GMT Via 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 60342 X-Cache Hit from cloudfront Content-Type image/gif;charset=UTF-8 X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 43 X-Amz-Cf-Id V9gaXwMYvFzebAKr-eavn2AYJr9nYcmyT72TQm-3SY6MUR30N1Uvyw== Redirect headers Location https://ci49.aocdn.net/acton/imgs/t.gif Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	c.png ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tr/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tr/c.png https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tr/c.png	140 B 475 B	41ms 21ms	Image image/png	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tr/c.png Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `7b1d6c6fd4bad6e6715bd625ef32560dcb6ed11925266344be0fa8834473863c` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 19:11:18 GMT Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 15211 X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 140 X-Amz-Cf-Id mrI-QxDXeF--2cBW60QfemKlXUidsw83q0j5SDbzoVOThTnKZaH4Pw== Redirect headers Location https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/tr/c.png Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	image.png ci49.aocdn.net/acton/attachment/7540/f-7c9bf03f-afa9-44da-8fc9-141bbf442b77/2/-/-/-/-/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/attachment/7540/f-7c9bf03f-afa9-44da-8fc9-141bbf442b77/2/-/-/-/-/image.png https://ci49.aocdn.net/acton/attachment/7540/f-7c9bf03f-afa9-44da-8fc9-141bbf442b77/2/-/-/-/-/image.png	10 KB 11 KB	725ms 628ms	Image image/png	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/attachment/7540/f-7c9bf03f-afa9-44da-8fc9-141bbf442b77/2/-/-/-/-/image.png Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `98cd19747b3763956598df3012b367e653fbc52434ad5128dba3a9c592220db6` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:51 GMT Via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 X-Amz-Cf-Pop FRA2-C1 X-Cache Hit from cloudfront Content-Type image/png;charset=UTF-8 Cache-Control PUBLIC, max-age=3600, must-revalidate Connection keep-alive Content-Length 10698 X-Amz-Cf-Id X8C8fAKWmoPCuSj2SbLOjEs9-_pqjlUtz4TH3Xh4gsVXNmWt4jti0Q== Expires Fri, 17 Jan 2020 00:24:51 GMT Redirect headers Location https://ci49.aocdn.net/acton/attachment/7540/f-7c9bf03f-afa9-44da-8fc9-141bbf442b77/2/-/-/-/-/image.png Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	government-ransomware_400_285.png www.greenhousedata.com/assets/made/uploads/images/blog/	20 KB 21 KB	562ms 140ms	Image image/png	68.168.245.251 Green House Data
General Check archive.org Show headers Download Go to Show image Full URL https://www.greenhousedata.com/assets/made/uploads/images/blog/government-ransomware_400_285.png Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 68.168.245.251 Laramie, United States, ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US), Reverse DNS 68.168.245.251.STATIC.GREENHOUSEDATA.NET Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.10 / Resource Hash `f1efa17e2c465bfd2862155367cdce6a68b21bb794ce3b2fc05933255a27c11b` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:50 GMT Last-Modified Wed, 28 Aug 2019 08:15:40 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.10 Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 20786 Expires Sat, 15 Feb 2020 23:24:50 GMT
GET H/1.1	200 OK	image.png ci49.aocdn.net/acton/attachment/7540/f-0286/2/-/-/-/-/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/attachment/7540/f-0286/2/-/-/-/-/image.png https://ci49.aocdn.net/acton/attachment/7540/f-0286/2/-/-/-/-/image.png	2 KB 3 KB	852ms 754ms	Image image/png	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/attachment/7540/f-0286/2/-/-/-/-/image.png Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `ddeac0b1b6254f3e789cec795eaf1a313ab3cf8f131cfb87ef85e84ded87b532` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:51 GMT Via 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 X-Amz-Cf-Pop FRA2-C1 X-Cache Hit from cloudfront Content-Type image/png;charset=UTF-8 Cache-Control PUBLIC, max-age=3600, must-revalidate Connection keep-alive Content-Length 2361 X-Amz-Cf-Id hV2NIpc_ZSNc68gA-t9PigiVB-UbNP193wZu1S2BKzq6_UIRUOhY2A== Expires Fri, 17 Jan 2020 00:24:51 GMT Redirect headers Location https://ci49.aocdn.net/acton/attachment/7540/f-0286/2/-/-/-/-/image.png Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	twitter_icon.gif d2w6xpi8n6bm6u.cloudfront.net/acton/attachment/7540/f-0071/1/-/-/-/-/	1 KB 2 KB	866ms 767ms	Image image/gif	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d2w6xpi8n6bm6u.cloudfront.net/acton/attachment/7540/f-0071/1/-/-/-/-/twitter_icon.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `27c914f3080287ca74f01e79edc7ccb1c302f4353ccde31a23ccce2552340b05` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:51 GMT Via 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 X-Amz-Cf-Pop FRA2-C1 X-Cache Hit from cloudfront Content-Type image/gif;charset=UTF-8 Cache-Control PUBLIC, max-age=3600, must-revalidate Connection keep-alive Content-Length 1514 X-Amz-Cf-Id WPo6w1ipLb8_nYUI8Tye2ADV9mRaueYRt7iv2Mh86HdGt_34TpEYuw== Expires Fri, 17 Jan 2020 00:24:51 GMT
GET H/1.1	200 OK	facebook_icon.gif d2w6xpi8n6bm6u.cloudfront.net/acton/attachment/7540/f-002f/1/-/-/-/-/	1 KB 2 KB	869ms 770ms	Image image/gif	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d2w6xpi8n6bm6u.cloudfront.net/acton/attachment/7540/f-002f/1/-/-/-/-/facebook_icon.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `eeb26c1adc931ab1edda514708c2a48d91687377c5af0ce791166853e3bd2cda` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:51 GMT Via 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 X-Amz-Cf-Pop FRA2-C1 X-Cache Hit from cloudfront Content-Type image/gif;charset=UTF-8 Cache-Control PUBLIC, max-age=3600, must-revalidate Connection keep-alive Content-Length 1384 X-Amz-Cf-Id 3zZHEd-N0VaUYCCm5ACbFa10MOWcwBFmiJC88sOZAvkarNtnsCjsow== Expires Fri, 17 Jan 2020 00:24:51 GMT
GET H/1.1	200 OK	linked-in-icon.jpg d2w6xpi8n6bm6u.cloudfront.net/acton/attachment/7540/f-01fb/1/-/-/-/-/	2 KB 2 KB	872ms 774ms	Image image/jpeg	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d2w6xpi8n6bm6u.cloudfront.net/acton/attachment/7540/f-01fb/1/-/-/-/-/linked-in-icon.jpg Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `adae024f62738104eeb67aa18cc46c6ba14faaa30ed51eddce1bf5cae42c2852` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:51 GMT Via 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 X-Amz-Cf-Pop FRA2-C1 X-Cache Hit from cloudfront Content-Type image/jpeg;charset=UTF-8 Cache-Control PUBLIC, max-age=3600, must-revalidate Connection keep-alive Content-Length 1602 X-Amz-Cf-Id AxTT2Jw-WE2A7tJ0AGVMEhMKunnaRTUqJ389Et3d6oKUYMIBoQ3C7w== Expires Fri, 17 Jan 2020 00:24:51 GMT
GET H/1.1	200 OK	image.gif ci49.aocdn.net/acton/attachment/7540/f-008b/1/-/-/-/-/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/attachment/7540/f-008b/1/-/-/-/-/image.gif https://ci49.aocdn.net/acton/attachment/7540/f-008b/1/-/-/-/-/image.gif	2 KB 2 KB	964ms 884ms	Image image/gif	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/attachment/7540/f-008b/1/-/-/-/-/image.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `e672f4f2dac5f46319f15324034b0d807264e0bc0b2ee364d7f056ea8b56cb69` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:51 GMT Via 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 X-Amz-Cf-Pop FRA2-C1 X-Cache Miss from cloudfront Content-Type image/gif;charset=UTF-8 Cache-Control PUBLIC, max-age=3600, must-revalidate Connection keep-alive Content-Length 1733 X-Amz-Cf-Id eY0mBvCccam_7JV-BrbyouveXj2tTfeuYrZMoKFJQBl8qEX_hJiQGw== Expires Fri, 17 Jan 2020 00:24:51 GMT Redirect headers Location https://ci49.aocdn.net/acton/attachment/7540/f-008b/1/-/-/-/-/image.gif Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	endline.gif gblock.greenhousedata.com/acton/o/7540/s-194d-1909/l-sf-lead-000c:7c0c6/l-sf-lead-000c/UVADTDTDU/	43 B 190 B	181ms 180ms	Image image/gif	207.189.124.49 ViaWest
General Check archive.org Show headers Download Go to Show image Full URL https://gblock.greenhousedata.com/acton/o/7540/s-194d-1909/l-sf-lead-000c:7c0c6/l-sf-lead-000c/UVADTDTDU/endline.gif Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.189.124.49 , United States, ASN13649 (ASN-VINS - ViaWest, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 23:24:50 GMT Server Apache-Coyote/1.1 Connection close Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	c.png ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/bl/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/bl/c.png https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/bl/c.png	136 B 471 B	22ms 21ms	Image image/png	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/bl/c.png Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `dffe619fcd04ec0bddafdf4c8eeaf634890fa9595f95af37e9c02c35c037eb96` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 19:11:18 GMT Via 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 15212 X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 136 X-Amz-Cf-Id zYCJtxZOV63SO6u8SwFderx66z1Imj74SfWp2O8c8_zzL2CQ8PVi7A== Redirect headers Location https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/bl/c.png Server BigIP Connection Keep-Alive Content-Length 0
GET H/1.1	200 OK	c.png ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/br/ Redirect Chain https://gblock.greenhousedata.com/cdnr/49/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/br/c.png https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/br/c.png	140 B 475 B	23ms 23ms	Image image/png	13.224.196.129 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/br/c.png Requested by Host: gblock.greenhousedata.com URL: https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `c8aa0cde5523ee52d732d78c8dec3e796a699e6bbcb2553deac4f3ea3cb9a084` Request headers Referer https://gblock.greenhousedata.com/acton/rif/7540/s-194d-1909/-/l-sf-lead-000c:7c0c6/l-sf-lead-000c/showPreparedMessage?utm_term=Click%20here&utm_campaign=Ransomware%20Attacks%20Ramp%20Up%20on%20State%20and%20Local%20Governments&utm_content=email&utm_source=Act-On+Software&utm_medium=email&sid=TV2:sUmQpaPuQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 16 Jan 2020 19:11:18 GMT Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Age 15212 X-Cache Hit from cloudfront X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 140 X-Amz-Cf-Id ztHkoNVLdzRWnYHDjassD0Rk6jKh44v1sokZrCdgdrIHZj4lNBMq4Q== Redirect headers Location https://ci49.aocdn.net/acton/imgs/rc/2/5/FFFFFF/5F6062/FFFFFF/br/c.png Server BigIP Connection Keep-Alive Content-Length 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.greenhousedata.com/	1970-01-19 15:25:53	Name: wp7540 Value: "AYXTDs-lM-sLHK-TTTJ:AJTJZDtlnDl-UCXK-UCTCDDDWBJBHXDgNssDDLFl-UCXK-UCTCFJmT_T^UYACVUATBC"
			gblock.greenhousedata.com/acton/	1969-12-31 23:59:59	Name: JSESSIONID Value: 833BD4312C081A161134DE07C518DC0C

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ci49.aocdn.net
d2w6xpi8n6bm6u.cloudfront.net
gblock.greenhousedata.com
protect-us.mimecast.com
www.greenhousedata.com
13.224.196.129
207.189.124.49
207.211.31.64
68.168.245.251
17ee34a47bae484d1eae8f9f8e25202197c7684b54cfea2cfe59dec95ab1de16
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
27c914f3080287ca74f01e79edc7ccb1c302f4353ccde31a23ccce2552340b05
6057780775b7debb0f88b78111f6b2e21a3adb49fbb3132e328831e430a086a0
7b1d6c6fd4bad6e6715bd625ef32560dcb6ed11925266344be0fa8834473863c
84979635b7a4ee7b3dcc2999889542462028a3fa187ae3cd83cd0ac9a4024d77
95604b0fccbfe49b0c1796fb78edc7fabb27168ad4cb9a4f0123c68fdb86af6f
98cd19747b3763956598df3012b367e653fbc52434ad5128dba3a9c592220db6
adae024f62738104eeb67aa18cc46c6ba14faaa30ed51eddce1bf5cae42c2852
c8aa0cde5523ee52d732d78c8dec3e796a699e6bbcb2553deac4f3ea3cb9a084
d935b0e09e536d72eb4486b967514f6c3a5407d81363387997b61ad5365da122
ddeac0b1b6254f3e789cec795eaf1a313ab3cf8f131cfb87ef85e84ded87b532
dffe619fcd04ec0bddafdf4c8eeaf634890fa9595f95af37e9c02c35c037eb96
e672f4f2dac5f46319f15324034b0d807264e0bc0b2ee364d7f056ea8b56cb69
eeb26c1adc931ab1edda514708c2a48d91687377c5af0ce791166853e3bd2cda
f1efa17e2c465bfd2862155367cdce6a68b21bb794ce3b2fc05933255a27c11b

gblock.greenhousedata.com Open in urlscan Pro 207.189.124.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

3 IPs

1 Countries

89 kBTransfer

83 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

gblock.greenhousedata.com Open in urlscan Pro
207.189.124.49 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

89 kB
Transfer

83 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions