URL: https://www.scmagazine.com/home/security-news/ransomware/
Submission: On May 06 via api from CH

Summary

This website contacted 37 IPs in 5 countries across 31 domains to perform 211 HTTP transactions. The main IP is 52.86.64.17, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.scmagazine.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on September 6th 2018. Valid for: a year.
This is the only time www.scmagazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 52.86.64.17 14618 (AMAZON-AES)
30 94.31.29.64 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
3 52.216.128.141 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 16 172.217.23.130 15169 (GOOGLE)
1 151.101.120.134 54113 (FASTLY)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:1f14:e96... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2600:9000:200... 16509 (AMAZON-02)
3 6 38.126.130.202 1422 (MEDIA6-ASN)
63 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 34.196.223.248 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 8 54.171.224.12 16509 (AMAZON-02)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.235.53.91 14618 (AMAZON-AES)
1 34.196.212.82 14618 (AMAZON-AES)
1 143.204.214.92 16509 (AMAZON-02)
1 1 95.101.194.150 16625 (AKAMAI-AS)
2 2 34.95.92.78 15169 (GOOGLE)
2 2 2.21.37.45 20940 (AKAMAI-ASN1)
2 2 34.242.41.222 16509 (AMAZON-02)
2 3 18.195.251.148 16509 (AMAZON-02)
2 7 2600:1f14:e96... 16509 (AMAZON-02)
1 35.227.192.113 15169 (GOOGLE)
2 3 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:109:c002... 14413 (LINKEDIN)
4 52.5.96.203 14618 (AMAZON-AES)
2 2 54.154.211.245 16509 (AMAZON-02)
2 54.184.89.98 16509 (AMAZON-02)
3 12 2600:1f14:e96... 16509 (AMAZON-02)
3 54.191.148.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
211 37
Apex Domain
Subdomains
Transfer
64 lytics.io
c.lytics.io
api.lytics.io
47 KB
30 netdna-ssl.com
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
772 KB
29 b2c.com
api.b2c.com
api-54-184-89-98.b2c.com
api-54-191-148-31.b2c.com
33 KB
16 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
127 KB
12 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
185 KB
9 ml314.com
ml314.com
in.ml314.com
16 KB
7 feathr.co
cdn.feathr.co
polo.feathr.co
marco.feathr.co
polo-v1.feathr.co
29 KB
6 googletagservices.com
www.googletagservices.com
151 KB
5 google-analytics.com
www.google-analytics.com
37 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
4 google.com
adservice.google.com
www.google.com
773 B
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
42 KB
4 scmagazine.com
www.scmagazine.com
26 KB
3 eyeota.net
ps.eyeota.net
875 B
3 media6degrees.com
action.media6degrees.com
1012 B
3 dstillery.com
action.dstillery.com
1 KB
3 google.de
adservice.google.de
www.google.de
389 B
3 amazonaws.com
s3.amazonaws.com
856 KB
2 adsrvr.org
match.adsrvr.org
884 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 mathtag.com
pixel.mathtag.com
1 KB
2 rlcdn.com
idsync.rlcdn.com
659 B
2 googleapis.com
fonts.googleapis.com
982 B
1 bluekai.com
tags.bluekai.com
787 B
1 chartbeat.net
ping.chartbeat.net
168 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 licdn.com
snap.licdn.com
5 KB
1 crazyegg.com
script.crazyegg.com
28 KB
1 disqus.com
scmagazineus.disqus.com
1 KB
1 maropost.com
content.maropost.com
3 KB
1 googletagmanager.com
www.googletagmanager.com
27 KB
211 31
Domain Requested by
63 c.lytics.io 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
c.lytics.io
www.scmagazine.com
30 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com www.scmagazine.com
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
15 api-54-191-148-31.b2c.com 3 redirects www.scmagazine.com
14 securepubads.g.doubleclick.net 1 redirects www.googletagservices.com
securepubads.g.doubleclick.net
www.scmagazine.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.scmagazine.com
9 api-54-184-89-98.b2c.com 2 redirects www.scmagazine.com
8 ml314.com 2 redirects www.scmagazine.com
ml314.com
6 www.googletagservices.com www.scmagazine.com
securepubads.g.doubleclick.net
5 api.b2c.com www.googletagmanager.com
securepubads.g.doubleclick.net
5 www.google-analytics.com 2 redirects www.googletagmanager.com
www.google-analytics.com
4 polo.feathr.co cdn.feathr.co
www.scmagazine.com
4 www.scmagazine.com 1 redirects 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
3 px.ads.linkedin.com 2 redirects www.scmagazine.com
3 ps.eyeota.net 2 redirects www.scmagazine.com
3 www.google.com 2 redirects securepubads.g.doubleclick.net
3 action.media6degrees.com www.scmagazine.com
3 action.dstillery.com 3 redirects
3 fonts.gstatic.com www.scmagazine.com
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
3 s3.amazonaws.com www.scmagazine.com
2 pagead2.googlesyndication.com www.scmagazine.com
2 match.adsrvr.org 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel.mathtag.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 www.google.de www.scmagazine.com
2 stats.g.doubleclick.net 2 redirects
2 fonts.googleapis.com www.scmagazine.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 polo-v1.feathr.co www.scmagazine.com
1 www.linkedin.com 1 redirects
1 api.lytics.io c.lytics.io
1 tags.bluekai.com 1 redirects
1 marco.feathr.co www.scmagazine.com
1 in.ml314.com ml314.com
1 cdn.feathr.co 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
1 ping.chartbeat.net www.scmagazine.com
1 static.chartbeat.com www.scmagazine.com
1 snap.licdn.com www.scmagazine.com
1 script.crazyegg.com www.googletagmanager.com
1 scmagazineus.disqus.com 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 content.maropost.com www.scmagazine.com
1 www.googletagmanager.com www.scmagazine.com
211 44
Subject Issuer Validity Valid
*.scmagazine.com
Trusted Secure Certificate Authority 5
2018-09-06 -
2019-09-06
a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-18 -
2020-02-27
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
content.maropost.com
Amazon
2018-10-25 -
2019-11-25
a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-12-03 -
2019-10-25
a year crt.sh
*.google.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA
2018-03-28 -
2020-04-27
2 years crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-12-20 -
2019-09-18
9 months crt.sh
*.b2c.com
Amazon
2019-03-24 -
2020-04-24
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.chartbeat.com
Gandi Standard SSL CA 2
2019-04-10 -
2020-04-10
a year crt.sh
dstillery.com
COMODO RSA Domain Validation Secure Server CA
2018-01-18 -
2021-04-17
3 years crt.sh
ssl379818.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-02-15 -
2019-08-24
6 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2018-12-20 -
2020-01-01
a year crt.sh
ssl379779.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-01-09 -
2019-07-18
6 months crt.sh
*.ml314.com
Amazon
2019-03-16 -
2020-04-16
a year crt.sh
www.google.de
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
polo.feathr.co
Let's Encrypt Authority X3
2019-04-01 -
2019-06-30
3 months crt.sh
marco.feathr.co
Amazon
2018-10-18 -
2019-11-18
a year crt.sh
www.eyeota.com
COMODO RSA Domain Validation Secure Server CA
2018-02-12 -
2021-02-11
3 years crt.sh
b2c.com
Let's Encrypt Authority X3
2019-04-23 -
2019-07-22
3 months crt.sh
*.lytics.io
RapidSSL TLS RSA CA G1
2018-01-26 -
2020-01-06
2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2017-06-06 -
2019-06-11
2 years crt.sh
polo-v1.feathr.co
Let's Encrypt Authority X3
2019-04-20 -
2019-07-19
3 months crt.sh
www.google.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.scmagazine.com/home/security-news/ransomware/
Frame ID: 79573978BCBF1777F028557645C412C9
Requests: 170 HTTP requests in this frame

Frame: data://truncated
Frame ID: F651D29415A45B9E4A33425FF83E8668
Requests: 1 HTTP requests in this frame

Frame: https://api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/2667d42f2a68aa694f03b881af943ebd?segments=true&mergestate=true&ts=1557138551429
Frame ID: EE487AAE2372EC90CE6A5B54EC8DF08A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1PptvKAL1YYaGiEHuzhoSVH84LTGSs3lbl69oG7dkAdb0sVOOp2glWLCAC1HLFONIAXltJ91T4BlT_FMZacislXqokKaHM2kr_ly_AeYY4P0cM6RIxcDy0wFCWkiTo5TdGZyBC-PjekNYBcLd2jSLndVUfL2u436tsuHaMwwlvtC91YfJf6uKSzzKD2DvaIzIGpVmM_N7W-FMuiLMJbPka-A8tTdeNLWI1FU3338I45kPhMg37mtWXcXaPvBO7HCV5sUS43DVszIbYlrEabKrNJhW3fIM4Msq03H8p_fh_5Gbxfw&sai=AMfl-YS0OeIMikiFN59Op_SKot8q_jEkWIorJ0SwGKZ_qKGGeQhmuQLQLZYLJl_YVfJK6miUCGrBuGNvEI_7KUaXtDS1GP8bWC4MUdiL7qjMpTHySddV-LhP9kB1GNIE&sig=Cg0ArKJSzG5Ch-sdpzffEAE&adurl=
Frame ID: A521635A56CB17F311F75E8938FCF928
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtElhAlWQKNk0kUMJWcFFrP3VkGG4NgxLQGA5lrXhFfoVxSKFaG3GtV0vYLW8caRVeSJiQvvoWgcek7jfZQx16Y7roNldkZRadvHAT_Rz14mkdDmysXxu_cX5qcApTsGzru1Swch5j8QDZPxBV1gyzqvrrcsQNJH57GmepYp3m5SeP_RYuGgYxkZop7E1gER0Sek_zhZWFWCv6vkUAFQwOi8nClvhm0QeQFXM4aTIq0zwqf9RzEibnlwL_5EKpXfJtVkasuO40JBa28Q22SMa8TZmUWFb2CnsPnfCRuqoYHLRh--dioXE&sai=AMfl-YQ5nl46OWKgiDhrtWzR3z8ad_AoeXywmLYWZPOQmEAaexHIckbJhN2w1Gc9qiNJezkRy6CPQuK-PsZdQs8Wjklc6DEFSz8MOY08DXnDr03OeO-2eeTADQRnaNBu&sig=Cg0ArKJSzAAdnDE-M__MEAE&adurl=
Frame ID: 36418443325A6EC35A4A02259EA3A6AF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrQ1jeI5JknErfg__Au1AhI4fqDXbeZZrkOs7XVKbqKJMH6P9WaPMQ66qU_Or_osRU1NGpi6akG0UxZhIX1mrv-om8_qE75HFXA7o_mkW8BWT0o7ZVvaQaVUYQ0x6-xRsAIJN55OA-h3ptJX9R_gKldTzBft_KYtVH0N6BH5WrZJW7adZRiz5L9qiQjPazDimLaLijocyzyPA19ybpfelgUhDPrLHr5OQmiyuhuCVmpf4fWrMl8Ctf67UjGVda2pSh0he9YkjJve1a4aalL4piSNw8TtZnvUHf-Q&sai=AMfl-YSslUgheO9B4FoC3foN69h7MV9JeKmK7G_yg6iGF7xm_uf2Egn_ahKZ84ac5mBG9YpzCW-QAQMEfmQog-KjxHz3VS-KhmnhFLD_5YeNJWYR3ziYcJgeEOJ8_60H&sig=Cg0ArKJSzKUVgoNmCYf3EAE&adurl=
Frame ID: F73ADBBDF8EDC6173283792D96FF3F38
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaa7XEiyaTK26-KCBkZ_Cz3P2cgAeBzwUaA1ZWfVc3T-vrjK2okFzQV5d5LFVSpdBouvYerxWeTdPAtEJxHUPGiGhL-oB1dTXbZrKicykt_8t8HO67ZvuZMHuDOAjBCKYIqQwjhvcdjn-lQPtgJlnRd9GWeGVUN0D0LmrORwx6xtGNfFA6nZl0JX3s-HL6xuWRFKOTBoTGHYO8Mz5JhcO97ljWU1CGOV0H_IBU-23fL9Adxg6VXf5JdScSsixeYz1QGGSHYOVN3gLjvh85VGEXGNxOP0KyKh44AA&sai=AMfl-YSzByI0tzD79oXBv0uJHzRT1IlIx8LIzV6LB9xPpiYd0h8R1nDrYwRSwOTrh0fw9BajvzBAycSUn_0XYu_OFleiGLQRvoAxs2Hz6JmHM5yN87WOP52s9iiDYL9x&sig=Cg0ArKJSzDOymCgn00G9EAE&adurl=
Frame ID: 8477176567F40CE14C576521F7444FF9
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.scmagazine.com/home/security-news/ransomware HTTP 301
    https://www.scmagazine.com/home/security-news/ransomware/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i

Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i
  • env /^_sf_(?:endpt|async_config)$/i

Overall confidence: 100%
Detected patterns
  • env /^CE2$/i

Overall confidence: 100%
Detected patterns
  • env /^DISQUS/i

Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^googletag$/i
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^optimizely$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

211
Requests

92 %
HTTPS

51 %
IPv6

31
Domains

44
Subdomains

37
IPs

5
Countries

2398 kB
Transfer

3909 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.scmagazine.com/home/security-news/ransomware HTTP 301
    https://www.scmagazine.com/home/security-news/ransomware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Request Chain 66
  • https://action.dstillery.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
  • https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Request Chain 67
  • https://action.dstillery.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
  • https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Request Chain 80
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1800705892&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAAADQ~&jid=686803991&gjid=1180557067&cid=1287632925.1557138551&tid=UA-1290429-10&_gid=357245864.1557138551&_r=1&gtm=2wg430W475TQW&cd1=&cd2=&cd3=&cd4=&cd5=section&cd6=&cd7=home&cd8=security%20news&cd9=ransomware&cd11=omn&cd12=76&cd14=false&cd15=false&cd16=false&cd17=&cd18=0&cd19=&cd31=&cd32=&cd33=&cd34=&cd35=&cd36=&cd37=undefined&cd38=undefined&cd39=undefined&cd40=&cd41=&cd42=&cd43=&cd46=&cd48=&cd50=&cd55=&cd56=11&cd57=&cd58=&cd61=false&cd62=&cd63=0&cd67=undef&cd70=false&cd77=GA1.2.1287632925.1557138551&z=235851700 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_gid=357245864.1557138551&gjid=1180557067&_v=j73&z=235851700 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_v=j73&z=235851700 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_v=j73&z=235851700&slf_rd=1&random=1486310470
Request Chain 85
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMRf4JZMAibfc3CIlJ_t_zpTXb-zvRqM9EPaqAI02uc5XwVhSY5dIOaPMCI5dSI0gi4Nph4KQQhi8WfLb1ti8vkPAHLLeDF3a0Ol4EM4jssLE9q1hJdfaDqj1MG2Hp3rFNQdOelW7bD5oThgkW8ZEe_0gaeA47EwCVtfbvj1fYiMHvKrpE9ZDDgVKOrnc-ck4QUwhAAEUtLbbMyesLX_f2ExTBBei4N1_X3mJwP-Bko1gUIrNg-BRXl5kLwW7wwZJK5L4ZmyKGkrVxeoRWhnEmBoXhwniZ7iXSQd_5rkqTNTX_I5TTcoFi3OirzCUrf7ThRF2-RuELorn56rnNZrt4&sai=AMfl-YQik1l5UjE-7oWkiBl99PJdEewgQ45r6YBMxqs_91PMkpNbDBwG299EXjIh_QkHKU5-p1iBx--fwUxx4wN3pn-sH4GmeMf_RJiPUaWIKQ&sig=Cg0ArKJSzCBkVHDrsEFSEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCHspyDXhABGAEyCGzdfeWAGUXM HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCHspyDXhABGAEyCGzdfeWAGUXM
Request Chain 89
  • https://tags.bluekai.com/site/20486?limit=0&id=5978151472775359915&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151472775359915%26eid=50056 HTTP 302
  • https://ml314.com/csync.ashx?fp=mxkXJQ9999OhUBOz&person_id=5978151472775359915&eid=50056
Request Chain 90
  • https://idsync.rlcdn.com/395886.gif?partner_uid=5978151472775359915 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ3Mjc3NTM1OTkxNRAAGg0I95jA5gUSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=5ab9cb9491744d7568e651a350b538d7eb1e6547b4902cd7f9d12f88f72db6e9f4cb09cee1a4f8eb&person_id=5978151472775359915&eid=50082
Request Chain 91
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151472775359915%26eid=50220 HTTP 302
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151472775359915%26eid=50220&mm_bnc&mm_bct HTTP 302
  • https://ml314.com/csync.ashx?fp=17af5cd0-06a5-4600-9bd8-fb87b56f4fd3&person_id=5978151472775359915&eid=50220
Request Chain 92
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151472775359915 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151472775359915 HTTP 302
  • https://ml314.com/csync.ashx?fp=f5f2415846ae7124d1c8b9334793ff7d&eid=50146&person_id=5978151472775359915
Request Chain 93
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2PC-L9kfCVzSGd1rUpe8kF5IPfu5RYdgVvCH27rIwez4&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
  • https://ml314.com/csync.ashx?fp=2PC-L9kfCVzSGd1rUpe8kF5IPfu5RYdgVvCH27rIwez4&person_id=5978151472775359915&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Request Chain 96
  • https://api-54-184-89-98.b2c.com/api/x?8EndfCXsGPt4f508$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTU4NXgxMjAwIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkMSQxIiwiYXBwQ29kZU5hbWUkMSRNb3ppbGxhIiwiYXBwTmFtZSQxJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQxJDUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDEkdHJ1ZSIsImRvTm90VHJhY2skMSQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkOCIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJExpbnV4IHg4Nl82NCIsInByb2R1Y3QkMSRHZWNrbyIsInByb2R1Y3RTdWIkMSQyMDAzMDEwNyIsInNlbmRCZWFjb24kMSQxIiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDEkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMSQiLCJmb250cmVuZGVyJDUkMSIsIndlYmdsJDYkbi9hIiwidGltZSQ2JDE1NTcxMzg1NTEzNDYiLCJ0aW1lem9uZSQ2JDAiLCJwbHVnaW5zJDYkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkNyQyMC4xNzA2MyIsIm1lbS11c2VkSlNIZWFwU2l6ZSQ3JDEwLjkxODYxNCIsIm1lbS1qc0hlYXBTaXplTGltaXQkNyQyMTk3LjgxNTI5NiIsInRpbWUtcmVkaXJlY3RFbmQkNyQ1NzIiLCJ0aW1lLWZldGNoU3RhcnQkNyQ1NzIiLCJ0aW1lLWRvbWFpbkxvb2t1cFN0YXJ0JDckNTcyIiwidGltZS1kb21haW5Mb29rdXBFbmQkNyQ1NzIiLCJ0aW1lLWNvbm5lY3RTdGFydCQ3JDU3MiIsInRpbWUtY29ubmVjdEVuZCQ3JDU3MiIsInRpbWUtcmVxdWVzdFN0YXJ0JDckNTczIiwidGltZS1yZXNwb25zZVN0YXJ0JDckNzg3IiwidGltZS1yZXNwb25zZUVuZCQ3JDc4OCIsInRpbWUtZG9tTG9hZGluZyQ3JDc5MCIsInRpbWUtZG9tSW50ZXJhY3RpdmUkNyQyMDI3IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDckMSIsIm5hdmlnYXRpb24tdHlwZSQ3JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDEyJDAuMjk1IiwiZ2xvYmFscyQxMiRiMzllNjg5YiIsImRvY3VtZW50LXRpbWUkMTUkMC40NSIsImRvY3VtZW50JDE1JDE4ODA4ZGU0IiwiY29ubmVjdGlvbiQxNSQiLCJkb3dubGlua01heCQxNSQiLCJnZXRVc2VyTWVkaWEkMTYkMiIsImNsb2NrJDIwJDQ3ODAiLCJiYXR0ZXJ5JDIyJDEgMSAwIEluZmluaXR5IiwiaW50ZXJzZWN0aW9uLXNpemUkMjYkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uJDI2JDMzIiwiYXVkaW9jb250ZXh0JDI5JDk2ZTE0YmVmIiwic29ydCQ3MiQxOC42MTUiLCJmcmFtZXJhdGUkMTI5JDkw HTTP 302
  • https://api-54-184-89-98.b2c.com:444/api/4?8EndfCXsGPt4f508
Request Chain 97
  • https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1557138551731%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity-news%252Fransomware%252F%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Request Chain 161
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5cd00c7714baa30001d028f8&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5cd00c7714baa30001d028f8&gdpr=0 HTTP 302
  • https://polo-v1.feathr.co/v1/analytics/match?f_id=5cd00c7714baa30001d028f8&ttd_id=d2612309-512e-42b8-a980-a0e511746fc8
Request Chain 182
  • https://api-54-191-148-31.b2c.com/api/x?3x8OQNGZdzJUQnFf$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQ3Mjh4OTAiLCJpbm5lciQwJDcyOHg5MCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQwJDEiLCJhcHBDb2RlTmFtZSQwJE1vemlsbGEiLCJhcHBOYW1lJDAkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDAkNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQ4IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkTGludXggeDg2XzY0IiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQxJDEiLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsImZvbnRyZW5kZXIkMSQxIiwid2ViZ2wkMiRuL2EiLCJ0aW1lJDIkMTU1NzEzODU1MjM5MiIsInRpbWV6b25lJDIkMCIsInBsdWdpbnMkMiROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQyJDI2LjM0MDU4MiIsIm1lbS11c2VkSlNIZWFwU2l6ZSQyJDE4Ljk1NzM1OCIsIm1lbS1qc0hlYXBTaXplTGltaXQkMiQyMTk3LjgxNTI5NiIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQyJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ2JDAuMjciLCJnbG9iYWxzJDYkYjM5ZTY4OWIiLCJkb2N1bWVudC10aW1lJDkkMC4zNiIsImRvY3VtZW50JDEwJDE4ODA4ZGU0IiwiY29ubmVjdGlvbiQxMCQiLCJkb3dubGlua01heCQxMCQiLCJnZXRVc2VyTWVkaWEkMTAkMiIsImNsb2NrJDE0JDUzMzciLCJiYXR0ZXJ5JDMyJDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDMzJDk2ZTE0YmVmIiwiaW50ZXJzZWN0aW9uLXNpemUkMzYkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDM2JDAuNXgwIDcyOHg5MCIsImludGVyc2VjdGlvbiQzNiQxMDAiLCJzb3J0JDU3JDE1LjM4NSIsImZyYW1lcmF0ZSQxMjkkODA HTTP 302
  • https://api-54-191-148-31.b2c.com:444/api/4?3x8OQNGZdzJUQnFf
Request Chain 196
  • https://api-54-184-89-98.b2c.com/api/x?VPkcj1lx6A3hD6bL$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQ3Mjh4OTAiLCJpbm5lciQwJDcyOHg5MCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQwJDEiLCJhcHBDb2RlTmFtZSQwJE1vemlsbGEiLCJhcHBOYW1lJDAkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDAkNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQ4IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkTGludXggeDg2XzY0IiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQxJDEiLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsImZvbnRyZW5kZXIkMSQxIiwid2ViZ2wkMiRuL2EiLCJ0aW1lJDIkMTU1NzEzODU1MjYwMyIsInRpbWV6b25lJDIkMCIsInBsdWdpbnMkMiROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQyJDMwLjI3MDc5NiIsIm1lbS11c2VkSlNIZWFwU2l6ZSQyJDIzLjM0Mzg0NCIsIm1lbS1qc0hlYXBTaXplTGltaXQkMiQyMTk3LjgxNTI5NiIsInRpbWUtcmVzcG9uc2VFbmQkMiQxIiwidGltZS1kb21Mb2FkaW5nJDIkMSIsInRpbWUtZG9tSW50ZXJhY3RpdmUkMiQxIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQyJDEiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQyJDEiLCJ0aW1lLWRvbUNvbXBsZXRlJDIkMSIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQyJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ2JDAuMjciLCJnbG9iYWxzJDYkYjM5ZTY4OWIiLCJkb2N1bWVudC10aW1lJDkkMC4zNiIsImRvY3VtZW50JDkkMTg4MDhkZTQiLCJjb25uZWN0aW9uJDkkIiwiZG93bmxpbmtNYXgkOSQiLCJnZXRVc2VyTWVkaWEkOSQyIiwiY2xvY2skMTQkNTE5MCIsImJhdHRlcnkkMTYkMSAxIDAgSW5maW5pdHkiLCJpbnRlcnNlY3Rpb24tc2l6ZSQxNiQxNTg1eDEyMDAiLCJhdWRpb2NvbnRleHQkMzUkOTZlMTRiZWYiLCJzb3J0JDYyJDEyLjYzIiwiZnJhbWVyYXRlJDExOCQ5MCIsImFkYmxvY2skMTg5JDA HTTP 302
  • https://api-54-184-89-98.b2c.com:444/api/4?VPkcj1lx6A3hD6bL
Request Chain 199
  • https://api-54-191-148-31.b2c.com/api/x?mgT6cNhIzhyWX4cO$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQzMDB4MjUwIiwiaW5uZXIkMCQzMDB4MjUwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDgiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQxJDEiLCJ3ZWJnbCQyJG4vYSIsInRpbWUkMiQxNTU3MTM4NTUyODY4IiwidGltZXpvbmUkMiQwIiwicGx1Z2lucyQyJE5vbmUiLCJtZW0tdG90YWxKU0hlYXBTaXplJDMkNDIuMzU2NDkiLCJtZW0tdXNlZEpTSGVhcFNpemUkMyQzMy41MDAzMyIsIm1lbS1qc0hlYXBTaXplTGltaXQkMyQyMTk3LjgxNTI5NiIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQzJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMyRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ2JDAuMyIsImdsb2JhbHMkNiRiMzllNjg5YiIsImRvY3VtZW50LXRpbWUkOSQwLjQzNSIsImRvY3VtZW50JDkkMTg4MDhkZTQiLCJjb25uZWN0aW9uJDkkIiwiZG93bmxpbmtNYXgkOSQiLCJnZXRVc2VyTWVkaWEkMTAkMiIsImNsb2NrJDE0JDUyNzQiLCJiYXR0ZXJ5JDE4JDEgMSAwIEluZmluaXR5IiwiaW50ZXJzZWN0aW9uLXNpemUkMTgkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDE4JDAuNXgwIDMwMHgyNTAiLCJpbnRlcnNlY3Rpb24kMTgkMTAwIiwiYXVkaW9jb250ZXh0JDIxJDk2ZTE0YmVmIiwic29ydCQ2MyQxMi4wNDUiLCJmcmFtZXJhdGUkMTIwJDgw HTTP 302
  • https://api-54-191-148-31.b2c.com:444/api/4?mgT6cNhIzhyWX4cO
Request Chain 202
  • https://api-54-191-148-31.b2c.com/api/x?fOarLYOAK2q939xt$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQzMDB4MjUwIiwiaW5uZXIkMCQzMDB4MjUwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDgiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQxJDEiLCJ3ZWJnbCQyJG4vYSIsInRpbWUkMiQxNTU3MTM4NTUzMDQ4IiwidGltZXpvbmUkMiQwIiwicGx1Z2lucyQyJE5vbmUiLCJtZW0tdG90YWxKU0hlYXBTaXplJDIkNDIuNTk0MzA2IiwibWVtLXVzZWRKU0hlYXBTaXplJDIkMjUuMjUwODM0IiwibWVtLWpzSGVhcFNpemVMaW1pdCQyJDIxOTcuODE1Mjk2IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDIkMCIsIm5hdmlnYXRpb24tdHlwZSQyJG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDYkMC4yNzUiLCJnbG9iYWxzJDYkYjM5ZTY4OWIiLCJkb2N1bWVudC10aW1lJDkkMC4zNDUiLCJkb2N1bWVudCQ5JDE4ODA4ZGU0IiwiY29ubmVjdGlvbiQ5JCIsImRvd25saW5rTWF4JDkkIiwiZ2V0VXNlck1lZGlhJDkkMiIsImNsb2NrJDE0JDUyNjUiLCJiYXR0ZXJ5JDE2JDEgMSAwIEluZmluaXR5IiwiaW50ZXJzZWN0aW9uLXNpemUkMTkkMTU4NXgxMjAwIiwiYXVkaW9jb250ZXh0JDIxJDk2ZTE0YmVmIiwic29ydCQ0OCQxMi4xMSIsImZyYW1lcmF0ZSQxMjMkOTA HTTP 302
  • https://api-54-191-148-31.b2c.com:444/api/4?fOarLYOAK2q939xt
Request Chain 209
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1800705892&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=lytics_refresh&ea=undefined&_u=aGjAAAADQ~&jid=2049429992&gjid=314138323&cid=1287632925.1557138551&tid=UA-1290429-10&_gid=157577192.1557138553&_r=1&gtm=2wg430W475TQW&cd20=all&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=Normal%20(22%20segments%20found)&z=1209078573 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_gid=157577192.1557138553&gjid=314138323&_v=j73&z=1209078573 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_v=j73&z=1209078573 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_v=j73&z=1209078573&slf_rd=1&random=4113001580

211 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.scmagazine.com/home/security-news/ransomware/
Redirect Chain
  • https://www.scmagazine.com/home/security-news/ransomware
  • https://www.scmagazine.com/home/security-news/ransomware/
100 KB
23 KB
Document
General
Full URL
https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.86.64.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-64-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e9d73357762106b18f76b3928abdb163ed12ce82ea8f813437b05b13bb4c9551

Request headers

:method
GET
:authority
www.scmagazine.com
:scheme
https
:path
/home/security-news/ransomware/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 06 May 2019 10:29:09 GMT
content-type
text/html; charset=UTF-8
link
<https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
wpe-backend
apache
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
vary
Accept-Encoding,Cookie,X-WPENGINE-SEGMENT
x-cache
HIT: 1
x-pass-why
x-cache-group
normal
x-type
default
content-encoding
gzip

Redirect headers

status
301
server
nginx
date
Mon, 06 May 2019 10:29:09 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.scmagazine.com/home/security-news/ransomware/
expires
Mon, 06 May 2019 10:10:55 GMT
wpe-backend
apache
x-cacheable
non200
cache-control
max-age=600, must-revalidate
vary
X-WPENGINE-SEGMENT
x-cache
HIT: 1
x-pass-why
x-cache-group
normal
x-type
default
style.css
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/gutenberg/build/block-library/
25 KB
5 KB
Stylesheet
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=1556102412
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2b63a484e50b0887ede8571126709a164efc6d3647d5982fb520098be0b6a888

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:12 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0c-65ac"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
public, max-age=2592000
shared-style.min.css
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/
48 KB
8 KB
Stylesheet
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/shared-style.min.css?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
33fe4fe8214760f15a5fdd753b5c396ee5b916e5d6f66f79d4765ed260706723

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-c05a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
public, max-age=2592000
style.min.css
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/
237 KB
41 KB
Stylesheet
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
098743ea606dd806c2f270b0c0755b76d7b132137855ae829e3c84d425ad74f7

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-3b514"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
public, max-age=2592000
css
fonts.googleapis.com/
3 KB
524 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
87f07c950fc6225d6186aecfc5a59b2de45724dd85fceb1dc736c081294279c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 06 May 2019 10:29:09 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 06 May 2019 10:29:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:09 GMT
css
fonts.googleapis.com/
825 B
458 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Bree+Serif&ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
cfe0a4e83927b1dbabba7682082338520b9a150ce2c51ae2298638bc52ed3deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 06 May 2019 10:29:09 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 06 May 2019 10:29:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:09 GMT
jquery.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/
95 KB
39 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2019 19:57:54 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cb633c2-17ba0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
jquery-migrate.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2019 19:57:54 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cb633c2-2748"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
cookie.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/mu-plugins/cookie-controller/js/
2 KB
1 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/mu-plugins/cookie-controller/js/cookie.min.js?ver=1.2
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/backed
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:12 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0c-834"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
UtilityMove-custom.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/
2 KB
1 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-751"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
polyfill.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/js/frontend/
102 KB
39 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/js/frontend/polyfill.min.js?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-19873"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
gpt.js
www.googletagservices.com/tag/js/
32 KB
11 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1fedeea2414aa110b9a105916a2479e93cc7e35a70d56612c34ce9df7fe03600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"157 / 19 of 1000 / last-modified: 1556837274"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10657
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:09 GMT
ads.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/
18 KB
7 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/ads.min.js?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8acc380a80d055662dc58a84fb8d051e47fca4a2f86b99d7e04e6f75561557b3

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-49fc"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
SC-MAGAZINE30ANNYnotag.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/02/
43 KB
44 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/02/SC-MAGAZINE30ANNYnotag.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8cad642d5009d9f538c20ce327532bea1a130c019fae995d6d37da325626347d

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:45:30 GMT
server
NetDNA-cache/2.2
etag
"1dc9d1e945b5c2a7876fc969ff3ec27d"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
44360
expires
Sat, 25 May 2019 12:56:58 GMT
ransomwareexperttipsfeature10_1094622-3.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/
9 KB
9 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/ransomwareexperttipsfeature10_1094622-3.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
81e45cca393b1656b213e8f0e12e9acd735929f5c0313d8d1791a42262a68e38

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:31:39 GMT
server
NetDNA-cache/2.2
etag
"10622850d0b8dad5c1978a270b83300a"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8781
expires
Sun, 02 Jun 2019 05:13:02 GMT
educationransomwarefbtw105790_1182547-9.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/
121 KB
121 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/educationransomwarefbtw105790_1182547-9.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8baed99ba6bd164b0e13382da25941e798c767a71431300c12ba5328ea9a127b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:19:01 GMT
server
NetDNA-cache/2.2
etag
"12e6adbda8a9a4fac870ca9302396469"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
123690
expires
Fri, 31 May 2019 19:35:02 GMT
Yandex-544x306.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/04/
35 KB
36 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/04/Yandex-544x306.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
80645e47680838cf12e3d997332f320e6d91c4fd46ed7c6f1c48590499006695

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
largefs
date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Tue, 30 Apr 2019 21:18:10 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"5cc8bb92-8d09"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000, public, max-age=2592000
accept-ranges
bytes
content-length
36105
expires
Thu, 30 May 2019 23:00:48 GMT
crabegg_1475711-640x347.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/
39 KB
40 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/crabegg_1475711-640x347.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a840b692909bd0d8e943c0c3d8f76b2ceba1abba6dce560f44ded11c19b8855f

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:41:45 GMT
server
NetDNA-cache/2.2
etag
"329976afcaf3002b3eab9d0579702327"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
40429
expires
Tue, 04 Jun 2019 07:10:48 GMT
ransomscreen_1223284-640x347.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/
84 KB
84 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/ransomscreen_1223284-640x347.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
775b77a13374329ce5097c8d46dad99a81680ddd00fe4d7a685832074cb17491

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:42:06 GMT
server
NetDNA-cache/2.2
etag
"a2f9422ce0b34118be476410b132797d"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
86000
expires
Tue, 04 Jun 2019 19:12:16 GMT
gtm.js
www.googletagmanager.com/
101 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
3464c645a0c4fe4ff460238ef3a56ccf503c45481c8083173b6aab7a42f6a5d1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
br
last-modified
Wed, 01 May 2019 22:14:49 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27981
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:10 GMT
Hopkins-Airport-544x306.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/04/
32 KB
32 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/04/Hopkins-Airport-544x306.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
70e2427de189d09cb1a09e1f852d2d845eb586b8de7b11a7efde38d6b8462e31

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
largefs
date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Thu, 25 Apr 2019 19:00:14 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"5cc203be-7f6a"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000, public, max-age=2592000
accept-ranges
bytes
content-length
32618
expires
Sat, 25 May 2019 19:18:27 GMT
grandcrab_1366586-1-640x347.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/
81 KB
81 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/grandcrab_1366586-1-640x347.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
17662c5be704891af65aba3b8b24053e2ec25b3733e07d96b8567237405b5a8c

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:21:57 GMT
server
NetDNA-cache/2.2
etag
"ff9c32a80bf146d3d9e5d63b81fce55b"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
82444
expires
Wed, 05 Jun 2019 03:43:49 GMT
gettyimages685414404_1234109-640x343.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/
33 KB
33 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/gettyimages685414404_1234109-640x343.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e8cc1bea13a89334c12383cb26594a1e27901916a8b5abefc40f1875b3cf2c90

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:21:31 GMT
server
NetDNA-cache/2.2
etag
"71133c9e790495eca55759363076ccac"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33409
expires
Wed, 05 Jun 2019 10:03:03 GMT
ransomware2_1308382-1-640x347.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/
42 KB
43 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/ransomware2_1308382-1-640x347.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6373dd3d6205ea9cdaf87cb61d30245411b2aaaf971efe1ff432e54741a4fddd

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:42:06 GMT
server
NetDNA-cache/2.2
etag
"f48e6f870170b2db2dcf6a33f30e7f99"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43284
expires
Wed, 05 Jun 2019 09:04:47 GMT
1027701108_726363.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/
35 KB
35 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/1027701108_726363.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c7f13a468d60a65004bc637fcb7ebff7d7a4997384086921e2dc958a8e29eca5

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 22 Apr 2019 17:07:23 GMT
server
NetDNA-cache/2.2
etag
"311ade277221581d389d4be694e8212b"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35624
expires
Wed, 05 Jun 2019 09:04:47 GMT
spinner.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/
694 B
649 B
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/spinner.svg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-2b6"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
Instagram2-150x150.jpg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/04/
6 KB
7 KB
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/04/Instagram2-150x150.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f532d62797e0a52322a5bd0820339315268535b757038d29244c345bd251452e

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 06 May 2019 10:29:10 GMT
last-modified
Mon, 29 Apr 2019 07:14:26 GMT
server
NetDNA-cache/2.2
etag
"12c069999ac0399295c4ce4f52bb04b5"
x-cache
MISS
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6626
expires
Wed, 05 Jun 2019 10:29:10 GMT
2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js
content.maropost.com/uploads/1325/websites/1/
3 KB
3 KB
Script
General
Full URL
https://content.maropost.com/uploads/1325/websites/1/2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js?ver=1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:c200:1b:fadc:b780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c7e4012cb73f8c0836fa8aee34bb0da2250b5af84d0c4a1959d60764597f05a

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 07:15:34 GMT
via
1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
last-modified
Thu, 13 Dec 2018 20:46:06 GMT
server
AmazonS3
age
32912
etag
"33bca5680760348835deea8e5dcbdb62"
x-cache
Hit from cloudfront
status
200
accept-ranges
bytes
content-length
2565
x-amz-cf-id
kulLUTQzWp4eJ1kRUdHZITeHdSv7YLvMogQXUE8xTMW40C2hvjCgkQ==
comment_count.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/
889 B
706 B
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:12 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0c-379"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
blocks.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/
7 KB
3 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/blocks.min.js?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
64c0f386e23546b11ab28e437684f0ea24cd9e538978c492d8afcb6af9444bc4

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-1b01"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
feather-tool.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/
550 B
632 B
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.0
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
94308b25a82c6c94b07808115e379e4f4151bde0c44100015cda9cb1c5cdb0e7

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:12 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0c-226"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
hmi-registration-ui.manifest.js
s3.amazonaws.com/haymarket-reg-js/develop/production/
798 B
1 KB
Script
General
Full URL
https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.manifest.js?ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.128.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1d90939dba16916ae487a09245dfb95ea74654b16d67d90e2621e3ac0be0cef0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Last-Modified
Wed, 01 May 2019 16:41:51 GMT
Server
AmazonS3
x-amz-request-id
B19FBD527562A750
ETag
"4676462bfbf5747529591ea2816a9e0c"
Content-Type
application/javascript
Content-Length
798
Accept-Ranges
bytes
x-amz-version-id
H4BrLn8vwlPcStgvuGAFv.leIpVidSmD
x-amz-id-2
IUWWUdE8E4Awip0Q8CL2k7r9dZRVT4Qmh8oqRwozhpRFBDzFxm7OfueoKFO34kZC20OEL5OpcOc=
hmi-registration-ui.vendor.js
s3.amazonaws.com/haymarket-reg-js/develop/production/
337 KB
338 KB
Script
General
Full URL
https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.vendor.js?ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.128.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e43e078b242c478fb2a0d2e8d1b21dabc9cf8ab15a33d82a8b18a81570ecde26

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Last-Modified
Wed, 01 May 2019 16:41:51 GMT
Server
AmazonS3
x-amz-request-id
F0CE427CE073E003
ETag
"3f49c3de8bde352b9a2d43cbe9a80f38"
Content-Type
application/javascript
Content-Length
345181
Accept-Ranges
bytes
x-amz-version-id
.QvjCYnr6jpaxNnGW6WWFbuUC9bvrQkU
x-amz-id-2
jF8CDeyeRGsDl2cTu2a6MWzkJlTsJlZcWbXxm3gPItwl01euv1h/Uric7TIvJRLD6I/+rPSBCN4=
hmi-registration-ui.bundle.js
s3.amazonaws.com/haymarket-reg-js/develop/production/
517 KB
518 KB
Script
General
Full URL
https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.bundle.js?ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.128.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
227c4cdbdd59fc06aea14f495bd4909d9fc1fb9db12595d12a18beefcbe65a0e

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Last-Modified
Wed, 01 May 2019 16:41:51 GMT
Server
AmazonS3
x-amz-request-id
E3425ADB66B689B0
ETag
"1d37bbc4e5a9b88fba0ec3df3d2c52b1"
Content-Type
application/javascript
Content-Length
529725
Accept-Ranges
bytes
x-amz-version-id
1kEgXH3jTslxRhmMsU56XuVbXj8EreX7
x-amz-id-2
KNU29HGe07JoNEkmWJkqhNV30sVwR66oyF2MtO54ONib32sbLxVuVqLMEvCxcu9IiZuNRKzGTCM=
frontend.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/
134 KB
43 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2021090a16dfd63c9098cfd3235755b4cc700f20268a9f12e07498417b5ad778

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-21624"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
iab.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/
8 KB
2 KB
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1556102413
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e38c283cf693ccc86f81942e7cae20849f0cfd639bfd5e7362677d91e8f0d4b5

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-1ecd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
wp-embed.min.js
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/
1 KB
1017 B
Script
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=4.9.10
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2019 19:57:54 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cb633c2-57b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
public, max-age=2592000
src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin
https://www.scmagazine.com

Response headers

date
Mon, 25 Mar 2019 20:19:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:00 GMT
server
sffe
age
3593371
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:39 GMT
chevron-right-white.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/
190 B
416 B
Image
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/chevron-right-white.svg
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8e0da2e2d764c1a202d33dd39287784df8ac6bc20c7401ea14f2d62001292856

Request headers

Referer
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1556102413
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"5cc03d0d-be"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v15/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin
https://www.scmagazine.com

Response headers

date
Mon, 25 Mar 2019 20:19:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:18 GMT
server
sffe
age
3593371
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:39 GMT
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v15/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v15/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin
https://www.scmagazine.com

Response headers

date
Mon, 25 Mar 2019 20:26:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:31 GMT
server
sffe
age
3592935
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14864
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:26:55 GMT
src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019043001.js
securepubads.g.doubleclick.net/gpt/
150 KB
55 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
sffe /
Resource Hash
e7b43567491c251c9cd052c69fe953de1b1e8a86ad15fafc20692b513bc4e49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2019 10:44:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55804
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:10 GMT
src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
0
0

count.js
scmagazineus.disqus.com/
1 KB
1 KB
Script
General
Full URL
https://scmagazineus.disqus.com/count.js
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2138412
P3P
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 09 Apr 2019 23:50:33 GMT
Server
nginx
ETag
"5cad2fc9-367"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3401
date
Mon, 06 May 2019 09:32:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 06 May 2019 11:32:29 GMT
7341.js
script.crazyegg.com/pages/scripts/0034/
89 KB
28 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0034/7341.js?432538
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b3a8ce3d8de5757bc9b97e1ab474a0d3a1234c3c874c491948186c78bd34cf

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
via
1.1 cd103c18819ef0db201c8a8cb9162bd2.cloudfront.net (CloudFront)
cf-cache-status
HIT
cf-polished
origSize=90754
x-cache
Hit from cloudfront
status
200
content-encoding
gzip
last-modified
Thu, 25 Apr 2019 16:04:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private, max-age=300
cf-ray
4d2a45863b29bf05-FRA
x-amz-cf-id
5AMKpC7zOGylLUcJqq1bksaWEkB3zAWeRqVkm5fwOBVhAnzfwFtlFA==
cf-bgj
minify
init-131xlxqjsfx7lh82dpc.js
api.b2c.com/api/
12 KB
5 KB
Script
General
Full URL
https://api.b2c.com/api/init-131xlxqjsfx7lh82dpc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:bd1a:4974:a807:5cd6 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
07e7c0ff59e33d2cb36c7d2a30c4107a9759a550fd5d0118eba4ae776467f950

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:11 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1
insight.min.js
snap.licdn.com/li.lms-analytics/
15 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=50002
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
chartbeat.js
static.chartbeat.com/js/
35 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:5600:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 01:07:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 01:35:46 GMT
server
nginx
age
33684
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-id
uyh4aTnktBlaGhi9lF0GmKYpbkQwqDDBjZwBasyVF9c0XMfy3aTKMg==
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
expires
Mon, 06 May 2019 01:07:46 GMT
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
5 B
396 B
Script
General
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.126.130.202 , United States, ASN1422 (MEDIA6-ASN - Media6degrees, US),
Reverse DNS
action-s.pipelane.net
Software
Apache-Coyote/1.1 /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Content-Language
en-US
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/html;charset=ISO-8859-1
Content-Length
5

Redirect headers

Access-Control-Allow-Origin
*
Date
Mon, 06 May 2019 10:29:11 GMT
Server
Apache/2.4.6 (CentOS)
Connection
close
Content-Length
343
Location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Content-Type
text/html; charset=iso-8859-1
nspix
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
  • https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
43 B
308 B
Image
General
Full URL
https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.126.130.202 , United States, ASN1422 (MEDIA6-ASN - Media6degrees, US),
Reverse DNS
action-s.pipelane.net
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
image/gif
Content-Length
43

Redirect headers

Access-Control-Allow-Origin
*
Date
Mon, 06 May 2019 10:29:11 GMT
Server
Apache/2.4.6 (CentOS)
Connection
close
Content-Length
359
Location
https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Content-Type
text/html; charset=iso-8859-1
nspix
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
  • https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
43 B
308 B
Image
General
Full URL
https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.126.130.202 , United States, ASN1422 (MEDIA6-ASN - Media6degrees, US),
Reverse DNS
action-s.pipelane.net
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
image/gif
Content-Length
43

Redirect headers

Access-Control-Allow-Origin
*
Date
Mon, 06 May 2019 10:29:11 GMT
Server
Apache/2.4.6 (CentOS)
Connection
close
Content-Length
371
Location
https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Content-Type
text/html; charset=iso-8859-1
lio.js
c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/
45 KB
11 KB
Script
General
Full URL
https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1556102413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
21659a119a8c1723c186e29f0ad990ff6271168797ff34a4757b1d55728664e3

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
public, max-age=14400
cf-ray
4d2a4586fb366341-FRA
expires
Mon, 06 May 2019 14:29:10 GMT
most-widget
www.scmagazine.com/wp-json/haymarket/v1/
5 KB
2 KB
XHR
General
Full URL
https://www.scmagazine.com/wp-json/haymarket/v1/most-widget?id=most-4
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1556102413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.86.64.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-64-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7eff8563aa767c7f2ab4b5e066414c02f091480a7530a2fe19ab9da8f53e82e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
default
date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
SHORT
x-cache
HIT: 12
status
200
vary
Accept-Encoding,Cookie
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
wpe-backend
apache
server
nginx
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
x-robots-tag
noindex
link
<https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
x-pass-why
sso
www.scmagazine.com/wp-json/haymarket/v1/
22 B
451 B
XHR
General
Full URL
https://www.scmagazine.com/wp-json/haymarket/v1/sso
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1556102413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.86.64.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-64-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6f0e697e19c9264d7bde41e92f70f4e031501562c1112aa0cd1ce7782361ce11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
default
date
Mon, 06 May 2019 10:29:10 GMT
x-content-type-options
nosniff
x-cacheable
SHORT
x-cache
HIT: 30
status
200
vary
Accept-Encoding,Cookie
content-length
22
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
wpe-backend
apache
server
nginx
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
x-pass-why
js
www.google-analytics.com/gtm/
51 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TCMLVLP&t=gtm1&cid=1287632925.1557138551
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
fabf72e32ab595f617a78bba18d0372a6781e78933487a35c9a96839e1ee125e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:10 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
19707
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:10 GMT
ads
securepubads.g.doubleclick.net/gampad/
452 B
483 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1257841207854275&correlator=118669874334714&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062151%2C21063195%2C21063452%2C21063505%2C370204058&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2FOOP_skin&sz=1x1&ists=1&scp=pos%3DOOP_skin&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3D%26browser%3DChrome%252067&cookie_enabled=1&bc=15&abxe=1&lmt=1557138550&dt=1557138550991&dlt=1557138549770&idt=1014&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=3637&adk=2911844303&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=53&icsg=37178310656&std=0&csl=169&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x3637&msz=1585x1&blev=1&bisch=1&ga_vid=1287632925.1557138551&ga_sid=1557138551&ga_hid=1800705892&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e20081a9e7faba9195f8e999fc4ea1a614bbdbb22b8cc219a7d742f767aa23d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
301
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019043001.js
securepubads.g.doubleclick.net/gpt/
71 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
sffe /
Resource Hash
12a0b01fda65dafdfecf773d1e3882c97a31562463aef37b93ece475f3412033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2019 10:44:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27457
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:11 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
8 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1257841207854275&correlator=118669874334714&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21062151%2C21063195%2C21063452%2C21063505%2C370204058&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2FOOP_prestitial&sz=1x1&ists=1&scp=pos%3DOOP_prestitial&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3D%26browser%3DChrome%252067&cookie_enabled=1&bc=15&abxe=1&lmt=1557138551&dt=1557138551003&dlt=1557138549770&idt=1014&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=3638&adk=2631322642&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=55&icsg=37178310656&std=0&csl=181&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x3638&msz=1585x1&blev=1&bisch=1&ga_vid=1287632925.1557138551&ga_sid=1557138551&ga_hid=1800705892&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
4b4bb336bc36d07f7cdc5cc26fa3547a543d64406f4b2364b53e9a1c1cd90311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
3160
x-xss-protection
0
google-lineitem-id
133592065
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138268923860
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=scmagazine.com&p=%2Fhome%2Fsecurity-news%2Fransomware%2F&u=BR_xxnDIj3rnBdRvZq&d=scmagazine.com&g=56851&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3639&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2045&t=CUbMwuBz2fy7D0SyRFDrHs-ID5_CYP&V=113&i=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&tz=0&sn=1&sv=CZpJUBC33VJzD5-HgvDReh64OaqC&sd=1&im=067b2fff&_
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.223.248 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-196-223-248.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 06 May 2019 10:29:11 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
boomerang.min.js
cdn.feathr.co/js/
84 KB
26 KB
Script
General
Full URL
https://cdn.feathr.co/js/boomerang.min.js
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:f863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ed2c77a12d6be1eb2ca8462376dc9bc53fb4fae1585b1c83aa039c430c7db55

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Mar 2019 12:47:14 GMT
server
cloudflare
x-amz-request-id
54207C51B1130A6C
etag
W/"7ada2ce9a8c84c157b49a7c077a78d55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4d2a45883d70c2b8-FRA
x-amz-id-2
iK+C7kqvkztLe+sCpm8j1P33xcTe95WwV7R9LANV4Mo56pwYbae/f+t0OasjPBcyEaqeQGGmpyo=
expires
Mon, 06 May 2019 14:29:11 GMT
io.min.js
c.lytics.io/static/v2/
13 KB
6 KB
Script
General
Full URL
https://c.lytics.io/static/v2/io.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 02 May 2019 23:26:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
public, max-age=14400
cf-ray
4d2a4588ad9f6341-FRA
expires
Mon, 06 May 2019 14:29:11 GMT
tag.aspx
ml314.com/
26 KB
12 KB
Script
General
Full URL
https://ml314.com/tag.aspx?642019
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2bf96ddd3980547587d2dbb32c14e3892b59c5fc8b13b7e8dd14c0f71cf99628

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 May 2019 05:52:16 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=69784
Connection
keep-alive
Content-Length
11914
Expires
Tue, 07 May 2019 05:52:16 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1800705892&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_gid=357245864.1557138551&gjid=1180557067&_v=j73&z=235851700
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_v=j73&z=235851700
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_v=j73&z=235851700&slf_rd=1&random=1486310470
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_v=j73&z=235851700&slf_rd=1&random=1486310470
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:11 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=686803991&_v=j73&z=235851700&slf_rd=1&random=1486310470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utsync.ashx
ml314.com/
793 B
1 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=53884&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&pv=1557138551241_e95q1jpd9&bl=en-us&cb=2421008&return=&ht=&d=&dc=&si=1557138551241_e95q1jpd9&cid=&s=1600x1200&rp=
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?642019
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce48b56b01494add2ac61f03dc9ebed9afa5ca880bac8122bdc12637e775a326

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:11 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
486
Expires
0
ud.ashx
in.ml314.com/
20 B
698 B
Script
General
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=642019
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?642019
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.53.91 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-235-53-91.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, no-cache="set-cookie"
Connection
keep-alive
Content-Length
138
Expires
Tue, 07 May 2019 10:29:11 GMT
truncated
/ Frame F651
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5db1bece372cbf6ce7ba944b437e9eae7c9462fc1d0af290e2804a9b7df41728

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
osd.js
www.googletagservices.com/activeview/js/current/
76 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7152dcb01b90c6ed422e5fbf423b3b692320c5070f5c42be9ec4cabf1d936987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1556617735866586"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28664
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:11 GMT
imgad
tpc.googlesyndication.com/pagead/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMRf4JZMAibfc3CIlJ_t_zpTXb-zvRqM9EPaqAI02uc5XwVhSY5dIOaPMCI5dSI0gi4Nph4KQQhi8WfLb1ti8vkPAHLLeDF3a0Ol4EM4jssLE9q1hJdfaDqj1MG2Hp3rFNQdOelW7bD...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCHspyDXhABGAEyCGzdfeWAGUXM
49 KB
49 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCHspyDXhABGAEyCGzdfeWAGUXM
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c1185cb3e5019a69dafdda3080d6e8f9d3d6a6c87942a7c4ddc31438fd205ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 May 2019 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
age
15364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
49899
x-xss-protection
0
expires
Mon, 13 May 2019 06:13:07 GMT

Redirect headers

date
Mon, 06 May 2019 10:29:11 GMT
x-content-type-options
nosniff
content-type
text/html; charset=UTF-8
server
cafe
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCHspyDXhABGAEyCGzdfeWAGUXM
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
8
c.lytics.io/cid/
77 B
333 B
Script
General
Full URL
https://c.lytics.io/cid/8?callback=jQuery112407162587639454123_1557138550531&_=1557138550532
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
044be58593967df0304de991b9e7ff63cd46655890e6d6350c79018b5343a77f

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:11 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
text/javascript
status
200
content-encoding
br
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a45897ead6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
integrations
polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/
54 B
309 B
Fetch
General
Full URL
https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/integrations
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.196.212.82 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-196-212-82.compute-1.amazonaws.com
Software
nginx/1.15.9 /
Resource Hash
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
server
nginx/1.15.9
status
200
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With, Content-Type, Authorization
content-length
54
refresh
marco.feathr.co/v1/
43 B
548 B
Image
General
Full URL
https://marco.feathr.co/v1/refresh
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.92 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-92.fra53.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
via
1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-apigw-id
ZQbiqHnWIAMFctQ=
x-amzn-requestid
c9c75e30-6fe9-11e9-86f9-e5081685bce1
access-control-allow-methods
*
content-type
image/gif
status
200
x-amzn-trace-id
Root=1-5cd00c77-008a156c6b1aa6b0bcf15c0c;Sampled=0
x-cache
Miss from cloudfront
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key
content-length
43
x-amz-cf-id
K-ByDbdt_U1fecTiqIBjS8-uA-Mn3XPJwKqqYlRWXIrFtjK1HdffZg==
csync.ashx
ml314.com/
Redirect Chain
  • https://tags.bluekai.com/site/20486?limit=0&id=5978151472775359915&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151472775359915%26eid=50056
  • https://ml314.com/csync.ashx?fp=mxkXJQ9999OhUBOz&person_id=5978151472775359915&eid=50056
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=mxkXJQ9999OhUBOz&person_id=5978151472775359915&eid=50056
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Tue, 07 May 2019 06:29:11 GMT

Redirect headers

Location
https://ml314.com/csync.ashx?fp=mxkXJQ9999OhUBOz&person_id=5978151472775359915&eid=50056
Date
Mon, 06 May 2019 10:29:11 GMT
Connection
keep-alive
Content-Length
0
BK-Server
d0f7
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=5978151472775359915
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ3Mjc3NTM1OTkxNRAAGg0I95jA5gUSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=5ab9cb9491744d7568e651a350b538d7eb1e6547b4902cd7f9d12f88f72db6e9f4cb09cee1a4f8eb&person_id=5978151472775359915&eid=50082
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=5ab9cb9491744d7568e651a350b538d7eb1e6547b4902cd7f9d12f88f72db6e9f4cb09cee1a4f8eb&person_id=5978151472775359915&eid=50082
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:10 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Tue, 07 May 2019 06:29:11 GMT

Redirect headers

date
Mon, 06 May 2019 10:29:11 GMT
via
1.1 google
location
https://ml314.com/csync.ashx?fp=5ab9cb9491744d7568e651a350b538d7eb1e6547b4902cd7f9d12f88f72db6e9f4cb09cee1a4f8eb&person_id=5978151472775359915&eid=50082
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
307
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
csync.ashx
ml314.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151472775359915%26eid=50220
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151472775359915%26eid=50220&mm_bnc&mm_bct
  • https://ml314.com/csync.ashx?fp=17af5cd0-06a5-4600-9bd8-fb87b56f4fd3&person_id=5978151472775359915&eid=50220
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=17af5cd0-06a5-4600-9bd8-fb87b56f4fd3&person_id=5978151472775359915&eid=50220
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Tue, 07 May 2019 06:29:11 GMT

Redirect headers

Date
Mon, 06 May 2019 10:29:11 GMT
Server
MT3 988 ee82337 master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ml314.com/csync.ashx?fp=17af5cd0-06a5-4600-9bd8-fb87b56f4fd3&person_id=5978151472775359915&eid=50220
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 06 May 2019 10:29:10 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151472775359915
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151472775359915
  • https://ml314.com/csync.ashx?fp=f5f2415846ae7124d1c8b9334793ff7d&eid=50146&person_id=5978151472775359915
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=f5f2415846ae7124d1c8b9334793ff7d&eid=50146&person_id=5978151472775359915
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Tue, 07 May 2019 06:29:11 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:11 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://ml314.com/csync.ashx?fp=f5f2415846ae7124d1c8b9334793ff7d&eid=50146&person_id=5978151472775359915
Cache-Control
no-cache
X-Server
10.26.12.189
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2PC-L9kfCVzSGd1rUpe8kF5IPfu5RYdgVvCH27rIwez4&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
  • https://ml314.com/csync.ashx?fp=2PC-L9kfCVzSGd1rUpe8kF5IPfu5RYdgVvCH27rIwez4&person_id=5978151472775359915&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
70 B
171 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.195.251.148 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-251-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:11 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Date
Mon, 06 May 2019 10:29:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control
private
Connection
keep-alive
Content-Length
168
Expires
Tue, 07 May 2019 06:29:11 GMT
ad.gif
api-54-184-89-98.b2c.com/api/
43 B
233 B
Image
General
Full URL
https://api-54-184-89-98.b2c.com/api/ad.gif
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5800:5f6f:fa07:5509:9db2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:12 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
2667d42f2a68aa694f03b881af943ebd
api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/ Frame EE48
0
0
Document
General
Full URL
https://api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/2667d42f2a68aa694f03b881af943ebd?segments=true&mergestate=true&ts=1557138551429
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.192.113 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
113.192.227.35.bc.googleusercontent.com
Software
lytics.io d55b0aab67 /
Resource Hash

Request headers

:method
GET
:authority
api.lytics.io
:scheme
https
:path
/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/2667d42f2a68aa694f03b881af943ebd?segments=true&mergestate=true&ts=1557138551429
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.scmagazine.com/home/security-news/ransomware/
accept-encoding
gzip, deflate, br
cookie
__cfduid=dd8ed68b6d271bd78be3d38ea095405441557138550; seerid=2667d42f2a68aa694f03b881af943ebd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/

Response headers

status
200
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods
GET
access-control-allow-origin
content-encoding
gzip
content-type
text/html
server
lytics.io d55b0aab67
date
Mon, 06 May 2019 10:29:11 GMT
content-length
294
via
1.1 google
alt-svc
clear
4
api-54-184-89-98.b2c.com/api/
Redirect Chain
  • https://api-54-184-89-98.b2c.com/api/x?8EndfCXsGPt4f508$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlb...
  • https://api-54-184-89-98.b2c.com:444/api/4?8EndfCXsGPt4f508
0
-1 B
XHR
General
Full URL
https://api-54-184-89-98.b2c.com:444/api/4?8EndfCXsGPt4f508
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5800:5f6f:fa07:5509:9db2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:12 GMT
Server
openresty
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
https://api-54-184-89-98.b2c.com:444/api/4?8EndfCXsGPt4f508
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158

Redirect headers

Date
Mon, 06 May 2019 10:29:12 GMT
Server
openresty
Location
https://api-54-184-89-98.b2c.com:444/api/4?8EndfCXsGPt4f508
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158
/
px.ads.linkedin.com/collect/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1
  • https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1557138551731%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity...
  • https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
0
165 B
Script
General
Full URL
https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
c+jXQkQRnBWgfYuzNysAAA==

Redirect headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
x-li-pop
prod-edc2
content-length
20
x-li-uuid
f8NFWUMRnBWgMFScMCsAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect/?time=1557138551731&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
script.js
polo.feathr.co/v1/analytics/match/
290 B
597 B
Script
General
Full URL
https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.96.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-5-96-203.compute-1.amazonaws.com
Software
nginx/1.15.9 /
Resource Hash
e4a96fc72b3ccb154010e860d52711beddc6fbbd5c76e56c48a26464043c3414
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
server
nginx/1.15.9
access-control-allow-origin
*
etag
"5cd00c7714baa30001d028f8"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
content-type
text/javascript
status
200
cache-control
no-cache, max-age=0
access-control-allow-headers
X-Requested-With, Content-Type, Authorization
content-length
290
pixel.js
polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/
32 B
320 B
Script
General
Full URL
https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/pixel.js?pk=feathr
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.96.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-5-96-203.compute-1.amazonaws.com
Software
nginx/1.15.9 /
Resource Hash
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
server
nginx/1.15.9
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
content-type
text/javascript
status
200
cache-control
must-revalidate, max-age=14400
access-control-allow-headers
X-Requested-With, Content-Type, Authorization
content-length
32
pathfora.min.js
c.lytics.io/static/
98 KB
20 KB
Script
General
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2904791a3d21ac418c20883cb50a3f5923f1600fe9793cf7662a98f0cc9a2e00

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 02 May 2019 23:26:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
public, max-age=14400
cf-ray
4d2a458d6bf46341-FRA
expires
Mon, 06 May 2019 14:29:11 GMT
8514ca3b54284ee6e75983f95ff7262a
c.lytics.io/c/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a?login=false&publicationId=76&channel=home&email=&user_id=&pagetype=section&tags=&categories=ransomware&userstate=&pagename=Majority%20of%20SMB%20execs%20willing%20to%20pay%20in%20a%20ransomware%20situation&author=&cpn=&userspecialty=&userprofession=&section=home%3Asecurity%20news%3Aransomware&_ts=1557138551873&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6bf56341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
8514ca3b54284ee6e75983f95ff7262a
c.lytics.io/c/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a?_ts=1557138551874&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6bf66341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
127 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?gtm.start=1557138549779&event=gtm.js&gtm.uniqueEventId=12&_ts=1557138551874&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6bf76341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.AdBlocking=&_ts=1557138551875&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6bf96341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.ArticleId=&_ts=1557138551875&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6bfb6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.ArticleType=&_ts=1557138551875&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6bfd6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.LoggedIn=false&_ts=1557138551876&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6bff6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Login=false&_ts=1557138551876&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c036341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.MetaData=&_ts=1557138551876&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c076341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.NHTFlag=false&_ts=1557138551877&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c0a6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Type=section&_ts=1557138551877&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c0c6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.ScrollDepth=&_ts=1557138551878&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c0d6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.cmeActivityId=&_ts=1557138551878&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c0e6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.PrintSource=&_ts=1557138551879&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c106341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.SEOScore=&_ts=1557138551880&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c136341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Site.Prefix=omn&_ts=1557138551880&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c156341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SocSSN=&_ts=1557138551880&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c166341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SSO=0&_ts=1557138551881&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c176341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubscriberId=&_ts=1557138551881&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c196341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Source=haymarket&_ts=1557138551881&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c1b6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
96 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Site.PublicationId=76&_ts=1557138551882&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c1c6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Author=&_ts=1557138551882&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c1f6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Profession=&_ts=1557138551882&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c216341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Specialty=&_ts=1557138551882&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c236341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubProfession=&_ts=1557138551883&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c256341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubSpecialty=&_ts=1557138551883&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c286341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.JobTitle=&_ts=1557138551883&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c296341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
231 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.PremiumMonograph=&_ts=1557138551883&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d6c2b6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.Geolocation=&_ts=1557138551884&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c2c6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.CampaignCodes=&_ts=1557138551884&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c2f6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Country=&_ts=1557138551884&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c326341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
101 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Activity.Name=&_ts=1557138551884&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c346341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.GenericEvents=&_ts=1557138551885&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c366341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.CurrencyCode=&_ts=1557138551885&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c386341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.OrderId=&_ts=1557138551885&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c3b6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Drug.CompanyName=&_ts=1557138551885&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c3c6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.IsPremiumMonograph=false&_ts=1557138551886&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c3e6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
95 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.GatingType=section%3Anone&_ts=1557138551886&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c3f6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Company=&_ts=1557138551886&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c406341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Discipline=&_ts=1557138551887&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c416341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Asset=&_ts=1557138551887&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c426341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
166 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.PublishDate=&_ts=1557138551887&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c446341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Curation=false&_ts=1557138551888&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c456341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
101 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.WordCount=0&_ts=1557138551888&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c476341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Company=&_ts=1557138551888&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c486341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.CompanySize=&_ts=1557138551889&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c496341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?MyCME.CreditType=&_ts=1557138551889&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c4a6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?MyCME.ActivityResult=&_ts=1557138551889&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c4b6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.NumberofAdCalls=11&_ts=1557138551889&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c4d6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.ProductsInCart=&_ts=1557138551889&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c506341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section1=home&_ts=1557138551890&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c556341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section2=home%3Asecurity%20news&_ts=1557138551890&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c566341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section3=home%3Asecurity%20news%3Aransomware&_ts=1557138551890&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c586341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section4=&_ts=1557138551890&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c5b6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Tags=&_ts=1557138551891&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c5c6341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Categories=ransomware&_ts=1557138551891&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c636341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/
35 B
95 B
Image
General
Full URL
https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?gtm.start=1557138550919&event=gtm.js&gtm.uniqueEventId=2&_ts=1557138551891&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=2667d42f2a68aa694f03b881af943ebd&_getid=t&_v=2.0.0&_ca=jstag1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
via
1.1 google
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d2a458d7c646341-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
ads
securepubads.g.doubleclick.net/gampad/
12 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1257841207854275&correlator=118669874334714&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21062151%2C21063195%2C21063452%2C21063505%2C370204058&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fleaderboard_top&sz=728x90%7C970x250&scp=pos%3Dleaderboard_top&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3D%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3Dd94f57f440db0e41%3AT%3D1557138551%3AS%3DALNI_Ma8dCkapcbZrcbTED8TIBTzTcgpSw&cookie_enabled=1&bc=15&abxe=1&lmt=1557138551&dt=1557138551934&dlt=1557138549770&idt=1014&frm=20&biw=1585&bih=1200&oid=3&adx=193&ady=194&adk=380034999&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=64&icsg=152282360446976&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x106&msz=1200x90&blev=1&bisch=1&psts=Cj4IgejZP-gB1K_hi4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAAuXOpp1R0QLfkbIwe5SIBw&ga_vid=1287632925.1557138551&ga_sid=1557138551&ga_hid=1800705892&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
4929f0b2ac68b303c0df6ab56d49cd654b37d907493ef35609d8bdb33c49dfb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5638
x-xss-protection
0
google-lineitem-id
133590745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138267978399
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pathfora.min.css
c.lytics.io/static/
20 KB
3 KB
Stylesheet
General
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 02 May 2019 23:26:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
content-encoding
br
cache-control
public, max-age=14400
cf-ray
4d2a458dccc16341-FRA
expires
Mon, 06 May 2019 14:29:11 GMT
config.js
c.lytics.io/api/program/campaign/config/8514ca3b54284ee6e75983f95ff7262a/
4 KB
1 KB
Script
General
Full URL
https://c.lytics.io/api/program/campaign/config/8514ca3b54284ee6e75983f95ff7262a/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f69523a4d8baab33dcf7b1107992903b09e468fb1427d48aa5d7ad70b27ae0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:11 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
public, max-age=14400
cf-ray
4d2a458dccbe6341-FRA
expires
Mon, 06 May 2019 14:29:11 GMT
match
polo-v1.feathr.co/v1/analytics/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5cd00c7714baa30001d028f8&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5cd00c7714baa30001d028f8&gdpr=0
  • https://polo-v1.feathr.co/v1/analytics/match?f_id=5cd00c7714baa30001d028f8&ttd_id=d2612309-512e-42b8-a980-a0e511746fc8
43 B
326 B
Image
General
Full URL
https://polo-v1.feathr.co/v1/analytics/match?f_id=5cd00c7714baa30001d028f8&ttd_id=d2612309-512e-42b8-a980-a0e511746fc8
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.96.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-5-96-203.compute-1.amazonaws.com
Software
nginx/1.15.9 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
server
nginx/1.15.9
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
content-type
image/gif
status
200
cache-control
max-age=0,no-cache,no-store
access-control-allow-headers
X-Requested-With, Content-Type, Authorization
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
x-aspnet-version
4.0.30319
location
https://polo-v1.feathr.co/v1/analytics/match?f_id=5cd00c7714baa30001d028f8&ttd_id=d2612309-512e-42b8-a980-a0e511746fc8
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
crumb
polo.feathr.co/v1/analytics/
43 B
325 B
Image
General
Full URL
https://polo.feathr.co/v1/analytics/crumb?cb=1557138552073&a_id=5c2d2a2366bba411c7d26e37&f_id=5cd00c7714baa30001d028f8&ses_id=5cd00c778565fd374f61376b&flvr=page_view&loc_url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.96.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-5-96-203.compute-1.amazonaws.com
Software
nginx/1.15.9 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
server
nginx/1.15.9
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
content-type
image/gif
status
200
cache-control
max-age=0,no-cache,no-store
access-control-allow-headers
X-Requested-With, Content-Type, Authorization
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame A521
0
58 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1PptvKAL1YYaGiEHuzhoSVH84LTGSs3lbl69oG7dkAdb0sVOOp2glWLCAC1HLFONIAXltJ91T4BlT_FMZacislXqokKaHM2kr_ly_AeYY4P0cM6RIxcDy0wFCWkiTo5TdGZyBC-PjekNYBcLd2jSLndVUfL2u436tsuHaMwwlvtC91YfJf6uKSzzKD2DvaIzIGpVmM_N7W-FMuiLMJbPka-A8tTdeNLWI1FU3338I45kPhMg37mtWXcXaPvBO7HCV5sUS43DVszIbYlrEabKrNJhW3fIM4Msq03H8p_fh_5Gbxfw&sai=AMfl-YS0OeIMikiFN59Op_SKot8q_jEkWIorJ0SwGKZ_qKGGeQhmuQLQLZYLJl_YVfJK6miUCGrBuGNvEI_7KUaXtDS1GP8bWC4MUdiL7qjMpTHySddV-LhP9kB1GNIE&sig=Cg0ArKJSzG5Ch-sdpzffEAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 May 2019 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
m_window_focus.js
tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/ Frame A521
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/m_window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 29 Apr 2019 18:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576025
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1056
x-xss-protection
0
server
cafe
etag
10388620150615422707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 May 2019 18:28:47 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame A521
76 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d559ff90127fb1a15d5d979816c626d3f044a8a82cae54f5a6d8faa2b8a68b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1556617735866586"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28690
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:12 GMT
l
www.google.com/ads/measurement/ Frame A521
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhFKQXCk3eAgto36mOZkV5dkCbqc12XVJYps9UoBSoDHnm2ZEe2SoFVd9nbQIQQFuxkew0rMl0wOGmFsQfnxihre6_Gg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

init-140r6opg3f7b3b5fypx.js
api.b2c.com/api/ Frame A521
13 KB
5 KB
Script
General
Full URL
https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804943386&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138267978399&sid=Ransomware
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:bd1a:4974:a807:5cd6 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
a107ec2c723ea68a79b9fc15751ef599cb4c64c9e7248a97ac0663120620f3ac

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1
3580783640350917538
tpc.googlesyndication.com/simgad/ Frame A521
27 KB
27 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3580783640350917538
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
53d78dee3847d3cf7906308195ed873de28dfeb682598827a766f9f94baad6dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 19 Apr 2019 19:36:16 GMT
x-content-type-options
nosniff
age
1435976
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27278
x-xss-protection
0
last-modified
Fri, 19 Apr 2019 19:31:11 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Apr 2020 19:36:16 GMT
ads
securepubads.g.doubleclick.net/gampad/
11 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1257841207854275&correlator=118669874334714&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21062151%2C21063195%2C21063452%2C21063505%2C370204058&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fleaderboard_bottom&sz=728x90%7C970x250&scp=pos%3Dleaderboard_bottom%26lid%3D133590745&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3D%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3Dd94f57f440db0e41%3AT%3D1557138551%3AS%3DALNI_Ma8dCkapcbZrcbTED8TIBTzTcgpSw&cookie_enabled=1&bc=15&abxe=1&lmt=1557138552&dt=1557138552189&dlt=1557138549770&idt=1014&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=3263&adk=4131241673&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=64&icsg=609129441787904&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x3052&msz=1585x90&blev=1&bisch=1&psts=Cj4IgejZP-gB1K_hi4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAAuXOpp1R0QLfkbIwe5SIBw%2CCj4I2d3ZP-gBn9Wni4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAApqQtJ1R0QIoVnZFgOsAIA&ga_vid=1287632925.1557138551&ga_sid=1557138551&ga_hid=1800705892&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
c1b65019a24d682764b614da8c785d16039049c90b619d7d053420dc39c6cbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5548
x-xss-protection
0
google-lineitem-id
133590745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265148264
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A521
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffeb34448f827fdf91755e6b7d08837ccde47f516b7b6f12a3e94f6f05d33300

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
4
api-54-184-89-98.b2c.com/api/
43 B
438 B
XHR
General
Full URL
https://api-54-184-89-98.b2c.com:444/api/4?8EndfCXsGPt4f508
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.89.98 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-184-89-98.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
null

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:12 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
-1
x
api-54-184-89-98.b2c.com/api/
0
363 B
Other
General
Full URL
https://api-54-184-89-98.b2c.com/api/x?8EndfCXsGPt4f508$YWRibG9jayQ3ODAkMA
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5800:5f6f:fa07:5509:9db2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:12 GMT
Server
openresty
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
ad.gif
api-54-191-148-31.b2c.com/api/ Frame A521
43 B
233 B
Image
General
Full URL
https://api-54-191-148-31.b2c.com/api/ad.gif
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:12 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 3641
0
49 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtElhAlWQKNk0kUMJWcFFrP3VkGG4NgxLQGA5lrXhFfoVxSKFaG3GtV0vYLW8caRVeSJiQvvoWgcek7jfZQx16Y7roNldkZRadvHAT_Rz14mkdDmysXxu_cX5qcApTsGzru1Swch5j8QDZPxBV1gyzqvrrcsQNJH57GmepYp3m5SeP_RYuGgYxkZop7E1gER0Sek_zhZWFWCv6vkUAFQwOi8nClvhm0QeQFXM4aTIq0zwqf9RzEibnlwL_5EKpXfJtVkasuO40JBa28Q22SMa8TZmUWFb2CnsPnfCRuqoYHLRh--dioXE&sai=AMfl-YQ5nl46OWKgiDhrtWzR3z8ad_AoeXywmLYWZPOQmEAaexHIckbJhN2w1Gc9qiNJezkRy6CPQuK-PsZdQs8Wjklc6DEFSz8MOY08DXnDr03OeO-2eeTADQRnaNBu&sig=Cg0ArKJSzAAdnDE-M__MEAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 May 2019 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
m_window_focus.js
tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/ Frame 3641
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/m_window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 29 Apr 2019 18:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576025
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1056
x-xss-protection
0
server
cafe
etag
10388620150615422707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 May 2019 18:28:47 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 3641
76 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d559ff90127fb1a15d5d979816c626d3f044a8a82cae54f5a6d8faa2b8a68b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1556617735866586"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28690
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:12 GMT
init-140r6opg3f7b3b5fypx.js
api.b2c.com/api/ Frame 3641
12 KB
5 KB
Script
General
Full URL
https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804943563&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138265148264&sid=Ransomware
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:bd1a:4974:a807:5cd6 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
89ebd00b37e36b9293f402be4c4e45ee58c3b315646b4c9c2897eca60e86bcca

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1
9114999926211450122
tpc.googlesyndication.com/simgad/ Frame 3641
45 KB
45 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9114999926211450122
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f1d70809c8ac5942aa10f19fac6c7e9df3fc62629e99243659f9f851204da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 16:07:42 GMT
x-content-type-options
nosniff
age
3867690
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
45864
x-xss-protection
1; mode=block
last-modified
Fri, 22 Mar 2019 15:59:47 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Mar 2020 16:07:42 GMT
ads
securepubads.g.doubleclick.net/gampad/
13 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1257841207854275&correlator=118669874334714&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21062151%2C21063195%2C21063452%2C21063505%2C370204058&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fbox_1&sz=300x250%7C300x600%7C300x1050&scp=pos%3Dbox_1%26lid%3D133590745&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3D%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3Dd94f57f440db0e41%3AT%3D1557138551%3AS%3DALNI_Ma8dCkapcbZrcbTED8TIBTzTcgpSw&cookie_enabled=1&bc=15&abxe=1&lmt=1557138552&dt=1557138552415&dlt=1557138549770&idt=1014&frm=20&biw=1585&bih=1200&oid=3&adx=1053&ady=300&adk=3876327918&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=63&icsg=609129441787904&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&blev=1&bisch=1&psts=Cj4IgejZP-gB1K_hi4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAAuXOpp1R0QLfkbIwe5SIBw%2CCj4I2d3ZP-gBn9Wni4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAApqQtJ1R0QIoVnZFgOsAIA%2CCj4I2d3ZP-gB6Pb6iYMEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAAsuRtJ1R0QL9x0t_yzDSHg&ga_vid=1287632925.1557138551&ga_sid=1557138551&ga_hid=1800705892&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e780161d7385afdbd4a7988ee9915a9ae6dc77e6d447d6c73bb3547dfe0010ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
6046
x-xss-protection
0
google-lineitem-id
133590745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138267978150
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3641
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d195cf6b23dd3271d9bcd9b629dbb3746365496cc1bf475e9dcdbf4eeb34fcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
ad.gif
api-54-184-89-98.b2c.com/api/ Frame 3641
43 B
233 B
Image
General
Full URL
https://api-54-184-89-98.b2c.com/api/ad.gif
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5800:5f6f:fa07:5509:9db2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:12 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
4
api-54-191-148-31.b2c.com/api/ Frame A521
Redirect Chain
  • https://api-54-191-148-31.b2c.com/api/x?3x8OQNGZdzJUQnFf$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczov...
  • https://api-54-191-148-31.b2c.com:444/api/4?3x8OQNGZdzJUQnFf
0
-1 B
XHR
General
Full URL
https://api-54-191-148-31.b2c.com:444/api/4?3x8OQNGZdzJUQnFf
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
https://api-54-191-148-31.b2c.com:444/api/4?3x8OQNGZdzJUQnFf
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158

Redirect headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Location
https://api-54-191-148-31.b2c.com:444/api/4?3x8OQNGZdzJUQnFf
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158
view
securepubads.g.doubleclick.net/pcs/ Frame F73A
0
58 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrQ1jeI5JknErfg__Au1AhI4fqDXbeZZrkOs7XVKbqKJMH6P9WaPMQ66qU_Or_osRU1NGpi6akG0UxZhIX1mrv-om8_qE75HFXA7o_mkW8BWT0o7ZVvaQaVUYQ0x6-xRsAIJN55OA-h3ptJX9R_gKldTzBft_KYtVH0N6BH5WrZJW7adZRiz5L9qiQjPazDimLaLijocyzyPA19ybpfelgUhDPrLHr5OQmiyuhuCVmpf4fWrMl8Ctf67UjGVda2pSh0he9YkjJve1a4aalL4piSNw8TtZnvUHf-Q&sai=AMfl-YSslUgheO9B4FoC3foN69h7MV9JeKmK7G_yg6iGF7xm_uf2Egn_ahKZ84ac5mBG9YpzCW-QAQMEfmQog-KjxHz3VS-KhmnhFLD_5YeNJWYR3ziYcJgeEOJ8_60H&sig=Cg0ArKJSzKUVgoNmCYf3EAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 May 2019 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
m_window_focus.js
tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/ Frame F73A
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/m_window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 29 Apr 2019 18:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576025
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1056
x-xss-protection
0
server
cafe
etag
10388620150615422707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 May 2019 18:28:47 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame F73A
76 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d559ff90127fb1a15d5d979816c626d3f044a8a82cae54f5a6d8faa2b8a68b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1556617735866586"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28690
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:12 GMT
init-140r6opg3f7b3b5fypx.js
api.b2c.com/api/ Frame F73A
12 KB
5 KB
Script
General
Full URL
https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804722027&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138267978150&sid=Ransomware
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:bd1a:4974:a807:5cd6 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
40a570d358ecbb5ba91dc4c819c5747455c0dea4cc7fdb0932da963fd4c0ca59

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1
16063218335237153731
tpc.googlesyndication.com/simgad/ Frame F73A
23 KB
23 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16063218335237153731
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
18bae609c41725c05dd41403b0dd2e79f4e764396c4389b0d952c3827afbd5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 19 Apr 2019 22:15:39 GMT
x-content-type-options
nosniff
age
1426413
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
23657
x-xss-protection
0
last-modified
Fri, 19 Apr 2019 19:31:13 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Apr 2020 22:15:39 GMT
ads
securepubads.g.doubleclick.net/gampad/
11 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1257841207854275&correlator=118669874334714&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21062151%2C21063195%2C21063452%2C21063505%2C370204058&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fbox_2&sz=300x250%7C300x600&scp=pos%3Dbox_2%26lid%3D133590745&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3D%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3Dd94f57f440db0e41%3AT%3D1557138551%3AS%3DALNI_Ma8dCkapcbZrcbTED8TIBTzTcgpSw&cookie_enabled=1&bc=15&abxe=1&lmt=1557138552&dt=1557138552645&dlt=1557138549770&idt=1014&frm=20&biw=1585&bih=1200&oid=3&adx=1053&ady=1251&adk=3758827009&uci=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=63&icsg=609129441787904&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&blev=1&bisch=1&psts=Cj4IgejZP-gB1K_hi4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAAuXOpp1R0QLfkbIwe5SIBw%2CCj4I2d3ZP-gBptOni4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAAuvOpp1R0QJmqh0ElTWWew%2CCj4I2d3ZP-gBn9Wni4MEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAApqQtJ1R0QIoVnZFgOsAIA%2CCj4I2d3ZP-gB6Pb6iYMEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACm5G0nVGAAsuRtJ1R0QL9x0t_yzDSHg&ga_vid=1287632925.1557138551&ga_sid=1557138551&ga_hid=1800705892&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
5aced2b3331b2abecc4c90344deb3404bcd1bbfe304ad95b89df40b6b9265db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5497
x-xss-protection
0
google-lineitem-id
133590745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265445734
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F73A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
944abccb9d9fdc2a6c1e9d4c9f4726f6da80635378dab20c7786d0e4dad4baad

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8477
0
50 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaa7XEiyaTK26-KCBkZ_Cz3P2cgAeBzwUaA1ZWfVc3T-vrjK2okFzQV5d5LFVSpdBouvYerxWeTdPAtEJxHUPGiGhL-oB1dTXbZrKicykt_8t8HO67ZvuZMHuDOAjBCKYIqQwjhvcdjn-lQPtgJlnRd9GWeGVUN0D0LmrORwx6xtGNfFA6nZl0JX3s-HL6xuWRFKOTBoTGHYO8Mz5JhcO97ljWU1CGOV0H_IBU-23fL9Adxg6VXf5JdScSsixeYz1QGGSHYOVN3gLjvh85VGEXGNxOP0KyKh44AA&sai=AMfl-YSzByI0tzD79oXBv0uJHzRT1IlIx8LIzV6LB9xPpiYd0h8R1nDrYwRSwOTrh0fw9BajvzBAycSUn_0XYu_OFleiGLQRvoAxs2Hz6JmHM5yN87WOP52s9iiDYL9x&sig=Cg0ArKJSzDOymCgn00G9EAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 May 2019 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
m_window_focus.js
tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/ Frame 8477
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190429/r20110914/client/ext/m_window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 29 Apr 2019 18:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576025
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1056
x-xss-protection
0
server
cafe
etag
10388620150615422707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 May 2019 18:28:47 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8477
76 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d559ff90127fb1a15d5d979816c626d3f044a8a82cae54f5a6d8faa2b8a68b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1556617735866586"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28690
x-xss-protection
0
expires
Mon, 06 May 2019 10:29:12 GMT
init-140r6opg3f7b3b5fypx.js
api.b2c.com/api/ Frame 8477
13 KB
5 KB
Script
General
Full URL
https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804943389&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138265445734&sid=Ransomware
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:bd1a:4974:a807:5cd6 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
d5c1b6eb1056a7d5ede46dddbc144cb3fb6e796e2247e9dc91f0e6271599e520

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:12 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1
8790994904754568457
tpc.googlesyndication.com/simgad/ Frame 8477
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8790994904754568457
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f78a10cfffe095c1c649948bdc73c4fcb44f54d7648c592b814090a9ce8afce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 16:07:43 GMT
x-content-type-options
nosniff
age
3867689
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
37120
x-xss-protection
1; mode=block
last-modified
Fri, 22 Mar 2019 15:59:48 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Mar 2020 16:07:43 GMT
ad.gif
api-54-191-148-31.b2c.com/api/ Frame F73A
43 B
233 B
Image
General
Full URL
https://api-54-191-148-31.b2c.com/api/ad.gif
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:13 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
4
api-54-184-89-98.b2c.com/api/ Frame 3641
Redirect Chain
  • https://api-54-184-89-98.b2c.com/api/x?VPkcj1lx6A3hD6bL$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL...
  • https://api-54-184-89-98.b2c.com:444/api/4?VPkcj1lx6A3hD6bL
0
-1 B
XHR
General
Full URL
https://api-54-184-89-98.b2c.com:444/api/4?VPkcj1lx6A3hD6bL
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5800:5f6f:fa07:5509:9db2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
https://api-54-184-89-98.b2c.com:444/api/4?VPkcj1lx6A3hD6bL
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158

Redirect headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Location
https://api-54-184-89-98.b2c.com:444/api/4?VPkcj1lx6A3hD6bL
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158
truncated
/ Frame 8477
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83cfe1354d6d5b7d4e6d518182c014272f2475271b43926a2916f87ae2e8c792

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
ad.gif
api-54-191-148-31.b2c.com/api/ Frame 8477
43 B
233 B
Image
General
Full URL
https://api-54-191-148-31.b2c.com/api/ad.gif
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:13 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
4
api-54-191-148-31.b2c.com/api/ Frame F73A
Redirect Chain
  • https://api-54-191-148-31.b2c.com/api/x?mgT6cNhIzhyWX4cO$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczov...
  • https://api-54-191-148-31.b2c.com:444/api/4?mgT6cNhIzhyWX4cO
0
-1 B
XHR
General
Full URL
https://api-54-191-148-31.b2c.com:444/api/4?mgT6cNhIzhyWX4cO
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
https://api-54-191-148-31.b2c.com:444/api/4?mgT6cNhIzhyWX4cO
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158

Redirect headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Location
https://api-54-191-148-31.b2c.com:444/api/4?mgT6cNhIzhyWX4cO
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158
4
api-54-191-148-31.b2c.com/api/ Frame A521
43 B
438 B
XHR
General
Full URL
https://api-54-191-148-31.b2c.com:444/api/4?3x8OQNGZdzJUQnFf
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.148.31 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-191-148-31.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
null

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:13 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
-1
x
api-54-191-148-31.b2c.com/api/ Frame A521
0
363 B
Other
General
Full URL
https://api-54-191-148-31.b2c.com/api/x?3x8OQNGZdzJUQnFf$YWRibG9jayQ2NzQkMA
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
4
api-54-191-148-31.b2c.com/api/ Frame 8477
Redirect Chain
  • https://api-54-191-148-31.b2c.com/api/x?fOarLYOAK2q939xt$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczov...
  • https://api-54-191-148-31.b2c.com:444/api/4?fOarLYOAK2q939xt
0
-1 B
XHR
General
Full URL
https://api-54-191-148-31.b2c.com:444/api/4?fOarLYOAK2q939xt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
https://api-54-191-148-31.b2c.com:444/api/4?fOarLYOAK2q939xt
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158

Redirect headers

Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Location
https://api-54-191-148-31.b2c.com:444/api/4?fOarLYOAK2q939xt
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
158
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame F73A
47 KB
18 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
02cef7eaa1df7b16233b383d680e389a39e90c3967c1817b610efa22f6f32d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 09:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3191
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
18169
x-xss-protection
0
server
cafe
etag
6720522009277121603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 06 May 2019 10:36:02 GMT
csi
csi.gstatic.com/ Frame F73A
0
57 B
Other
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~jvc839ap&chm=1&ctx=2&gqid=eAzQXO_FGqTA1fAP3PSiaA&qqid=CNOho5LZhuICFbZdFQgdZ7oJTQ&met.3=197.1e~123.1d_2~118.1g~118.2s~118.5t~118.8g~118.bu~118.eo~118.hh~117.hx~118.hx~113.ib_3~112.ia_4&met.4=lb.1f~ol.hx~idt.ly~dt.-68&met.1=1.jvc838sf~14.0~15.0~16.0~17.0~18.0~19.0~20.hx~21.hx~22.t~23.t&met.7=CCIQBBgBIAIoAjAhOB9oA3AgeDqwAQG4AQM~CB4QChgBIAIoAjAJOAdoA3AJeOcIgAGgCIgBrRKwAQG4AQM~CCoQChgBIAMoAzAsOCk~CBsQCiADONsB~CBcQBhgBIAMoAzALOAhoBHAKeO65AYAB6bgBiAHpuAGwAQG4AQM~CBsQBiDtATiRAw~CCgQChgBIIYFKIYFMI8FOAhohwVwjgV4hI8BgAH5jQGIAZn2ArABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A521
42 B
113 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlOZfJz0YH3BiJNIE3dDKo3DbUnxslXwPYPpK_tLffPUoLdBeirfW9LhqoIq2ipMhKwt8bh-EevsXiJ2lga7B9kLMqPanjYCM8Ju5IR5c&sig=Cg0ArKJSzGMj4TrjxG0eEAE&adk=380034999&tt=-1&bs=1585%2C1200&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&p=194,429,284,1157&mcvt=1059&rs=3&ht=0&tfs=936&tls=1995&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1557138552192&rpt=50&isd=0&msd=0&lm=2&geo_mode=0&oseid=3&xdi=0&ps=1585%2C3850&ss=1600%2C1200&pt=-1&deb=1-1-5-12-19-17-56-18&tvt=1982&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=6&clc=1&cac=0&cd=728x90&v=20190429
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:13 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4
api-54-191-148-31.b2c.com/api/ Frame F73A
43 B
438 B
XHR
General
Full URL
https://api-54-191-148-31.b2c.com:444/api/4?mgT6cNhIzhyWX4cO
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.148.31 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-191-148-31.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
null

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
-1
x
api-54-191-148-31.b2c.com/api/ Frame F73A
0
363 B
Other
General
Full URL
https://api-54-191-148-31.b2c.com/api/x?mgT6cNhIzhyWX4cO$YWRibG9jayQ0MTgkMA
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:14 GMT
Server
openresty
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
4
api-54-184-89-98.b2c.com/api/ Frame 3641
43 B
438 B
XHR
General
Full URL
https://api-54-184-89-98.b2c.com:444/api/4?VPkcj1lx6A3hD6bL
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.89.98 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-184-89-98.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
null

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
-1
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1800705892&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20new...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_gid=157577192.1557138553&gjid=314138323&_v=j73&z=1209078573
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_v=j73&z=1209078573
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_v=j73&z=1209078573&slf_rd=1&random=4113001580
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_v=j73&z=1209078573&slf_rd=1&random=4113001580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:13 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1287632925.1557138551&jid=2049429992&_v=j73&z=1209078573&slf_rd=1&random=4113001580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src.svg
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/
33 KB
11 KB
XHR
General
Full URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Requested by
Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1556102413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com

Response headers

x-type
static/known
date
Mon, 06 May 2019 10:29:13 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 10:40:13 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5cc03d0d-8317"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
collect
www.google-analytics.com/
35 B
110 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=1800705892&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=%2Fhome%2Fsecurity-news%2Fransomware%2F&el=25%25&ev=25&_u=aGjAAAADQ~&jid=&gjid=&cid=1287632925.1557138551&tid=UA-1290429-10&_gid=157577192.1557138553&gtm=2wg430W475TQW&z=1700781568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 03:28:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5036468
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
4
api-54-191-148-31.b2c.com/api/ Frame 8477
43 B
438 B
XHR
General
Full URL
https://api-54-191-148-31.b2c.com:444/api/4?fOarLYOAK2q939xt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.148.31 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-191-148-31.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
null

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
-1
x
api-54-191-148-31.b2c.com/api/ Frame 8477
0
363 B
Other
General
Full URL
https://api-54-191-148-31.b2c.com/api/x?fOarLYOAK2q939xt$YWRibG9jayQ0MzYkMA
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:3269:ebc1:b682:b66d , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
Origin
https://www.scmagazine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 06 May 2019 10:29:13 GMT
Server
openresty
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame F73A
42 B
113 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKEy4a5TdF5YJ06QT0APiYcj6FAPT9qig4VzmqicgtbmMEPYc7eKYUhQY_nymERb49zzsno-pbbA60Dtu2wDavKZ2SNPapLAh726HA-7g&sig=Cg0ArKJSzDUPBtY_EwZ1EAE&adk=3876327918&tt=192&bs=1585%2C1200&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&p=300,1053,550,1353&mcvt=1038&rs=3&ht=0&tfs=1364&tls=2402&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1557138552649&rpt=41&isd=0&msd=0&lm=2&geo_mode=0&oseid=3&xdi=0&ps=1585%2C3850&ss=1600%2C1200&pt=2211&deb=1-1-5-16-23-17-77-22&tvt=2389&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=6&clc=1&cac=0&cd=300x250&v=20190429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2019 10:29:13 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413
Domain
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
URL
https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask number| pamEnabled object| hmAds object| dataLayer undefined| $ function| jQuery function| cookie function| UtilityMove object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| googletag object| dfpAdSlots object| mapping object| adSlotsConfig object| allowedSlots object| hmRegisteredAds boolean| hmAdsLazyload number| hmAdsActiveRefresh boolean| hmAdsCommentsHouse boolean| hmDmdAimEnabled boolean| hmAdsActiveRefreshAll boolean| hmAdsBoxReposition boolean| hmAdsLytics object| adSlots number| adDebug object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| countVars string| disqus_shortname function| maropostInitTracking string| name_funnel function| _132510 string| name_funnel1 function| _13251 object| google_tag_manager object| hm_localize object| hm_gated string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| _sf_async_config function| retry function| isIE10OrLater function| detectPrivateMode undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| TenUp object| liosetup object| jstag object| hmAuthNoncePromise object| hmRegisterPrompt object| adblockDetector object| pageVars object| google_tag_data object| gaplugins object| gaGlobal object| wp number| google_unique_id object| google_reactive_ads_global_state object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| feathr function| FeathrBoomerang object| CE2 string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store function| __jstag_onload undefined| initObj string| ly_cid function| webpackJsonp object| _ml object| google_optimize object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired undefined| feathr_account_id object| __feathrs function| __feathr function| __$PP boolean| initialized function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| lio object| dataLayerService function| HMIRegistration function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called object| optimizely object| DISQUSWIDGETS undefined| disqus_domain object| pathfora object| gtm string| string1 string| string2 string| string3 string| string4 string| string5 string| string6 string| string7 string| string8 string| string9 string| string10 number| lySegmentCounter string| result string| key function| checkForCPNSegments function| logit

0 Cookies

30 Console Messages

Source Level URL
Text
console-api log URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1556102413(Line 1)
Message:
[ABD] start beginTest
console-api log URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1556102413(Line 1)
Message:
[ABD] adding bait node to DOM
console-api log URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1556102413(Line 1)
Message:
[ABD] start beginTest
console-api log URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1556102413(Line 1)
Message:
[ABD] adding bait node to DOM
console-api log (Line 6)
Message:
checkForCPNSegments(module_115_022818_priority_2_sc_paid_subscription)
console-api log (Line 6)
Message:
checkForCPNSegments(ce_no_usa)
console-api log (Line 8)
Message:
logit -all
console-api log (Line 6)
Message:
checkForCPNSegments(all)
console-api log (Line 6)
Message:
checkForCPNSegments(smt_new)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_reporting_has_visited_web)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_reporting_multi_session_visitor)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_reporting_last_visit_within_day)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_reporting_last_visit_within_week)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_reporting_last_visit_within_month)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_reporting_last_visit_within_3_months)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_unknown_email)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_repeat_visitor)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_international_visitor)
console-api log (Line 6)
Message:
checkForCPNSegments(ly_uses_desktop)
console-api log (Line 6)
Message:
checkForCPNSegments(ce_unknown_1000plus)
console-api log (Line 6)
Message:
checkForCPNSegments(sc_module_063017_priority_3_sc_reboot_17_industry_innovators)
console-api log (Line 6)
Message:
checkForCPNSegments(sc_module_21_073117_priority_2_817_thycotic)
console-api log (Line 6)
Message:
checkForCPNSegments(sc_module_081717_priority_3_surviving_ransomware_28)
console-api log (Line 6)
Message:
checkForCPNSegments(sc_module_090717_priority_2_surviving_ransomware_41)
console-api log (Line 6)
Message:
checkForCPNSegments(sc_module_56_092717_priority_3_threat_management_eb)
console-api log (Line 6)
Message:
checkForCPNSegments(sc_module_74_103017_priority_2_threat_management_eb)
console-api log (Line 6)
Message:
checkForCPNSegments(sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86)
console-api log (Line 5)
Message:
OK
console-api log URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1556102413(Line 1)
Message:
[ABD] exiting test loop - value: false

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
action.dstillery.com
action.media6degrees.com
adservice.google.com
adservice.google.de
api-54-184-89-98.b2c.com
api-54-191-148-31.b2c.com
api.b2c.com
api.lytics.io
c.lytics.io
cdn.feathr.co
content.maropost.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
in.ml314.com
marco.feathr.co
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.mathtag.com
polo-v1.feathr.co
polo.feathr.co
ps.eyeota.net
px.ads.linkedin.com
s3.amazonaws.com
scmagazineus.disqus.com
script.crazyegg.com
securepubads.g.doubleclick.net
snap.licdn.com
static.chartbeat.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tags.bluekai.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.scmagazine.com
33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com
143.204.214.92
151.101.120.134
172.217.23.130
18.195.251.148
2.21.37.45
2600:1f14:e96:5800:5f6f:fa07:5509:9db2
2600:1f14:e96:5802:3269:ebc1:b682:b66d
2600:1f14:e96:5802:bd1a:4974:a807:5cd6
2600:9000:200d:5600:18:1fcd:349:ca21
2600:9000:200d:c200:1b:fadc:b780:93a1
2606:4700:20::6819:5365
2606:4700:20::6819:f863
2606:4700::6813:9408
2620:109:c002::6cae:a0a
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:816::2004
2a00:1450:4001:817::2003
2a00:1450:4001:817::200a
2a00:1450:4001:819::2001
2a00:1450:4001:81f::200e
2a00:1450:4001:821::2002
2a00:1450:4001:821::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c07::9c
2a02:26f0:6c00:28c::25ea
2a05:f500:11:101::b93f:9005
34.196.212.82
34.196.223.248
34.235.53.91
34.242.41.222
34.95.92.78
35.227.192.113
38.126.130.202
52.216.128.141
52.5.96.203
52.86.64.17
54.154.211.245
54.171.224.12
54.184.89.98
54.191.148.31
94.31.29.64
95.101.194.150
02cef7eaa1df7b16233b383d680e389a39e90c3967c1817b610efa22f6f32d22
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
044be58593967df0304de991b9e7ff63cd46655890e6d6350c79018b5343a77f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07e7c0ff59e33d2cb36c7d2a30c4107a9759a550fd5d0118eba4ae776467f950
098743ea606dd806c2f270b0c0755b76d7b132137855ae829e3c84d425ad74f7
0c7e4012cb73f8c0836fa8aee34bb0da2250b5af84d0c4a1959d60764597f05a
0f7f1d70809c8ac5942aa10f19fac6c7e9df3fc62629e99243659f9f851204da
12a0b01fda65dafdfecf773d1e3882c97a31562463aef37b93ece475f3412033
17662c5be704891af65aba3b8b24053e2ec25b3733e07d96b8567237405b5a8c
18bae609c41725c05dd41403b0dd2e79f4e764396c4389b0d952c3827afbd5db
1d90939dba16916ae487a09245dfb95ea74654b16d67d90e2621e3ac0be0cef0
1fedeea2414aa110b9a105916a2479e93cc7e35a70d56612c34ce9df7fe03600
2021090a16dfd63c9098cfd3235755b4cc700f20268a9f12e07498417b5ad778
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
21659a119a8c1723c186e29f0ad990ff6271168797ff34a4757b1d55728664e3
227c4cdbdd59fc06aea14f495bd4909d9fc1fb9db12595d12a18beefcbe65a0e
2904791a3d21ac418c20883cb50a3f5923f1600fe9793cf7662a98f0cc9a2e00
2b63a484e50b0887ede8571126709a164efc6d3647d5982fb520098be0b6a888
2bf96ddd3980547587d2dbb32c14e3892b59c5fc8b13b7e8dd14c0f71cf99628
33fe4fe8214760f15a5fdd753b5c396ee5b916e5d6f66f79d4765ed260706723
3464c645a0c4fe4ff460238ef3a56ccf503c45481c8083173b6aab7a42f6a5d1
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
40a570d358ecbb5ba91dc4c819c5747455c0dea4cc7fdb0932da963fd4c0ca59
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4929f0b2ac68b303c0df6ab56d49cd654b37d907493ef35609d8bdb33c49dfb4
4b4bb336bc36d07f7cdc5cc26fa3547a543d64406f4b2364b53e9a1c1cd90311
53d78dee3847d3cf7906308195ed873de28dfeb682598827a766f9f94baad6dc
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
59b3a8ce3d8de5757bc9b97e1ab474a0d3a1234c3c874c491948186c78bd34cf
5aced2b3331b2abecc4c90344deb3404bcd1bbfe304ad95b89df40b6b9265db0
5db1bece372cbf6ce7ba944b437e9eae7c9462fc1d0af290e2804a9b7df41728
5ed2c77a12d6be1eb2ca8462376dc9bc53fb4fae1585b1c83aa039c430c7db55
6373dd3d6205ea9cdaf87cb61d30245411b2aaaf971efe1ff432e54741a4fddd
64c0f386e23546b11ab28e437684f0ea24cd9e538978c492d8afcb6af9444bc4
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d195cf6b23dd3271d9bcd9b629dbb3746365496cc1bf475e9dcdbf4eeb34fcd
6d559ff90127fb1a15d5d979816c626d3f044a8a82cae54f5a6d8faa2b8a68b5
6f0e697e19c9264d7bde41e92f70f4e031501562c1112aa0cd1ce7782361ce11
70e2427de189d09cb1a09e1f852d2d845eb586b8de7b11a7efde38d6b8462e31
7152dcb01b90c6ed422e5fbf423b3b692320c5070f5c42be9ec4cabf1d936987
775b77a13374329ce5097c8d46dad99a81680ddd00fe4d7a685832074cb17491
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7eff8563aa767c7f2ab4b5e066414c02f091480a7530a2fe19ab9da8f53e82e2
80645e47680838cf12e3d997332f320e6d91c4fd46ed7c6f1c48590499006695
81e45cca393b1656b213e8f0e12e9acd735929f5c0313d8d1791a42262a68e38
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cfe1354d6d5b7d4e6d518182c014272f2475271b43926a2916f87ae2e8c792
83f69523a4d8baab33dcf7b1107992903b09e468fb1427d48aa5d7ad70b27ae0
866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811
87f07c950fc6225d6186aecfc5a59b2de45724dd85fceb1dc736c081294279c0
89ebd00b37e36b9293f402be4c4e45ee58c3b315646b4c9c2897eca60e86bcca
8acc380a80d055662dc58a84fb8d051e47fca4a2f86b99d7e04e6f75561557b3
8baed99ba6bd164b0e13382da25941e798c767a71431300c12ba5328ea9a127b
8cad642d5009d9f538c20ce327532bea1a130c019fae995d6d37da325626347d
8e0da2e2d764c1a202d33dd39287784df8ac6bc20c7401ea14f2d62001292856
94308b25a82c6c94b07808115e379e4f4151bde0c44100015cda9cb1c5cdb0e7
944abccb9d9fdc2a6c1e9d4c9f4726f6da80635378dab20c7786d0e4dad4baad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a107ec2c723ea68a79b9fc15751ef599cb4c64c9e7248a97ac0663120620f3ac
a840b692909bd0d8e943c0c3d8f76b2ceba1abba6dce560f44ded11c19b8855f
abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2
b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c1185cb3e5019a69dafdda3080d6e8f9d3d6a6c87942a7c4ddc31438fd205ea3
c1b65019a24d682764b614da8c785d16039049c90b619d7d053420dc39c6cbff
c7f13a468d60a65004bc637fcb7ebff7d7a4997384086921e2dc958a8e29eca5
ce48b56b01494add2ac61f03dc9ebed9afa5ca880bac8122bdc12637e775a326
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe0a4e83927b1dbabba7682082338520b9a150ce2c51ae2298638bc52ed3deb
cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d5c1b6eb1056a7d5ede46dddbc144cb3fb6e796e2247e9dc91f0e6271599e520
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e20081a9e7faba9195f8e999fc4ea1a614bbdbb22b8cc219a7d742f767aa23d2
e38c283cf693ccc86f81942e7cae20849f0cfd639bfd5e7362677d91e8f0d4b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43e078b242c478fb2a0d2e8d1b21dabc9cf8ab15a33d82a8b18a81570ecde26
e4a96fc72b3ccb154010e860d52711beddc6fbbd5c76e56c48a26464043c3414
e780161d7385afdbd4a7988ee9915a9ae6dc77e6d447d6c73bb3547dfe0010ae
e7b43567491c251c9cd052c69fe953de1b1e8a86ad15fafc20692b513bc4e49d
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5
e8cc1bea13a89334c12383cb26594a1e27901916a8b5abefc40f1875b3cf2c90
e9d73357762106b18f76b3928abdb163ed12ce82ea8f813437b05b13bb4c9551
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f532d62797e0a52322a5bd0820339315268535b757038d29244c345bd251452e
f78a10cfffe095c1c649948bdc73c4fcb44f54d7648c592b814090a9ce8afce8
fabf72e32ab595f617a78bba18d0372a6781e78933487a35c9a96839e1ee125e
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
ffeb34448f827fdf91755e6b7d08837ccde47f516b7b6f12a3e94f6f05d33300