www.bankinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://contact.alsid.com/e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W...
Effective URL:
https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medi...
Submission: On October 08 via api (October 8th 2020, 1:29:05 am UTC) from SG

Summary HTTP 247 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 36 domains to perform 247 HTTP transactions. The main IP is 50.56.167.254, located in San Antonio, United States and belongs to RMH-14, US. The main domain is www.bankinfosecurity.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 16th 2020. Valid for: a year.

This is the only time www.bankinfosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6811:83b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	50.56.167.254 50.56.167.254	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
80	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	104.130.251.6 104.130.251.6	33070 (RMH-14) (RMH-14)
17	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1 8	34.249.122.179 34.249.122.179	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:2b0... 2a02:26f0:2b00:7b2::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.20.5.43 104.20.5.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.186.208 13.224.186.208	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1480:400... 2600:1480:4000:e5::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
3	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
16	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	3.89.179.232 3.89.179.232	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.251.184.34 34.251.184.34	16509 (AMAZON-02) (AMAZON-02)
2 2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	63.33.218.134 63.33.218.134	16509 (AMAZON-02) (AMAZON-02)
2 2	52.210.253.186 52.210.253.186	16509 (AMAZON-02) (AMAZON-02)
1 2	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1 4	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	104.20.4.43 104.20.4.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
247	40

2 2606:4700::6811:83b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

contact.alsid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 50.56.167.254 (San Antonio, United States)

ASN33070 (RMH-14, US)

www.bankinfosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2.18.233.88 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.130.251.6 (San Antonio, United States)

ASN33070 (RMH-14, US)

worker.ismgcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bankinfosecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.249.122.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2b00:7b2::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.20.5.43 (United States)

ASN13335 (CLOUDFLARENET, US)

chatserver.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vue.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chatserver3.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.208 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-208.fra2.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1480:4000:e5:: (United States)

ASN33905 (AKAMAI-AMS, EU)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

051-zxi-237.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f390373f8323dfa8d6af1b39e1633bd7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.89.179.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-179-232.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.184.34 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-184-34.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.218.134 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-218-134.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.253.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-253-186.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.27.153 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.150 (Southampton, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.4.43 (United States)

ASN13335 (CLOUDFLARENET, US)

chatserver3.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	rackcdn.com 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	8 MB
32	googlesyndication.com f390373f8323dfa8d6af1b39e1633bd7.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	636 KB
32	bankinfosecurity.com www.bankinfosecurity.com	462 KB
17	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	119 KB
9	ml314.com 1 redirects ml314.com in.ml314.com	16 KB
9	googletagservices.com www.googletagservices.com	243 KB
7	google.com adservice.google.com www.google.com	246 B
5	comm100.com chatserver.comm100.com vue.comm100.com chatserver3.comm100.com	249 KB
5	gstatic.com fonts.gstatic.com	46 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	twitter.com platform.twitter.com	31 KB
3	sitescout.com pixel.sitescout.com	458 B
3	disquscdn.com c.disquscdn.com	223 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	twimg.com pbs.twimg.com	7 KB
3	disqus.com bankinfosecurity.disqus.com disqus.com	30 KB
3	addthis.com s7.addthis.com m.addthis.com	114 KB
2	basis.net 1 redirects cdn01.basis.net pixel-a.basis.net	1 KB
2	eyeota.net 1 redirects ps.eyeota.net	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1008 B
2	adsrvr.org 2 redirects match.adsrvr.org	928 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	802 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	mktoresp.com 051-zxi-237.mktoresp.com	622 B
2	googletagmanager.com www.googletagmanager.com	71 KB
2	marketo.net munchkin.marketo.net	7 KB
2	alsid.com 1 redirects contact.alsid.com	3 KB
1	google.de adservice.google.de	890 B
1	licdn.com snap.licdn.com	2 KB
1	crazyegg.com script.crazyegg.com	2 KB
1	addthisedge.com v1.addthisedge.com	358 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	820 B
1	bizographics.com sjs.bizographics.com	761 B
1	moatads.com z.moatads.com	1 KB
1	ismgcorp.com worker.ismgcorp.com	408 B
1	googleapis.com fonts.googleapis.com	1 KB
247	36

	Domain	Requested by
32	www.bankinfosecurity.com	contact.alsid.com www.bankinfosecurity.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
20	130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net contact.alsid.com www.bankinfosecurity.com
14	dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
13	75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
10	0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
9	www.googletagservices.com	www.bankinfosecurity.com securepubads.g.doubleclick.net
8	ml314.com	1 redirects www.bankinfosecurity.com ml314.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.bankinfosecurity.com
6	www.google.com	securepubads.g.doubleclick.net
6	6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.bankinfosecurity.com www.google-analytics.com
4	platform.twitter.com	www.bankinfosecurity.com platform.twitter.com
4	21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
4	fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
4	4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
3	pixel.sitescout.com	www.bankinfosecurity.com
3	chatserver3.comm100.com	vue.comm100.com
3	c.disquscdn.com	bankinfosecurity.disqus.com
3	pbs.twimg.com	www.bankinfosecurity.com
3	dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
2	ps.eyeota.net	1 redirects www.bankinfosecurity.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dpm.demdex.net	1 redirects www.bankinfosecurity.com
2	disqus.com	bankinfosecurity.disqus.com
2	px.ads.linkedin.com	1 redirects www.bankinfosecurity.com
2	051-zxi-237.mktoresp.com	munchkin.marketo.net
2	www.googletagmanager.com	www.bankinfosecurity.com
2	munchkin.marketo.net	www.bankinfosecurity.com munchkin.marketo.net
2	f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
2	s7.addthis.com	www.bankinfosecurity.com s7.addthis.com
2	contact.alsid.com	1 redirects
1	pixel-a.basis.net	1 redirects
1	cdn01.basis.net	www.googletagmanager.com
1	vue.comm100.com	chatserver.comm100.com
1	in.ml314.com	ml314.com
1	f390373f8323dfa8d6af1b39e1633bd7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	snap.licdn.com	sjs.bizographics.com
1	script.crazyegg.com	dnn506yrbagrg.cloudfront.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	dnn506yrbagrg.cloudfront.net	www.bankinfosecurity.com
1	chatserver.comm100.com	www.bankinfosecurity.com
1	sjs.bizographics.com	www.bankinfosecurity.com
1	bankinfosecurity.disqus.com	www.bankinfosecurity.com
1	z.moatads.com	s7.addthis.com
1	worker.ismgcorp.com	www.bankinfosecurity.com
1	fonts.googleapis.com	www.bankinfosecurity.com
247	56

This site contains links to these domains. Also see Links.

Domain
www.cuinfosecurity.com
www.govinfosecurity.com
www.healthcareinfosecurity.com
www.inforisktoday.com
www.careersinfosecurity.com
www.databreachtoday.com
www.devicesecurity.io
www.fraudtoday.io
www.paymentsecurity.io
www.bankinfosecurity.co.uk
www.bankinfosecurity.eu
www.bankinfosecurity.in
www.bankinfosecurity.asia
ffiec.bankinfosecurity.com
omnibus.healthcareinfosecurity.com
ddos.inforisktoday.com
ransomware.databreachtoday.com
gdpr.inforisktoday.com
covid19.inforisktoday.com
www.facebook.com
twitter.com
www.linkedin.com
events.ismg.io
www.twitter.com
www.coveware.com
www.nomoreransom.org
www.kpn.com
www.bleepingcomputer.com
t.co
www.databreachtoday.asia
securityintelligence.inforisktoday.com
ismg.io

Subject Issuer	Validity	Valid
contact.alsid.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
ismg.io Go Daddy Secure Certificate Authority - G2	`2020-04-16` - `2021-07-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-04-19` - `2021-07-19`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
worker.ismgcorp.com Go Daddy Secure Certificate Authority - G2	`2020-02-13` - `2021-04-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2020-03-23` - `2022-03-28`	2 years	crt.sh
*.comm100.com DigiCert SHA2 Secure Server CA	`2020-02-12` - `2022-04-15`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
pbs.twimg.com DigiCert SHA2 High Assurance Server CA	`2020-08-05` - `2021-08-10`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
cdn01.basis.net Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2021-06-12`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh

This page contains 16 frames:

Primary Page: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Frame ID: A2FDDA00B878921C3F6CAA5F9795FD5E
Requests: 177 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4F844B0CB0E1BF6B22D3413DE508583B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2BDB485F955B6A7AB5A8266BB442AD22
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.bankinfosecurity.com
Frame ID: 1F827BB57EAFAEF91587B081907D6093
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1216351931020476417&lang=en&origin=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Frame ID: 9ABA90B2930F2A8BE4EE890AF466F92E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUZShKwTgM0wq6M_QrblJlmrHfEPlDbQfi6Htf_aMTtQirofbn6aj8ZUydTeJjvdh6qdKHu9gO89sWkpOVljNo6iSsxvR0GHtXwEpEHO9Arkc9ZZiHcgf6zol8siXn2VPiCRZKi3EN9IedFIsNAVHw_N0Bmq8ogJZVXCeFhXq_Gp1WQhCSMl_VHGYqnU7W192Ph5Nu_f5ixgvIsP2_WQKqhw34x9ctdTY8-gwHQDl-jQcNDUG983Pkbnybzh_qGqsNTjQuOnfb9fRH4xs7r7Q&sai=AMfl-YSUeOyht9Olo7Dn_WxV3meuabEtKc6vW5YknRUYQEsnCE8Umq0hU6Ph6P9Blw0b8z3K3y0GCrjlfj5vE6p-B0O-8n3tPdiqqcTRC79AXorzx83775sxE6seU4_QCNw&sig=Cg0ArKJSzCmyzUiT9OQiEAE&adurl=
Frame ID: 436609D30ECC026ABEE9FF50E889525E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqn_P-3mQOJJ8gWDE61On5kYd3D1gl70h3QuPhp9p98l4lwXv-YXh6S3K4jJzx6t4vEp6y3FRwF3VFhzKK4xSAToncgpbte2tHrsXvtkLBPP3bquw7XbkIWxVIFQXiS-Gpo8GfOiOlUVnvUCeuWKpPRPvUVzfTU3KM3ThaiDHx5NkiK1UEp8gJbGDNuFPXnVy_Xz99jdblK_39I9uZgupVbSs5_mB2__AuQ9M694VMcaI7XZszO4KI8GjP5XrsrFTjWiUAYI7q_WAuD1BspUTjM2FP&sai=AMfl-YTje3uT_o5V9zwEni9-6w3EDbMCvDjY9_32uolZXODPrkAMsCMwArE4LKoCbHUiYeBtAWK9FT0eZgbgqcKimPllN7GzcnEv27gO61PJxilrD3RbwJcEM_UK9jFmpYM&sig=Cg0ArKJSzKNMnvMYSND7EAE&adurl=
Frame ID: 8384573268006148DF6E55771C1450C4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttx1LrfpBdYQbTZfxzfnbkqBZ0eiEtDPHD5Vv287M6FdWcHJuQmpcoKMdzt7A8FfA_8xmL1r8bmFmHpEEMsHc5t5omwRJTSAUmshdG7lLPxv4Z8MawLzZYDJJws17TY5M_vTYkZXunDAKs20HivDz38khSiZ7fDnxqWFBsRWYAUWKX7CXvd1Xgo4POzZhe-rbhKSKCffZmRBHfF4U8OodaVzE0FyLePDSr2U4pdAQCfTIu3cfDjrxqY0dvnjKjOst3XfNAEpoRAhK3wT_BPky-GWhIEf8&sai=AMfl-YSr7xRXhMynKzqocW3ziKBGNvel_ky6znYLFGtFHBITXs0V0phuW03AHbMMTn14Vt_I_pV7kS0_Y192bxHpjtuzy2XG79HW2J8y1dnvOhOudAlP2zVBGfT8m0gJ8Tg&sig=Cg0ArKJSzBO5EevM7mFKEAE&adurl=
Frame ID: 56A83A62851EE60A7917843DDD2B2BAE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnBV_bbW-7C2tvbf8oi0djNFDKwU3mXxu4pD2_oT49X5pbKtzG3VIKLHdFk4CArR7cOxIqpmlMDZjY2RwTPUNG4fBTNzQFXNmPqbPkpi8qWmqpAeAHE8PeI5vRDeEFigr4ZEa9ZLpYs1dz6amwPZnDlhhdyHSHkg927SvboTotfbJYUC5hPIK6Hk16Evvt0tVDfzBWPDXOBmNxg3Wiez6uIVr3Le2UcEb-UVGC76mtMn6XF-QaPLIiOPTEsjpWD1P9F9v2OSni2MoYLSSE-NMtm7tk&sai=AMfl-YSogSXb8CeTj3l0EufaGtKNB20R9kYdsNEjfGFRBwBbVaeMOsmn6NwPGxhtjdHfMsdpWlr1qepUBxN0ALI9JIrmc6NvF8fH5v8QNx6aHEZRVoQxa5iovbbEayaLdOg&sig=Cg0ArKJSzFZu5GvUef6cEAE&adurl=
Frame ID: 621C8434CAEBDEA182798682C41C4759
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9YvwahtyVu0ZLKPxP2IB7DEzMufc3eh0uu7ar4We7SXFDP3T4oOMEki_4dRr2Rfu2BswesQi9hrqohzriM2C4sXV9qibXsWNdPK1Qzdtr0d9rlyvw-4DyTG4zRJxNQU7MJiPZmgGn0i-iFKCIdLouTRJd7u87PmcPoP9CsKzzzFKCAw-VaDp1fZFmQAg6-lJNfrqDcL4o2vaFadqyTzGPWniWlUoUcHz5CBZXAI1JwyTNpwYknmm77MJZcwkA5xx35-Ilr9EDut8JLm-23muFeDQ&sai=AMfl-YT10hnEwCoQNNxGZFa_l9Pc5a3dssne9VG8Z_Rao2zGW8RoHUu9Xoh23M3V6nvT8gstnp4EDUvDe-O3Tql-AWV-s0H5VlDROFUdKyFIO17dtmDsTb1ZIvh_WEUwXPY&sig=Cg0ArKJSzJmJkLMUTgDgEAE&adurl=
Frame ID: A52C21D1D4ED9BBA65B62884B2F7FB93
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyLKKstUiKa4F07LDlTLdJu6GLjZkKEGiarKmCv9wdXmyayOl4aWn_g-sg09J1BKndNj4aD-pk7Mm9_o2ag8Id9SeKtishxNdaYi23x7CdBNa3y1qGXprKTUrUFvc4xOv-S5z4b7W0BUAe-X3msN6agfxx_BHtQzy3v1hQJFJtChXbAU0YkbaZP0L5mbcfjs0XR468Pwxt8E9fzJFER3b_47M5KSz9nrGGVuUVajxFJijsUk_yVkp8oTJcNywbt4UOd11cBvPoh_ZHtaNX_UQQKw&sai=AMfl-YRqADEuxUHp8qe-K6wgYWarI522bBCF6R77kJkhHVhT5rrlrBtme_eCLFT7xK8A0o6uvi12XQy2mxpQHAdeoX7LLLZxtuqES4n4AzysW12S_MOqhp7-PR44MjEJwn8&sig=Cg0ArKJSzCZcCY33_qkWEAE&adurl=
Frame ID: 818FCA8A9D475694B0353092E92C4996
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudrztzVgg9JPNrplczh9PQZdVB37X43JW78aJrTejvokzOjRU_RvMDjhw-KTv1sNefk5XNP074fm0cxlqweWThbgfauiXSIttqrkTW1MjFYebhajoQ5O9mj9ZBBBEA_i-wUjriAIVQnKPhCXHQ_knAXBfGMEX76KxlIfatHs7BLfw2vRGlNsmGPJ9XoixmlO1kOeImdDfTnxtWL5ab6Dv4WNOqyA3LXuelWv7gN-DkvRabgpxYUD8mlcboagW93H1Rb8kDoH8HFNCQNU8&sai=AMfl-YRgNy4izD62fi1jZWeCM7EIwPS5ADANF3Gv1BhPmM9HCCy0WXj-ZIVIaJhBdkJsQj2upW5RPnfU8Apc9HrmLM6PgOYZqBdnM8KIY07IxnvYbDhAyuXNuBnkuU7K5Wk&sig=Cg0ArKJSzCEyR_wQzbXFEAE&adurl=
Frame ID: 74D881CEDF398A69495DBB5A8BA1C7B7
Requests: 9 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&t_d=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&t_t=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&s_o=default
Frame ID: 24220ADE45E0993B1A30AC46A69ED615
Requests: 1 HTTP requests in this frame

Frame: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Frame ID: A3735ADB6CEF3D1453837ED7046EA657
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 5E5BB8EB31334C1E4B216A445039B34F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 966471B6DFB90369AC0F120538605F92
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://contact.alsid.com/e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q2... Page URL
https://contact.alsid.com/events/public/v1/track/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9L... HTTP 307
https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%2... Page URL

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

script /\/tiny_?mce(?:\.min)?\.js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

AddThis (Widgets) Expand

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

ShareThis (Widgets) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

Page Statistics

247
Requests

96 %
HTTPS

49 %
IPv6

36
Domains

56
Subdomains

40
IPs

8
Countries

10919 kB
Transfer

17884 kB
Size

0
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cuinfosecurity.com/
Title: CUInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.govinfosecurity.com/
Title: GovInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/
Title: HealthcareInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.inforisktoday.com/
Title: InfoRiskToday

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/
Title: CareersInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/
Title: DataBreachToday

Search URL Search Domain Scan URL

URL: https://www.devicesecurity.io/
Title: DeviceSecurity

Search URL Search Domain Scan URL

URL: https://www.fraudtoday.io/
Title: FraudToday

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/
Title: PaymentSecurity

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.co.uk/
Title: UK

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.eu/
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/
Title: Asia

Search URL Search Domain Scan URL

URL: https://ffiec.bankinfosecurity.com/
Title: FFIEC

Search URL Search Domain Scan URL

URL: https://omnibus.healthcareinfosecurity.com/
Title: HIPAA Omnibus

Search URL Search Domain Scan URL

URL: https://ddos.inforisktoday.com/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://ransomware.databreachtoday.com/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://gdpr.inforisktoday.com/
Title: GDPR

Search URL Search Domain Scan URL

URL: https://covid19.inforisktoday.com/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/mobile-wallets-emerging-fraud-w-1074

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/mobile-payments-byod-vulnerabilities-threats-remedies-w-852

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/emerging-payment-channels-technologies-infrastructures-ensuring-robust-w-826

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/visa-on-future-payment-card-security-w-746

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/rise-cryptocurrency-malware-w-1780

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/employer-center
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/bankinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/BnkInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/information-security-media-group-corp-ismg/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-chicago-il-2020/?rf=trending
Title: Virtual Cybersecurity & Fraud Summit Chicago - Oct. 13

Search URL Search Domain Scan URL

URL: https://www.twitter.com/euroinfosec
Title: euroinfosec

Search URL Search Domain Scan URL

URL: https://www.coveware.com/blog/2020/1/22/ransomware-costs-double-in-q4-as-ryuk-sodinokibi-proliferate
Title: Coveware says

Search URL Search Domain Scan URL

URL: https://www.nomoreransom.org/
Title: No More Ransom

Search URL Search Domain Scan URL

URL: https://www.kpn.com/security-blogs/Tracking-REvil.htm
Title: KPN's security team

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/ryuk-ransomware-uses-wake-on-lan-to-encrypt-offline-devices/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: https://twitter.com/VK_Intel/status/1216351931020476417
Title: Vitali Kremez

Search URL Search Domain Scan URL

URL: https://twitter.com/euroinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/cybersec_feeds
Title: cybersec_feeds

Search URL Search Domain Scan URL

URL: http://twitter.com/jamesvgingerich
Title: @jamesvgingerich

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23CyberSecurity
Title: #CyberSecurity

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313999483454320640
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23COVID
Title: #COVID

Search URL Search Domain Scan URL

URL: https://t.co/oUHtur7KvP
Title: https://t.co/oUHtur7KvP

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313995251456057345
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/Hypori_VM
Title: @Hypori_VM

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313995124720967681
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/Seceon_Inc
Title: Seceon_Inc

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23aiSIEM
Title: #aiSIEM

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23aiXDR
Title: #aiXDR

Search URL Search Domain Scan URL

URL: https://t.co/tIg8cSHelc
Title: https://t.co/tIg8cSHelc

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313994409432805379
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/DataBreachToday
Title: DataBreachToday

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23phishing
Title: #phishing

Search URL Search Domain Scan URL

URL: https://t.co/zlsV6kWVjN
Title: https://t.co/zlsV6kWVjN

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313994013532250112
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/search/realtime?q=bankinfosecurity%20OR%20inforisktoday%20OR%20healthcareinfosecurity%20OR%20govinfosecurity%20OR%20careersinfosecurity%20OR%20databreachtoday%20OR%20cuinfosecurity%20OR%20from:euroinfosec%20OR%20from:ISMG_asia%20OR%20from:bnkinfosecurity%20OR%20from:cuinfosecurity%20OR%20from:fraudblogger%20OR%20from:govinfosecurity%20OR%20from:mariannemcgee%20OR%20from:gen_sec%20OR%20from:securityeditor%20OR%20from:healthinfosec%20OR%20from:careersinfosec%20OR%20from:databreachtoday%20OR%20from:inforisktoday%20OR%20from:ISMG_news%20OR%20from:ismg_press&src=hash
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/mss-risk-controls-analyst-svp-citi-new-york-ny-new-york-i-1900449
Title: MSS Risk & Controls Analyst (SVP) - Citi - New York, NY

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/operational-risk-management-governance-vp-bank-china-new-york-ny-new-york-i-1902350
Title: Operational Risk Management Governance VP - Bank of China - New York, NY

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/chief-information-security-officer-ciso-new-york-city-nyc-housing-i-1892601
Title: Chief Information Security Officer (CISO) - New York City NYC HOUSING AUTHORITY - New York, NY

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/chief-information-security-officer-ciso-director-freeport-mcmoran-phoenix-i-1894031
Title: Chief Information Security Officer (CISO) - Director IT - Freeport McMoRan - Phoenix, AZ

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/vp-digital-product-risk-compliance-peoples-united-bank-bridgeport-ct-i-1899607
Title: VP, Digital Product Risk and Compliance - People's United Bank - Bridgeport, CT

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/roger-severino-lead-hipaa-enforcer-on-fighting-hackers-i-4777
Title:

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.asia/interviews/5-key-features-ransomware-mitigation-i-4767
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-are-darknet-markets-here-to-stay-i-4769
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/panel-discussion-securing-digital-payments-i-4778
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-chinese-database-exposure-cause-for-concern-i-4768
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/digital-identity-gaining-momentum-i-4776
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/achieving-scalable-ddos-protection-managed-services-i-4770
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-mcafees-planned-ipo-i-4775
Title:

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/compliance-2-new-health-data-regs-avoiding-pitfalls-i-4772
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/how-virtual-cards-could-mitigate-merchant-fraud-risk-i-4771
Title:

Search URL Search Domain Scan URL

URL: https://securityintelligence.inforisktoday.com/
Title: Security Intelligence

Search URL Search Domain Scan URL

URL: https://ismg.io/
Title: Information Security Media Group, Corp.

Search URL Search Domain Scan URL

URL: https://ismg.io/about-us
Title: About ISMG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://contact.alsid.com/e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T7y6_wPW353C9X4wtnMJVwkXgB6YBvTxW8vzqJD66qFJlN4L1LBWgFMvSW165ZR-7714BlW6FzX046jJ02jW4DGPsV6zd6N9W1Q_hTG7yVh_RW3hB7-17f-HrtW63KklB495j22W3_Nc578XjqnRVd1zP049MqVlW6Jbfg_5k2_c2VFVP036n8XGpW1zg3sG2QzDjrN4yyPV3wb5XxW2w4F9Q3m6mqw35wM1 Page URL
https://contact.alsid.com/events/public/v1/track/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T7y6_wPW353C9X4wtnMJVwkXgB6YBvTxW8vzqJD66qFJlN4L1LBWgFMvSW165ZR-7714BlW6FzX046jJ02jW4DGPsV6zd6N9W1Q_hTG7yVh_RW3hB7-17f-HrtW63KklB495j22W3_Nc578XjqnRVd1zP049MqVlW6Jbfg_5k2_c2VFVP036n8XGpW1zg3sG2QzDjrN4yyPV3wb5XxW2w4F9Q3m6mqw35wM1?_ud=8a454838-03bf-4bd3-92f8-0c184ff11cdb&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120504342&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%20Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1602120504342%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%252Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%253Futm_campaign%253DEvent%2BPromotions%2526utm_medium%253Demail%2526_hsmi%253D96683910%2526_hsenc%253Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%2526utm_content%253D96683910%2526utm_source%253Dhs_email%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120504342&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent+Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&liSync=true

Request Chain 222

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3613665788828844043&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665788828844043&redir=

Request Chain 223

https://idsync.rlcdn.com/395886.gif?partner_uid=3613665788828844043 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMzY2NTc4ODgyODg0NDA0MxAAGg0Iudb5-wUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=1d594d98e1de5140842fe9eb1a9a746a91d2d70135a0a675ce9198a53f670fe9f4cb09cee1a4f8eb&person_id=3613665788828844043&eid=50082

Request Chain 224

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=6ade344b-abdd-4e2a-bab5-0901459c943b HTTP 302
https://ml314.com/csync.ashx?fp=6ade344b-abdd-4e2a-bab5-0901459c943b&person_id=3613665788828844043&eid=53819

Request Chain 225

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665788828844043 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665788828844043 HTTP 302
https://ml314.com/csync.ashx?fp=ff5af12fdc3c1a6fbb46a75a5b763f17&eid=50146&person_id=3613665788828844043

Request Chain 226

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

Request Chain 236

https://pixel-a.basis.net/iap/64ead273d1f41aa7 HTTP 301
https://pixel.sitescout.com/iap/64ead273d1f41aa7

247 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T... Show response
contact.alsid.com/e2t/tc/ 9 KB
3 KB 64ms
46ms Document
text/html 2606:4700::6811:83b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://contact.alsid.com/e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T7y6_wPW353C9X4wtnMJVwkXgB6YBvTxW8vzqJD66qFJlN4L1LBWgFMvSW165ZR-7714BlW6FzX046jJ02jW4DGPsV6zd6N9W1Q_hTG7yVh_RW3hB7-17f-HrtW63KklB495j22W3_Nc578XjqnRVd1zP049MqVlW6Jbfg_5k2_c2VFVP036n8XGpW1zg3sG2QzDjrN4yyPV3wb5XxW2w4F9Q3m6mqw35wM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5b342fef792e0966f734e1aaf8ca27f9411bb3b11cdf0d0c42daccc83359ee

Request headers

:method: GET
:authority: contact.alsid.com
:scheme: https
:path: /e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T7y6_wPW353C9X4wtnMJVwkXgB6YBvTxW8vzqJD66qFJlN4L1LBWgFMvSW165ZR-7714BlW6FzX046jJ02jW4DGPsV6zd6N9W1Q_hTG7yVh_RW3hB7-17f-HrtW63KklB495j22W3_Nc578XjqnRVd1zP049MqVlW6Jbfg_5k2_c2VFVP036n8XGpW1zg3sG2QzDjrN4yyPV3wb5XxW2w4F9Q3m6mqw35wM1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 01:28:21 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d743e6dacfebf58c8ffb975b4c431842c1602120501; expires=Sat, 07-Nov-20 01:28:21 GMT; path=/; domain=.contact.alsid.com; HttpOnly; SameSite=Lax __cfruid=49e450de24da6774a3aa2462cbb5cc8a8ab65e8b-1602120501; path=/; domain=.contact.alsid.com; HttpOnly; Secure; SameSite=None
cf-ray: 5dec15ae48b396da-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 05a76be0eb000096da6f08e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request

Cookie set ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654 Show response
www.bankinfosecurity.com/
Redirect Chain

https://contact.alsid.com/events/public/v1/track/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg...
https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6...

377 KB
56 KB

656ms
247ms

Document
text/html

50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Requested by

Host: contact.alsid.com
URL: https://contact.alsid.com/e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T7y6_wPW353C9X4wtnMJVwkXgB6YBvTxW8vzqJD66qFJlN4L1LBWgFMvSW165ZR-7714BlW6FzX046jJ02jW4DGPsV6zd6N9W1Q_hTG7yVh_RW3hB7-17f-HrtW63KklB495j22W3_Nc578XjqnRVd1zP049MqVlW6Jbfg_5k2_c2VFVP036n8XGpW1zg3sG2QzDjrN4yyPV3wb5XxW2w4F9Q3m6mqw35wM1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

a7a4bbb8d67be3c9f040e20e99ab132b9af6f99971d112f74751aa3347d15807

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: www.bankinfosecurity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://contact.alsid.com/e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T7y6_wPW353C9X4wtnMJVwkXgB6YBvTxW8vzqJD66qFJlN4L1LBWgFMvSW165ZR-7714BlW6FzX046jJ02jW4DGPsV6zd6N9W1Q_hTG7yVh_RW3hB7-17f-HrtW63KklB495j22W3_Nc578XjqnRVd1zP049MqVlW6Jbfg_5k2_c2VFVP036n8XGpW1zg3sG2QzDjrN4yyPV3wb5XxW2w4F9Q3m6mqw35wM1

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=hggm85vjh7062skj2lepf8fjtt; expires=Thu, 08-Oct-2020 05:28:22 GMT; Max-Age=14400; path=/ _advert=false; expires=Fri, 09-Oct-2020 01:28:22 GMT; Max-Age=86400; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

status: 307
date: Thu, 08 Oct 2020 01:28:21 GMT
location: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
cf-ray: 5dec15ae98c596da-FRA
link: <https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 05a76be123000096da6f091200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H/1.1 200
OK jquery-ui.min.css
www.bankinfosecurity.com/css-responsive/vendor/ 25 KB
5 KB 343ms
131ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/jquery-ui.min.css?s=1602120502.2031

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4896

GET
H/1.1 200
OK mediaelementplayer-updated.css
www.bankinfosecurity.com/css-responsive/vendor/ 11 KB
3 KB 394ms
130ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/mediaelementplayer-updated.css?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2622

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 22ms
17ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Oct 2020 23:55:26 GMT
server: ESF
date: Thu, 08 Oct 2020 01:28:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Oct 2020 01:28:22 GMT

GET
H/1.1 200
OK main.css
www.bankinfosecurity.com/css-responsive/ 231 KB
42 KB 404ms
139ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/main.css?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43006

GET
H/1.1 200
OK prettyPhoto.css
www.bankinfosecurity.com/css-responsive/ 21 KB
3 KB 403ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/prettyPhoto.css?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2840

GET
H/1.1 200
OK bis-hdr.desktop.r2.css
www.bankinfosecurity.com/css-responsive/vendor/ 8 KB
2 KB 403ms
134ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.desktop.r2.css?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1956

GET
H/1.1 200
OK bis-hdr.mobile.r2.css
www.bankinfosecurity.com/css-responsive/vendor/ 9 KB
2 KB 404ms
134ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.mobile.r2.css?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2133

GET
H/1.1 200
OK font-awesome.min.css
www.bankinfosecurity.com/css-responsive/vendor/ 22 KB
5 KB 474ms
131ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5049

GET
H/1.1 200
OK jquery.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 91 KB
33 KB 528ms
135ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33094

GET
H/1.1 404
Not Found modernizr.js
www.bankinfosecurity.com/javascripts-responsive/vendor/ 0
0 577ms
173ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/modernizr.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 35 KB
9 KB 540ms
135ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/bootstrap.min.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9328

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 21 KB
7 KB 538ms
134ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.min.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6689

GET
H/1.1 200
OK mediaelement-and-player-updated.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 154 KB
38 KB 612ms
139ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/mediaelement-and-player-updated.min.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 38476

GET
H/1.1 200
OK tinymce.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 295 KB
101 KB 664ms
140ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/tinymce.min.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.validate.bootstrap.popover.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 673ms
134ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.bootstrap.popover.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 926

GET
H/1.1 200
OK jquery.placeholder.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 676ms
135ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.placeholder.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 922

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 222 KB
60 KB 762ms
142ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery-ui.min.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 61345

GET
H/1.1 200
OK crypt_des.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 9 KB
3 KB 775ms
130ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/crypt_des.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2857

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 77ms
31ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 08 Oct 2020 01:28:23 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H/1.1 200
OK headerlogo-bis.png
www.bankinfosecurity.com/images-responsive/logos/ 2 KB
2 KB 132ms
131ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logos/headerlogo-bis.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1682

GET
H/1.1 200
OK dhs-russia-poses-greatest-threat-to-election-showcase_image-9-a-15132.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 344 KB
344 KB 127ms
44ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/dhs-russia-poses-greatest-threat-to-election-showcase_image-9-a-15132.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c4accf30afc031dcb451116c98478ec576f272fd4c3a2238e75de4a9de4783c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 07 Oct 2020 20:49:43 GMT
X-Trans-Id: txd540292ad05e41dcadfc0-005f7e2ee2dfw1
ETag: a0ef8abce71b7e37743b0ed4c6be2c3f
Content-Type: image/jpeg
X-Timestamp: 1602103782.12570
Cache-Control: public, max-age=70930
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 352306
Expires: Thu, 08 Oct 2020 21:10:33 GMT

GET
H/1.1 200
OK microsoft-warns-iranian-hackers-exploiting-zerologon-flaw-showcase_image-2-a-15128.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 97 KB
97 KB 122ms
39ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/microsoft-warns-iranian-hackers-exploiting-zerologon-flaw-showcase_image-2-a-15128.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6699f01143db728abd2c63ea26e7d067b8908bf6cb84059653757aff1dd885d6

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 07 Oct 2020 14:38:27 GMT
X-Trans-Id: tx4e068d5e2968491e90060-005f7dd6b1dfw1
ETag: 00dd6468a532309ebbc74ef2445f7f84
Content-Type: image/jpeg
X-Timestamp: 1602081506.06658
Cache-Control: public, max-age=48369
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98818
Expires: Thu, 08 Oct 2020 14:54:32 GMT

GET
H/1.1 200
OK heh-botnet-targets-telnet-on-iot-devices-showcase_image-5-a-15127.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 189 KB
189 KB 119ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/heh-botnet-targets-telnet-on-iot-devices-showcase_image-5-a-15127.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ccfdf42877037670930e65c205ea0353531575475d29d62ff8f459b72531e17

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 07 Oct 2020 02:59:39 GMT
X-Trans-Id: txa9ca44f75fca4338be81f-005f7dbdb9dfw1
ETag: f4908da9f07a230faa0e9b869ba6837f
Content-Type: image/jpeg
X-Timestamp: 1602039578.87072
Cache-Control: public, max-age=41918
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 193390
Expires: Thu, 08 Oct 2020 13:07:01 GMT

GET
H/1.1 200
OK fileless-malware-injected-in-windows-error-reporting-service-showcase_image-4-a-15129.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 175 KB
176 KB 142ms
37ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/fileless-malware-injected-in-windows-error-reporting-service-showcase_image-4-a-15129.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7bd0b1c71678463acb8f96f3a6cd4eeda6ee0c196ded8bf557ac5b2b5ae864a

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 07 Oct 2020 14:50:10 GMT
X-Trans-Id: tx55dcce0ffc7d470a9ef75-005f7dd9c2dfw1
ETag: 704189cfe73c7b6ffdec234718868073
Content-Type: image/jpeg
X-Timestamp: 1602082209.21098
Cache-Control: public, max-age=49209
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179403
Expires: Thu, 08 Oct 2020 15:08:32 GMT

GET
H/1.1 200
OK digital-identity-gaining-momentum-showcase_image-10-i-4776.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 88 KB
88 KB 99ms
39ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/digital-identity-gaining-momentum-showcase_image-10-i-4776.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8a3f3e789888cc4d06c6168c575b44481339a6cf22395a0f1ae232090937af9

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 05 Oct 2020 15:12:46 GMT
X-Trans-Id: txec3838cfa08841c88059f-005f7b3ec1dfw1
ETag: 00579821632cf1bfdf0b03665711cb2e
Content-Type: image/jpeg
X-Timestamp: 1601910765.81193
Cache-Control: public, max-age=35281
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89699
Expires: Thu, 08 Oct 2020 11:16:24 GMT

GET
H/1.1 200
OK analysis-mcafees-planned-ipo-showcase_image-5-i-4775.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 87 KB
88 KB 120ms
59ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-mcafees-planned-ipo-showcase_image-5-i-4775.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8388d38e2cc888f21ec1c50862c6565f1305d98f75a4e86989df4e27a3028a0d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 01 Oct 2020 15:39:32 GMT
X-Trans-Id: tx4cb54743ed364137b88bb-005f76e74fdfw1
ETag: 7cd51ce6ee5fc8a8bbf6eadf038faeb6
Content-Type: image/jpeg
X-Timestamp: 1601566771.40359
Cache-Control: public, max-age=66861
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89482
Expires: Thu, 08 Oct 2020 20:02:44 GMT

GET
H/1.1 200
OK how-virtual-cards-could-mitigate-merchant-fraud-risk-showcase_image-7-i-4771.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 135 KB
136 KB 95ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/how-virtual-cards-could-mitigate-merchant-fraud-risk-showcase_image-7-i-4771.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf6005f6e5e8f5fbecf055ce4e63dfc6096b584acf0973e4da11a5ce408fd414

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 28 Sep 2020 11:16:49 GMT
X-Trans-Id: tx4299325e6d00429bae3b3-005f71f268dfw1
ETag: 59f4054e0f5eb557f35b43cb5c23f4da
Content-Type: image/jpeg
X-Timestamp: 1601291808.41505
Cache-Control: public, max-age=53949
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138381
Expires: Thu, 08 Oct 2020 16:27:32 GMT

GET
H/1.1 200
OK analysis-are-darknet-markets-here-to-stay-showcase_image-3-i-4769.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 99 KB
100 KB 110ms
43ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-are-darknet-markets-here-to-stay-showcase_image-3-i-4769.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f39f33327378cf5aad8b1d72b7f2c5ced2f64686ee86cd18c2a7dea386151963

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 24 Sep 2020 14:18:01 GMT
X-Trans-Id: tx6c2e1bd66ee84fc2a4f11-005f6dac41dfw1
ETag: 592cc1e056bf2756a05fc2435de1299f
Content-Type: image/jpeg
X-Timestamp: 1600957080.59637
Cache-Control: public, max-age=15471
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101694
Expires: Thu, 08 Oct 2020 05:46:14 GMT

GET
H/1.1 200
OK unable-to-throw-book-at-snowden-us-grabs-royalties-showcase_image-7-p-2950.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 103 KB
103 KB 192ms
39ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/unable-to-throw-book-at-snowden-us-grabs-royalties-showcase_image-7-p-2950.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 35f2ec4ccf6ffe8eb7d38a99ed8a62168cdbd62b6abe4190ed2f8acbd1e550cf

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 02 Oct 2020 11:11:46 GMT
X-Trans-Id: txc05dbe2228044459b26f3-005f771a53dfw1
ETag: 6c6d226a2a0bd02eae6be7e2cd05f386
Content-Type: image/jpeg
X-Timestamp: 1601637105.84973
Cache-Control: public, max-age=77083
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105083
Expires: Thu, 08 Oct 2020 22:53:06 GMT

GET
H/1.1 200
OK does-trumps-covid-19-test-result-portend-cyber-chaos-showcase_image-6-p-2951.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 55 KB
56 KB 79ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/does-trumps-covid-19-test-result-portend-cyber-chaos-showcase_image-6-p-2951.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d78489fc36dabb005c4aa9088e8bf675dbba88db0a40b22b2d6163ac2f693fac

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 02 Oct 2020 14:51:51 GMT
X-Trans-Id: tx16d664eb5f2645bcb5f59-005f775d9adfw1
ETag: 0d6fe6ace891e98b18cd3ba3267e5631
Content-Type: image/jpeg
X-Timestamp: 1601650310.06619
Cache-Control: public, max-age=16031
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56676
Expires: Thu, 08 Oct 2020 05:55:34 GMT

GET
H/1.1 200
OK how-phishing-readiness-test-goes-very-wrong-showcase_image-2-p-2948.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 181 KB
181 KB 81ms
36ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/how-phishing-readiness-test-goes-very-wrong-showcase_image-2-p-2948.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f49eaccc717300154b7e0b0ddb63a95b28cb427335e3714472eb4936cc33e8b6

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 25 Sep 2020 04:52:20 GMT
X-Trans-Id: txa105213ee56e48318e384-005f6ded52dfw1
ETag: c8071ae690780e25ca16788b46bbde47
Content-Type: image/jpeg
X-Timestamp: 1601009539.15592
Cache-Control: public, max-age=28398
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185039
Expires: Thu, 08 Oct 2020 09:21:41 GMT

GET
H/1.1 200
OK encrypted-chat-apps-arent-replacing-darknet-markets-showcase_image-9-p-2949.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 74 KB
74 KB 78ms
36ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/encrypted-chat-apps-arent-replacing-darknet-markets-showcase_image-9-p-2949.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7992bf4c67b2c0209562ea69a0788e115c7ff3ddbbb955e77be3d0311d87f058

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 25 Sep 2020 16:08:35 GMT
X-Trans-Id: tx8645d44c958041ef8f940-005f6e270bdfw1
ETag: ef6771654872051b61ce2794882f9976
Content-Type: image/jpeg
X-Timestamp: 1601050114.94117
Cache-Control: public, max-age=44178
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75593
Expires: Thu, 08 Oct 2020 13:44:41 GMT

GET
H/1.1 200
OK cyber-resilience-programs-are-so-critical-showcase_image-6-a-15119.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 38 KB
38 KB 22ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/cyber-resilience-programs-are-so-critical-showcase_image-6-a-15119.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b09605e93ea31f8a56878c649fd3d75a316485ad6485aa1c9bcfc5aae121c70f

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 06 Oct 2020 15:23:04 GMT
X-Trans-Id: tx4624e795a6fa42b38e744-005f7c9364dfw1
ETag: 3ac8b61fde3be4592d73fc8ce7929735
Content-Type: image/jpeg
X-Timestamp: 1601997783.65425
Cache-Control: public, max-age=43379
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38442
Expires: Thu, 08 Oct 2020 13:31:22 GMT

GET
H/1.1 200
OK avoiding-checklist-approach-to-privacy-showcase_image-4-a-15113.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 51 KB
51 KB 23ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/avoiding-checklist-approach-to-privacy-showcase_image-4-a-15113.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d02f9bc1c7fcb14a9b1abe6cf2f220a44fa75221025d7c9964f715f0144aa3b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 05 Oct 2020 14:49:06 GMT
X-Trans-Id: tx9f23da55c0864438a4fcd-005f7b419adfw1
ETag: fe41b41b1c77837430fc206978f50697
Content-Type: image/jpeg
X-Timestamp: 1601909345.39296
Cache-Control: public, max-age=35523
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51734
Expires: Thu, 08 Oct 2020 11:20:26 GMT

GET
H/1.1 200
OK dealing-surge-disruptionware-attacks-showcase_image-6-a-14988.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 33 KB
33 KB 25ms
24ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/dealing-surge-disruptionware-attacks-showcase_image-6-a-14988.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 94e0c0d6c127bda523dadca10142ccb5067b5881bf3f54dbd7337bc03f6fe48e

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 02 Oct 2020 13:01:34 GMT
X-Trans-Id: tx074114e89e3045b1be6b3-005f77276bdfw1
ETag: 78f770757e95ad18a7c6246cc7cee5e4
Content-Type: image/jpeg
X-Timestamp: 1601643693.99462
Cache-Control: public, max-age=80191
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33488
Expires: Thu, 08 Oct 2020 23:44:54 GMT

GET
H/1.1 200
OK profiles-in-leadership-nancy-hunter-ciso-fed-reserve-bank-philadelphia-showcase_image-5-a-15088.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 43 KB
43 KB 24ms
24ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/profiles-in-leadership-nancy-hunter-ciso-fed-reserve-bank-philadelphia-showcase_image-5-a-15088.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e23cd6ec036d05a916661b49f4ecd66267741eaca34726213635cad53239c067

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 30 Sep 2020 15:42:56 GMT
X-Trans-Id: tx4868b54aa09246239ed56-005f75d685dfw1
ETag: 857e3426a350df3e6d60a797cadcab5d
Content-Type: image/jpeg
X-Timestamp: 1601480575.48111
Cache-Control: public, max-age=1343
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43898
Expires: Thu, 08 Oct 2020 01:50:46 GMT

GET
H/1.1 200
OK fortify-comply-simplify-sensitive-data-security-privacy-using-file-centric-protect-first-approach-showcase_image-1-w-2725.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 57 KB
58 KB 175ms
36ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/fortify-comply-simplify-sensitive-data-security-privacy-using-file-centric-protect-first-approach-showcase_image-1-w-2725.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1bef2db7382c6ccb87330344baa7d41b186dae65caf68be842eff0135f7b3fd8

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 29 Sep 2020 14:28:12 GMT
X-Trans-Id: tx44c78b95e3d149b6ae456-005f744fbadfw1
ETag: 6db56c2037c4d40328a6084ed205a66a
Content-Type: image/jpeg
X-Timestamp: 1601389691.56456
Cache-Control: public, max-age=56862
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58644
Expires: Thu, 08 Oct 2020 17:16:05 GMT

GET
H/1.1 200
OK back-to-work-secure-biometric-integration-enhances-workplace-testing-solution-showcase_image-8-w-2727.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 112 KB
112 KB 159ms
36ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/back-to-work-secure-biometric-integration-enhances-workplace-testing-solution-showcase_image-8-w-2727.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 625fe25b5223dbf4bed0ba00d2b4e41a28384ba9fe952e07440b3eab0215a127

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 30 Sep 2020 13:37:10 GMT
X-Trans-Id: tx883a8d1e202d4806aea9d-005f7d02efdfw1
ETag: 57694973ce45731e953ef93488770732
Content-Type: image/jpeg
X-Timestamp: 1601473029.49827
Cache-Control: public, max-age=74206
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114203
Expires: Thu, 08 Oct 2020 22:05:09 GMT

GET
H/1.1 200
OK live-webinar-pki-as-service-exploring-benefits-selecting-provider-showcase_image-3-w-2707.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 125 KB
126 KB 168ms
47ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-pki-as-service-exploring-benefits-selecting-provider-showcase_image-3-w-2707.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 98b7a065a2fe07cffa3c706cd7feda83d067e194f82023a614c9a0b312388c46

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 24 Sep 2020 20:19:32 GMT
X-Trans-Id: txf00ab0d9998f4bd190dce-005f6e785ddfw1
ETag: 873842addf99847a641636711296a739
Content-Type: image/jpeg
X-Timestamp: 1600978771.61231
Cache-Control: public, max-age=69011
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128115
Expires: Thu, 08 Oct 2020 20:38:34 GMT

GET
H/1.1 200
OK executive-spotlight-top-priorities-for-security-leaders-in-anz-showcase_image-6-w-2705.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 23 KB
24 KB 152ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/executive-spotlight-top-priorities-for-security-leaders-in-anz-showcase_image-6-w-2705.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29a712b6b2fcbb3b269d7ed6ebf79d824565230ad888cb330850b64d7120a67b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 24 Sep 2020 19:25:08 GMT
X-Trans-Id: tx8888c67c9b614a1b820c4-005f75269fdfw1
ETag: 392ee5887a6d92c55ef3e14c0fa4fa7f
Content-Type: image/jpeg
X-Timestamp: 1600975507.73404
Cache-Control: public, max-age=28373
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23754
Expires: Thu, 08 Oct 2020 09:21:16 GMT

GET
H/1.1 200
OK live-webinar-identity-as-foundation-zero-trust-showcase_image-5-w-2634.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 80 KB
80 KB 148ms
39ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-identity-as-foundation-zero-trust-showcase_image-5-w-2634.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0fb6e91af33743bcaa2607e68f577561406f6a2e98706aad910e8b4b87b0d7bc

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 24 Aug 2020 12:25:36 GMT
X-Trans-Id: tx1ecf6b6c891c48338f890-005f6af5a1dfw1
ETag: bc70b8f6afe433af2befe92c856f3e09
Content-Type: image/jpeg
X-Timestamp: 1598271935.40072
Cache-Control: public, max-age=19961
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81837
Expires: Thu, 08 Oct 2020 07:01:04 GMT

GET
H/1.1 200
OK live-webinar-securing-industrial-iot-showcase_image-4-w-2696.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 104 KB
104 KB 148ms
45ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-securing-industrial-iot-showcase_image-4-w-2696.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c922571f00cbeeb2c51d53066b76efa9f46487ea6a5a4361fe11ae27312e5e43

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 17 Sep 2020 17:25:13 GMT
X-Trans-Id: txfe43ba8eaa8546c799358-005f72efbcdfw1
ETag: f81c100c46830e943d5bdce9cf266a20
Content-Type: image/jpeg
X-Timestamp: 1600363512.81401
Cache-Control: public, max-age=56012
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106360
Expires: Thu, 08 Oct 2020 17:01:55 GMT

GET
H/1.1 200
OK live-webinar-using-nist-privacy-framework-to-solve-common-data-privacy-problems-showcase_image-9-w-2586.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 121 KB
122 KB 30ms
30ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-using-nist-privacy-framework-to-solve-common-data-privacy-problems-showcase_image-9-w-2586.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f0ba087e5db261aad74219647cb8f9004e32305ab23ef02a162f4c79574dd90d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 04 Aug 2020 22:45:43 GMT
X-Trans-Id: txdee9c04dd7ce485594f2e-005f41dba8dfw1
ETag: ab27bc89d9e9c2a2ce3051ed9bd4e68d
Content-Type: image/jpeg
X-Timestamp: 1596581142.67433
Cache-Control: public, max-age=50494
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124345
Expires: Thu, 08 Oct 2020 15:29:57 GMT

GET
H/1.1 200
OK live-webinar-m365-security-concerns-inside-out-showcase_image-6-w-2699.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 88 KB
88 KB 23ms
23ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-m365-security-concerns-inside-out-showcase_image-6-w-2699.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4fac36753dd1c16056c04d8142125e708c1d6c44d6d5906e009cd3487917cc56

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 22 Sep 2020 01:39:35 GMT
X-Trans-Id: txd05e496bb9cc4a81bfaec-005f69595fdfw1
ETag: c61938ef5ee4ed6af124b4d21f871623
Content-Type: image/jpeg
X-Timestamp: 1600738774.69500
Cache-Control: public, max-age=50714
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90130
Expires: Thu, 08 Oct 2020 15:33:37 GMT

GET
H/1.1 200
OK stanley-f-orszula-largeImage-6-a-1656.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 34 KB
35 KB 210ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/stanley-f-orszula-largeImage-6-a-1656.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4ac70c25427ee4c5d8aab662e578c8a41238bed58fabf9a5e007f40ce2f18332

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 01 Jul 2016 16:24:59 GMT
X-Trans-Id: tx7fe53b8b229d4bb4aac8e-005f6aae47dfw1
ETag: a0188d6f0807bd81d248e5a558af21a9
Content-Type: image/jpeg
X-Timestamp: 1467390298.27380
Cache-Control: public, max-age=19347
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35299
Expires: Thu, 08 Oct 2020 06:50:50 GMT

GET
H/1.1 200
OK mathieu-krogstad-largeImage-1-a-1364.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 26 KB
26 KB 252ms
120ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/mathieu-krogstad-largeImage-1-a-1364.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 977ad6f0040516963fa6ffe06a02895625f91a75f548524f164f69a9c9c33f05

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 19 Aug 2015 15:51:10 GMT
X-Trans-Id: tx8228082eef834892b8b67-005f550782dfw1
ETag: 2167a4c85d3a319d584f430a73cfd0f9
Content-Type: image/jpeg
X-Timestamp: 1439999469.45869
Cache-Control: public, max-age=32656
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26515
Expires: Thu, 08 Oct 2020 10:32:39 GMT

GET
H/1.1 200
OK david-houlding-largeImage-4-a-686.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 75 KB
76 KB 176ms
46ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/david-houlding-largeImage-4-a-686.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5f40c4ade80ce99185995716977cf6f3d461815e79ec2a4279e605a63fc2047

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 17 Apr 2019 20:21:31 GMT
X-Trans-Id: txcce3faf7cef541a3b086d-005f53c7c2dfw1
ETag: 3568dd7c97fa25b0b862e54ac9efb275
Content-Type: image/jpeg
X-Timestamp: 1555532490.39515
Cache-Control: public, max-age=12177
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77242
Expires: Thu, 08 Oct 2020 04:51:20 GMT

GET
H/1.1 200
OK gord-jamieson-largeImage-4-a-1316.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 83 KB
83 KB 86ms
44ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/gord-jamieson-largeImage-4-a-1316.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8eb20e5580f80d3c0b7774df6da9c8b577407a05ee76a4433bd0e095d31fba59

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 08 Aug 2018 20:13:44 GMT
X-Trans-Id: tx7600d7ce4be94d3d89999-005f42178cdfw1
ETag: 21a8597cc4a71ea93c35be0551c4f562
Content-Type: image/jpeg
X-Timestamp: 1533759223.85617
Cache-Control: public, max-age=10740
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84658
Expires: Thu, 08 Oct 2020 04:27:23 GMT

GET
H/1.1 200
OK next-gen-cybersecurity-new-tools-for-new-threats-pdf-10-w-6913.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 250 KB
251 KB 30ms
25ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/next-gen-cybersecurity-new-tools-for-new-threats-pdf-10-w-6913.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4b5338691e8fe24b9f5c758f9ee0e5b8fdc92ae2fb1d257c2c11ef774ecc5c08

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 07 Oct 2020 14:22:16 GMT
X-Trans-Id: tx6be1af0721b6479780d76-005f7dd2badfw1
ETag: 11fcdef1366458916aa167457a312dac
Content-Type: image/jpeg
X-Timestamp: 1602080535.19059
Cache-Control: public, max-age=47465
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 256268
Expires: Thu, 08 Oct 2020 14:39:28 GMT

GET
H/1.1 200
OK new-york-bank-achieves-cyber-risk-improvement-pdf-6-w-6897.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 200 KB
200 KB 56ms
23ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-york-bank-achieves-cyber-risk-improvement-pdf-6-w-6897.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e12c7ef56e8244af1de27e6717aea5fedcab5bf4701c6f4c8a7f82a7cefe708c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 05 Oct 2020 14:46:16 GMT
X-Trans-Id: tx2000d2e2f11647ef843d7-005f7b41d0dfw1
ETag: 8d43d4e38fec939207e83d3246def199
Content-Type: image/jpeg
X-Timestamp: 1601909175.13124
Cache-Control: public, max-age=38851
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 204323
Expires: Thu, 08 Oct 2020 12:15:54 GMT

GET
H/1.1 200
OK establishing-operational-resilience-to-achieve-customer-excellence-logo-4-w-6506.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 100 KB
100 KB 72ms
42ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/establishing-operational-resilience-to-achieve-customer-excellence-logo-4-w-6506.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5fec84428e2f011dcfcafc98d11e591d983959534aa6e668f56f4ef00854af79

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 04 Aug 2020 12:39:55 GMT
X-Trans-Id: txd449ef58637d47148f6cb-005f7b59cbdfw1
ETag: 18d619d9b647b0960a10a1757854d465
Content-Type: image/jpeg
X-Timestamp: 1596544794.98560
Cache-Control: public, max-age=41477
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102051
Expires: Thu, 08 Oct 2020 12:59:40 GMT

GET
H/1.1 200
OK new-email-security-imperative-pdf-7-w-6890.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 150 KB
150 KB 63ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-email-security-imperative-pdf-7-w-6890.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f65172cf1560e67a4b40f4a698a4406648240a551fe11c9a63eeafeed3e2aac

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 02 Oct 2020 14:13:08 GMT
X-Trans-Id: tx2812e5002eaa4ffaaeb26-005f7736e1dfw1
ETag: 49c9f521b740371311f9dde51bbef8a7
Content-Type: image/jpeg
X-Timestamp: 1601647987.05571
Cache-Control: public, max-age=9337
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153448
Expires: Thu, 08 Oct 2020 04:04:00 GMT

GET
H/1.1 200
OK combatting-cybercrime-pdf-9-h-103.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 358 KB
358 KB 107ms
38ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/combatting-cybercrime-pdf-9-h-103.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 26 Nov 2019 19:37:47 GMT
X-Trans-Id: tx57bd17ac0a254c3396bf0-005e7bcc8bdfw1
ETag: 11a3adb400c0ff282a505428b1d7be73
Content-Type: image/jpeg
X-Timestamp: 1574797066.57975
Cache-Control: public, max-age=35508
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 366322
Expires: Thu, 08 Oct 2020 11:20:11 GMT

GET
H/1.1 200
OK top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 76 KB
77 KB 103ms
37ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 28 Oct 2019 13:57:45 GMT
X-Trans-Id: txcde842eefbe546ceacdd9-005e7bd903dfw1
ETag: 69913c61181f1fc9d730d6c8298e55c4
Content-Type: image/jpeg
X-Timestamp: 1572271064.63410
Cache-Control: public, max-age=65543
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78320
Expires: Thu, 08 Oct 2020 19:40:46 GMT

GET
H/1.1 200
OK leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 197 KB
198 KB 85ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 15 Oct 2019 14:06:53 GMT
X-Trans-Id: tx9499045f7e1143bd938db-005e7c2408dfw1
ETag: e3e068e355cdbfaa15e88b627d7ebc55
Content-Type: image/jpeg
X-Timestamp: 1571148412.42493
Cache-Control: public, max-age=15733
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202154
Expires: Thu, 08 Oct 2020 05:50:36 GMT

GET
H/1.1 200
OK collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 87 KB
88 KB 80ms
37ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 02 Oct 2019 13:41:41 GMT
X-Trans-Id: tx03a5dd64dd8e478e92d2c-005e7b806adfw1
ETag: 36c70127fa172aa8ce8cd235fddf4c97
Content-Type: image/jpeg
X-Timestamp: 1570023700.81183
Cache-Control: public, max-age=14228
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89481
Expires: Thu, 08 Oct 2020 05:25:31 GMT

GET
H/1.1 200
OK securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 83 KB
84 KB 169ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 16 Sep 2020 20:37:30 GMT
X-Trans-Id: tx83544987d6c84c70b8c20-005f627afddfw1
ETag: 5694412cdb081e33be6760fae149e796
Content-Type: image/jpeg
X-Timestamp: 1600288649.09953
Cache-Control: public, max-age=76097
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85143
Expires: Thu, 08 Oct 2020 22:36:40 GMT

GET
H/1.1 200
OK securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 78 KB
78 KB 167ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 19 Jun 2020 20:27:30 GMT
X-Trans-Id: txb1d9408d6ae9401089f55-005f60328ddfw1
ETag: 277c051b9980d6d67e9279ed59b4b968
Content-Type: image/jpeg
X-Timestamp: 1592598449.94175
Cache-Control: public, max-age=12567
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79854
Expires: Thu, 08 Oct 2020 04:57:50 GMT

GET
H/1.1 200
OK managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 87 KB
87 KB 208ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 24 Apr 2020 20:49:35 GMT
X-Trans-Id: tx5400218f950646a2861fe-005ea3519bdfw1
ETag: 798bc33a31e70aade019309a9fa16e27
Content-Type: image/jpeg
X-Timestamp: 1587761374.72132
Cache-Control: public, max-age=80160
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88866
Expires: Thu, 08 Oct 2020 23:44:23 GMT

GET
H/1.1 200
OK taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 95 KB
95 KB 206ms
59ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 23 Mar 2020 21:52:35 GMT
X-Trans-Id: tx76e0c19f15dc45bb8201e-005e7bbf0fdfw1
ETag: 4af1e925902f765709fbac19d76f9149
Content-Type: image/jpeg
X-Timestamp: 1585000354.21724
Cache-Control: public, max-age=71288
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97383
Expires: Thu, 08 Oct 2020 21:16:31 GMT

GET
H/1.1 200
OK empty_menu_image.png
www.bankinfosecurity.com/images/navigation/generic/ 5 KB
4 KB 133ms
132ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images/navigation/generic/empty_menu_image.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

69278fe35261286939e10f3832f461f9bf6addf267ffe0134e26be3d313dbd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3692

GET
H/1.1 200
OK mobile-wallets-emerging-fraud-showcase_image-4-w-1074.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 118 KB
118 KB 34ms
34ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/mobile-wallets-emerging-fraud-showcase_image-4-w-1074.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d93f11b9b3c1c2e17e0ccfc61fbec9d56bc19b43afed81580b28da4abf41c3c4

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 19 Sep 2016 20:36:51 GMT
X-Trans-Id: tx14e5a65d389b44329a673-005f7e63dfdfw1
ETag: da0163bba6214f6d9ed7fb0975214ab0
Content-Type: image/jpeg
X-Timestamp: 1474317410.44319
Cache-Control: public, max-age=84521
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120490
Expires: Fri, 09 Oct 2020 00:57:04 GMT

GET
H/1.1 200
OK mobile-payments-byod-vulnerabilities-threats-remedies-showcase_image-7-w-852.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 112 KB
112 KB 24ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/mobile-payments-byod-vulnerabilities-threats-remedies-showcase_image-7-w-852.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5f58cd7e45b2163d52f7c4f5ec1ff75b21a8e58a7b646da8236bccd95d16f65b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 13 Nov 2015 20:20:11 GMT
X-Trans-Id: txad84fd285d564a2287e8c-005f7e63dcdfw1
ETag: 983828b1e3052ca242c2ffd9cdd86fde
Content-Type: image/jpeg
X-Timestamp: 1447446010.91861
Cache-Control: public, max-age=84467
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114670
Expires: Fri, 09 Oct 2020 00:56:10 GMT

GET
H/1.1 200
OK emerging-payment-channels-technologies-infrastructures-ensuring-robust-fraud-defense-showcase_image-6-w-826.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 116 KB
117 KB 27ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/emerging-payment-channels-technologies-infrastructures-ensuring-robust-fraud-defense-showcase_image-6-w-826.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e77aff24d02c37edcbeb68b5e565a43367436a996f37b8d8df26c8fa6a368805

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 13 Nov 2015 19:20:59 GMT
X-Trans-Id: tx7b98f7eb1f334045bf371-005f7e63e1dfw1
ETag: 23d39bb8f7e0d44f16a2b634a7602c56
Content-Type: image/jpeg
X-Timestamp: 1447442458.49416
Cache-Control: public, max-age=84522
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119147
Expires: Fri, 09 Oct 2020 00:57:05 GMT

GET
H/1.1 200
OK keynote-visa-on-future-payment-card-security-showcase_image-5-w-746.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 77 KB
77 KB 23ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/keynote-visa-on-future-payment-card-security-showcase_image-5-w-746.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0403c515c5536112b5861d54cac246d18459deda44b39a5a2c5df9de61fb1d31

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 09 Nov 2015 14:43:41 GMT
X-Trans-Id: tx39b8a31f4efc4533bfb27-005f7e63e0dfw1
ETag: db00f2fc521f258ca3dab2dbb8b99322
Content-Type: image/jpeg
X-Timestamp: 1447080220.52955
Cache-Control: public, max-age=84474
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78955
Expires: Fri, 09 Oct 2020 00:56:17 GMT

GET
H/1.1 200
OK rise-cryptocurrency-malware-showcase_image-4-w-1780.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 84 KB
85 KB 23ms
23ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/rise-cryptocurrency-malware-showcase_image-4-w-1780.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3bd0b92cc518315c75682e4d5224b205a2342a9ef0211f691b75e7ea53ca03a9

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 25 Sep 2018 20:39:54 GMT
X-Trans-Id: tx7e20dd72f60b4c07bbb37-005f7e63e0dfw1
ETag: 40c48c259901d3289a778f087769429f
Content-Type: image/jpeg
X-Timestamp: 1537907993.11758
Cache-Control: public, max-age=84481
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86308
Expires: Fri, 09 Oct 2020 00:56:24 GMT

GET
H/1.1 200
OK todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 69 KB
70 KB 25ms
24ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 11 Mar 2020 18:40:32 GMT
X-Trans-Id: tx5c81c38e56f7462b919be-005eb74326dfw1
ETag: b710debdf96f2b48a22aa4a8f63dc7d4
Content-Type: image/jpeg
X-Timestamp: 1583952031.64606
Cache-Control: public, max-age=70091
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70886
Expires: Thu, 08 Oct 2020 20:56:34 GMT

GET
H/1.1 200
OK achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 54 KB
55 KB 32ms
32ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 04 Mar 2020 21:51:00 GMT
X-Trans-Id: txc0c0c8197a784faaa7884-005eb36507dfw1
ETag: 3cd4bf863b88b9c29a24cef0ad690ce1
Content-Type: image/jpeg
X-Timestamp: 1583358659.31089
Cache-Control: public, max-age=79587
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55733
Expires: Thu, 08 Oct 2020 23:34:50 GMT

GET
H/1.1 200
OK tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 59 KB
59 KB 26ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 05 Mar 2020 16:04:36 GMT
X-Trans-Id: txf9cf37298d7146e8b9716-005e7d0a94dfw1
ETag: f159c9867556eec8a5360d3493db29ad
Content-Type: image/jpeg
X-Timestamp: 1583424275.63523
Cache-Control: public, max-age=15798
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60191
Expires: Thu, 08 Oct 2020 05:51:41 GMT

GET
H/1.1 200
OK best-rsa-conference-2020-showcase_image-1-a-14011.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 100 KB
101 KB 32ms
31ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/best-rsa-conference-2020-showcase_image-1-a-14011.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 25 Mar 2020 19:33:42 GMT
X-Trans-Id: txd90fa594fdea49c9953bf-005e7bbf13dfw1
ETag: 5509cbbd99ddd348f3533b4b8f6a0da9
Content-Type: image/jpeg
X-Timestamp: 1585164821.83821
Cache-Control: public, max-age=70234
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102596
Expires: Thu, 08 Oct 2020 20:58:57 GMT

GET
H/1.1 200
OK infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 89 KB
89 KB 38ms
24ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 05 Jul 2019 20:13:34 GMT
X-Trans-Id: tx9495434447024618b4cf5-005e7d08d4dfw1
ETag: f9dab7917669551bb50361c2dcd43aa7
Content-Type: image/jpeg
X-Timestamp: 1562357613.59432
Cache-Control: public, max-age=65621
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91187
Expires: Thu, 08 Oct 2020 19:42:04 GMT

GET
H/1.1 200
OK improving-iot-risk-management-showcase_image-10-a-12689.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
61 KB 28ms
24ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/improving-iot-risk-management-showcase_image-10-a-12689.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 28 Jun 2019 14:04:32 GMT
X-Trans-Id: tx7a65bc80513a430684935-005e7bcc8bdfw1
ETag: 7f5fdd9cf37f980ea13c12c231815e13
Content-Type: image/jpeg
X-Timestamp: 1561730671.53151
Cache-Control: public, max-age=66762
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61807
Expires: Thu, 08 Oct 2020 20:01:05 GMT

GET
H/1.1 200
OK gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
62 KB 24ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 25 Jun 2019 19:30:48 GMT
X-Trans-Id: txe7bd16e3f9f540aab4c37-005e7d0eabdfw1
ETag: bba47bed092092a1c82b09a86a3a0e40
Content-Type: image/jpeg
X-Timestamp: 1561491047.60933
Cache-Control: public, max-age=81560
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63007
Expires: Fri, 09 Oct 2020 00:07:43 GMT

GET
H/1.1 200
OK reinventing-application-security-showcase_image-10-a-12671.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 53 KB
53 KB 48ms
34ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/reinventing-application-security-showcase_image-10-a-12671.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 25 Jun 2019 19:54:35 GMT
X-Trans-Id: tx45de8b22a2fc4b4c95bf9-005ef90048dfw1
ETag: 89521d60b07d7e85acabbf0301821f45
Content-Type: image/jpeg
X-Timestamp: 1561492474.52472
Cache-Control: public, max-age=83472
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54026
Expires: Fri, 09 Oct 2020 00:39:35 GMT

GET
H/1.1 200
OK ryuk-sodinokibi-surge-as-ransom-payments-double-showcase_image-5-a-13654.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 82 KB
83 KB 35ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ryuk-sodinokibi-surge-as-ransom-payments-double-showcase_image-5-a-13654.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f0f87842d5f5ddd7b3c1f2ced30c670e494e075769cd798c1c81bd92831121ac

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 28 Jan 2020 11:46:35 GMT
X-Trans-Id: txf9b03645b3384456a7f6c-005f7dacc0dfw1
ETag: 9bf46cbbb1d4474d6f7dceb208c6d2f0
Content-Type: image/jpeg
X-Timestamp: 1580211994.06479
Cache-Control: public, max-age=37696
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84321
Expires: Thu, 08 Oct 2020 11:56:39 GMT

GET
H/1.1 200
OK avg-ransom-amount-q42019-coveware.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 26 KB
26 KB 323ms
189ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/avg-ransom-amount-q42019-coveware.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 498fca4d26545e4c880c6274f52fa51fe3969ab1e00adb93b8bb0758ae0bb6f7

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 28 Jan 2020 11:35:18 GMT
X-Trans-Id: txd4510fee87fe4e1699b57-005f7e6b37dfw1
ETag: 14b937a957a05902613ba4bc0afc24c6
Content-Type: image/jpeg
X-Timestamp: 1580211317.54831
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26463
Expires: Sun, 11 Oct 2020 01:28:23 GMT

GET
H/1.1 200
OK ransomware-market-share-q42019-coveware.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 37 KB
38 KB 176ms
176ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ransomware-market-share-q42019-coveware.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52b6282ec22c7e5d1e7053d40b0bf220227931f84ee7a2504cbe29f63581e25a

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Tue, 28 Jan 2020 11:34:53 GMT
X-Trans-Id: tx07e25674543b4201ab921-005f7e6b38dfw1
ETag: 1db39fffa4f5644acd2cba9a572c0a01
Content-Type: image/jpeg
X-Timestamp: 1580211292.57408
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38368
Expires: Sun, 11 Oct 2020 01:28:24 GMT

GET
H/1.1 200
OK revil-kpn-peaks.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 63 KB
63 KB 346ms
173ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/revil-kpn-peaks.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d12f6cf7edbff2f3c822ab34097959439742be46dbef07aa645929594ec1f58c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Tue, 28 Jan 2020 11:32:11 GMT
X-Trans-Id: txe1f16918d9a84bcdbc06c-005f7e6b38dfw1
ETag: e8c007080f0521873f9fe8ef6063f861
Content-Type: image/jpeg
X-Timestamp: 1580211130.42928
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64623
Expires: Sun, 11 Oct 2020 01:28:24 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 28ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B5) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/40B5)
Age: 251
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H/1.1 200
OK mathew-j-schwartz-largeImage-4-a-892.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 63 KB
63 KB 28ms
28ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/mathew-j-schwartz-largeImage-4-a-892.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 23da1dd7c3c9ea31b5cba0b16ddc8bd521f11ba2b622692f4ec5703fc7555221

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 11 Mar 2019 20:31:08 GMT
X-Trans-Id: tx1c2c51fef0714cdcbdd48-005ef09796dfw1
ETag: 0a4204e2649185daf7ea39a3c953e722
Content-Type: image/jpeg
X-Timestamp: 1552336267.88871
Cache-Control: public, max-age=63049
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64095
Expires: Thu, 08 Oct 2020 18:59:12 GMT

GET
H/1.1 200
OK industry-cyber-exposure-report-deutsche-brse-prime-standard-320-logo-6-w-6651.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 29 KB
30 KB 132ms
131ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/industry-cyber-exposure-report-deutsche-brse-prime-standard-320-logo-6-w-6651.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1df54f8dbef8cd08be86c494bca772a96cf27befb090225e493b825f3c9270b0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 25 Aug 2020 12:40:00 GMT
X-Trans-Id: txc72bc6bdc708479680033-005f481fa2dfw1
ETag: c269a684807714f19e2378971edcbe7e
Content-Type: image/jpeg
X-Timestamp: 1598359199.65461
Cache-Control: public, max-age=26537
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29916
Expires: Thu, 08 Oct 2020 08:50:40 GMT

GET
H/1.1 200
OK guide-to-antivirus-av-replacement-what-you-need-to-know-before-replacing-your-current-av-solution-logo-10-w-6626.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 45 KB
45 KB 55ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/guide-to-antivirus-av-replacement-what-you-need-to-know-before-replacing-your-current-av-solution-logo-10-w-6626.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73c33b32563e2637be90df68581c0ef5bbea9c1a4adb40efb236e864bf0f606b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 19 Aug 2020 21:11:06 GMT
X-Trans-Id: tx40a5b7c7bd44495c8692d-005f76c0b2dfw1
ETag: 679114384528324ea2227d657b04a2f6
Content-Type: image/jpeg
X-Timestamp: 1597871465.70176
Cache-Control: public, max-age=8675
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46081
Expires: Thu, 08 Oct 2020 03:52:58 GMT

GET
H/1.1 200
OK ransomware-recovery-in-new-normal-pdf-7-w-6241.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 369 KB
369 KB 26ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ransomware-recovery-in-new-normal-pdf-7-w-6241.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c09cf4b6a8d7250fd79637fba66286b2b6f61582a5ae71894e1506d302e6cd38

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 21 May 2020 18:40:10 GMT
X-Trans-Id: tx76f6d2d54b9644d4b3868-005f533c7fdfw1
ETag: 15617d2764aa8956bc75c4a7eafeb149
Content-Type: image/jpeg
X-Timestamp: 1590086409.95341
Cache-Control: public, max-age=17953
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 377372
Expires: Thu, 08 Oct 2020 06:27:36 GMT

GET
H/1.1 200
OK state-otics-cybersecurity-survey-logo-4-w-6534.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 29 KB
29 KB 27ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/state-otics-cybersecurity-survey-logo-4-w-6534.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 055097971005ebe69e878dcac676ffd374023b00105fe44f9eacab592125d26d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 10 Aug 2020 09:45:50 GMT
X-Trans-Id: txcc71028e443f4465b16f6-005f52f01bdfw1
ETag: 1c69c303a7e4b9bf0ab55f80af0426dc
Content-Type: image/jpeg
X-Timestamp: 1597052749.11449
Cache-Control: public, max-age=36381
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29645
Expires: Thu, 08 Oct 2020 11:34:44 GMT

GET
H/1.1 200
OK state-personal-cybersecurity-privacy-2020-pdf-7-w-6851.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 243 KB
243 KB 38ms
38ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/state-personal-cybersecurity-privacy-2020-pdf-7-w-6851.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c1fd1157140962871adabb2c4dcae806e3acadb8cd672a995c9a1675e963562b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Fri, 25 Sep 2020 17:28:28 GMT
X-Trans-Id: tx2c40a55e06ad462ba2462-005f75351cdfw1
ETag: 7ab330f3efa0782d665ce87903fab035
Content-Type: image/jpeg
X-Timestamp: 1601054907.25478
Cache-Control: public, max-age=46905
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 248731
Expires: Thu, 08 Oct 2020 14:30:09 GMT

GET
H/1.1 200
OK asd-essential-eight-approach-to-proactively-managing-your-agencys-security-posture-logo-1-w-6350.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 174 KB
174 KB 36ms
36ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/asd-essential-eight-approach-to-proactively-managing-your-agencys-security-posture-logo-1-w-6350.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 80b3a7b8fa2f7513527e5cd22e7674136d237c8382debb79fd57acd70896ea6c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Sun, 21 Jun 2020 16:15:36 GMT
X-Trans-Id: txdb44eee666754990871e8-005f574062dfw1
ETag: 8d375b2e25a7baa2c3c2eee40f436b75
Content-Type: image/png
X-Timestamp: 1592756135.20364
Cache-Control: public, max-age=76962
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177687
Expires: Thu, 08 Oct 2020 22:51:06 GMT

GET
H/1.1 200
OK axcess-financial-customer-story-pdf-1-w-6453.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 270 KB
271 KB 35ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/axcess-financial-customer-story-pdf-1-w-6453.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6fbbe23fd5c7169008f0344223770976f0284da565346d05f27c5d962c536d57

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Fri, 24 Jul 2020 01:36:17 GMT
X-Trans-Id: txc636808794044e9f9d663-005f74c237dfw1
ETag: 97e37a5cbc8fe1a7ca1684b557f55501
Content-Type: image/jpeg
X-Timestamp: 1595554576.40463
Cache-Control: public, max-age=29330
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 276960
Expires: Thu, 08 Oct 2020 09:37:14 GMT

GET
H/1.1 200
OK rising-iot-botnets-shifting-ransomware-escalate-enterprise-risk-logo-6-w-6538.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 32 KB
33 KB 176ms
41ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/rising-iot-botnets-shifting-ransomware-escalate-enterprise-risk-logo-6-w-6538.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ab58161de587ae970a0a44762ee958838e961ef928c58cd9a2e680b3348171c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 10 Aug 2020 12:58:15 GMT
X-Trans-Id: tx02ba270de942432e85a4b-005f4edf34dfw1
ETag: 98a6f32ee722ef9ef6e7a49b0ce67b33
Content-Type: image/jpeg
X-Timestamp: 1597064294.97123
Cache-Control: public, max-age=34086
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33013
Expires: Thu, 08 Oct 2020 10:56:29 GMT

GET
H/1.1 200
OK 451-research-report-tackling-visibility-gap-in-information-security-pdf-9-w-5102.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 181 KB
181 KB 175ms
40ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/451-research-report-tackling-visibility-gap-in-information-security-pdf-9-w-5102.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3b7d6d0424c30819e0b26d96c8b56b8e4676ac5d653068ff62bb98eca8996ffd

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Fri, 14 Aug 2020 20:30:13 GMT
X-Trans-Id: txbae680cc2c884c908c16a-005f38117adfw1
ETag: faf10b0b40cdbc10bf0ed7bf7c752319
Content-Type: image/jpeg
X-Timestamp: 1597437012.05391
Cache-Control: public, max-age=26005
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184889
Expires: Thu, 08 Oct 2020 08:41:48 GMT

GET
H/1.1 200
OK rapid-digitization-risk-roundtable-preview-showcase_image-1-a-14725.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 61 KB
61 KB 32ms
31ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/rapid-digitization-risk-roundtable-preview-showcase_image-1-a-14725.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f59c27c1725a063adf2ea814ff0a1e3425e732c4cb7ad0baea3ddae5b721085

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Wed, 29 Jul 2020 17:20:40 GMT
X-Trans-Id: tx6ecfcbc22d62497d9bbea-005f490852dfw1
ETag: 85d55ca01a21d4d2d091e03f7a5d3ab2
Content-Type: image/jpeg
X-Timestamp: 1596043239.95461
Cache-Control: public, max-age=64245
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62481
Expires: Thu, 08 Oct 2020 19:19:08 GMT

GET
H/1.1 200
OK new-reality-bring-order-to-chaos-unified-endpoint-security-logo-2-w-6342.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 166 KB
167 KB 190ms
55ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-reality-bring-order-to-chaos-unified-endpoint-security-logo-2-w-6342.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ff6fc40d92ba4d4853b2b4eda1bad70484a85cceb9bb371d6430b0445d2d944

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Thu, 18 Jun 2020 16:01:10 GMT
X-Trans-Id: tx4fe27ac4c57a4d94968a5-005f5ff700dfw1
ETag: 2b31ae1ab9464cbf882731d63268a1ed
Content-Type: image/png
X-Timestamp: 1592496069.04168
Cache-Control: public, max-age=10087
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170387
Expires: Thu, 08 Oct 2020 04:16:30 GMT

GET
H/1.1 200
OK beware-other-virus-spread-coronavirus-themed-malware-showcase_image-1-a-14110.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 134 KB
135 KB 24ms
24ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/beware-other-virus-spread-coronavirus-themed-malware-showcase_image-1-a-14110.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9da61cbf2665aed71c6d5c6d58282fa9ca941d488718bf16fc49f819fa2bbf2

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Mon, 13 Apr 2020 19:01:01 GMT
X-Trans-Id: tx595f49a055e64e2cb6ed9-005f0fe524dfw1
ETag: 80a930491aade24aa861bf009e0dd85a
Content-Type: image/jpeg
X-Timestamp: 1586804460.99060
Cache-Control: public, max-age=38830
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137417
Expires: Thu, 08 Oct 2020 12:15:33 GMT

GET
H/1.1 200
OK ert-showcase_image-5-a-15125.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
63 KB 24ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ert-showcase_image-5-a-15125.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bca57519350180478d4a8bda6c1e2d99ceec3257e484459055119da25d71aa5

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Tue, 06 Oct 2020 19:37:52 GMT
X-Trans-Id: tx1924ada5cbda477ea75ef-005f7cd64edfw1
ETag: 9ad1a1b9e52bc4e96666660e92dd9825
Content-Type: image/jpeg
X-Timestamp: 1602013071.71729
Cache-Control: public, max-age=60607
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63859
Expires: Thu, 08 Oct 2020 18:18:31 GMT

GET
H/1.1 200
OK roger-severino-lead-hipaa-enforcer-on-fighting-hackers-showcase_image-4-i-4777.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 131 KB
132 KB 26ms
25ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/roger-severino-lead-hipaa-enforcer-on-fighting-hackers-showcase_image-4-i-4777.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 970ea7e2eced4dea206add7c2f326305464289e4f05dcdb50cbf7547759ae24d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Mon, 05 Oct 2020 18:19:55 GMT
X-Trans-Id: tx1c8376642e7249e49717a-005f7b69c8dfw1
ETag: 00160d41cbbd683047975053cfcc78cc
Content-Type: image/jpeg
X-Timestamp: 1601921994.53295
Cache-Control: public, max-age=45535
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 134628
Expires: Thu, 08 Oct 2020 14:07:19 GMT

GET
H/1.1 200
OK 5-key-features-ransomware-mitigation-showcase_image-10-i-4767.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 76 KB
76 KB 24ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/5-key-features-ransomware-mitigation-showcase_image-10-i-4767.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5582702e5c3761e45e6b279aa8adae9fa0dd4e787da99c954bf0cf5926c9e689

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Fri, 18 Sep 2020 08:00:26 GMT
X-Trans-Id: tx81632da14c8142909d3ab-005f72ebc0dfw1
ETag: d73e28c00d8ff31e68a27bcb41903a80
Content-Type: image/jpeg
X-Timestamp: 1600416025.41696
Cache-Control: public, max-age=44360
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77659
Expires: Thu, 08 Oct 2020 13:47:44 GMT

GET
H/1.1 200
OK panel-discussion-securing-digital-payments-showcase_image-1-i-4778.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 328 KB
328 KB 28ms
27ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/panel-discussion-securing-digital-payments-showcase_image-1-i-4778.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 532a553e83ef36070af13f3cc7185d268e3c1e609a0d58e23044be8497830bd3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Wed, 07 Oct 2020 11:26:31 GMT
X-Trans-Id: tx827ca893101c490aae6a5-005f7dc707dfw1
ETag: 949de5ffb26d1e0b307c9a374d046f9f
Content-Type: image/jpeg
X-Timestamp: 1602069990.05317
Cache-Control: public, max-age=44421
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 335758
Expires: Thu, 08 Oct 2020 13:48:45 GMT

GET
H/1.1 200
OK analysis-chinese-database-exposure-cause-for-concern-showcase_image-1-i-4768.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 54 KB
55 KB 23ms
23ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-chinese-database-exposure-cause-for-concern-showcase_image-1-i-4768.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 22eebfc59195e416f7a2c75d774b2dbc23d676045560dfbfaf2e7a0e5cb0c4be

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Thu, 17 Sep 2020 15:11:01 GMT
X-Trans-Id: tx7722126afc924b38a6d2a-005f646b56dfw1
ETag: c9365fa2f3a8c737bd4c97ae7f7872d1
Content-Type: image/jpeg
X-Timestamp: 1600355460.96051
Cache-Control: public, max-age=27243
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55503
Expires: Thu, 08 Oct 2020 09:02:27 GMT

GET
H/1.1 200
OK achieving-scalable-ddos-protection-managed-services-showcase_image-7-i-4770.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 296 KB
297 KB 37ms
22ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/achieving-scalable-ddos-protection-managed-services-showcase_image-7-i-4770.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29fc20dde9756a5d7609e0922846a104358f3a14a6d4addaa292d0b6fd7293d0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Mon, 28 Sep 2020 08:58:11 GMT
X-Trans-Id: tx3c070c00be6441da8fc0f-005f71ad44dfw1
ETag: 967ff914ef682251f7437acfc991b08e
Content-Type: image/jpeg
X-Timestamp: 1601283490.34956
Cache-Control: public, max-age=32540
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 303372
Expires: Thu, 08 Oct 2020 10:30:44 GMT

GET
H/1.1 200
OK compliance-2-new-health-data-regs-avoiding-pitfalls-showcase_image-3-i-4772.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 47 KB
48 KB 42ms
23ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/compliance-2-new-health-data-regs-avoiding-pitfalls-showcase_image-3-i-4772.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ce95c6cde0c6fb2e69a15cca63fded4719cf4275cd03fcc6279cf4d0e9ea0177

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Mon, 28 Sep 2020 19:18:45 GMT
X-Trans-Id: txa446a80ec8cb4c3ea60c8-005f7374efdfw1
ETag: 0d18f38785da0e60ede6f0c5e3a3b7dc
Content-Type: image/jpeg
X-Timestamp: 1601320724.58804
Cache-Control: public, max-age=73601
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48378
Expires: Thu, 08 Oct 2020 21:55:05 GMT

GET
H/1.1 200
OK logo-ismg-with-text.png
www.bankinfosecurity.com/images-responsive/ 4 KB
4 KB 131ms
130ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logo-ismg-with-text.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4175

GET
H/1.1 200
OK logo-ismg-print.png
www.bankinfosecurity.com/images-responsive/ 5 KB
6 KB 131ms
131ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logo-ismg-print.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 5598

GET
H/1.1 200
OK ondemand-preview-w-255.jpg
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 56 KB
57 KB 732ms
562ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Fri, 05 Jul 2013 12:55:26 GMT
X-Trans-Id: txe22ae920bff14db88289c-005f7e6b38dfw1
ETag: 7aece0902995efedc289b7c24037434b
Content-Type: image/jpeg
X-Timestamp: 1373028925.94439
Cache-Control: public, max-age=825
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57633
Expires: Thu, 08 Oct 2020 01:42:09 GMT

GET
H/1.1 200
OK ron-ross-smallImage-a-558.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 10 KB
11 KB 23ms
23ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ron-ross-smallImage-a-558.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Fri, 01 Nov 2013 13:09:25 GMT
X-Trans-Id: tx171b8f70f76f44bbb4333-005eb36507dfw1
ETag: fac8c56390d084c4f1dfaa9b24a58c33
Content-Type: image/jpeg
X-Timestamp: 1383311364.81114
Cache-Control: public, max-age=84483
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10640
Expires: Fri, 09 Oct 2020 00:56:27 GMT

GET
H/1.1 404
Not Found modernizr.js
www.bankinfosecurity.com/javascripts-responsive/vendor/ 0
0 195ms
176ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/modernizr.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK ismg-user-ip Show response
worker.ismgcorp.com/ 14 B
408 B 594ms
144ms XHR
text/html 104.130.251.6
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://worker.ismgcorp.com/ismg-user-ip
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120502.2031
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.130.251.6 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: f4aa5a3b3420b193597567f536578c6edb5204a3b119c65701208c20befde87c

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 34

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
18 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2d056273fc351e8e5a737598ed3183123f0e3eb949e79892d5fba36394b804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "656 / 94 of 1000 / last-modified: 1602108813"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17592
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 73ms
26ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120502.2031
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 545 KB
44 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bb5458a327e2c07911e9c3a33615af83428c2682fab4abc0a691154440801be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45193
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 00:20:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 66 KB
26 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8C2JFW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f52831041e56692711b8cef37ed2b9efd1e7a57244700662956ba76ee75e37fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26821
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 00:20:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 111907
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:23:16 GMT

GET
H/1.1 200
OK main.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 41 KB
10 KB 133ms
132ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/main.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9721

GET
H/1.1 200
OK media-transcript-navigation.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 26 KB
7 KB 131ms
131ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/media-transcript-navigation.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 6519

GET
H/1.1 200
OK bis-hdr.r1.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 1 KB
839 B 134ms
134ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.r1.js?s=1602120502.2031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 455

GET
H/1.1 200
OK jquery.browser.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 2 KB
1 KB 133ms
133ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/jquery.browser.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1022

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 24 KB
7 KB 207ms
132ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/jquery.prettyPhoto.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6459

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:26:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 111712
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:26:31 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 111932
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:51 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.bankinfosecurity.com/css-responsive/fonts/ 43 KB
44 KB 130ms
130ms Font
application/font-woff 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1602120502.2031

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1602120502.2031
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:23 GMT
Last-Modified: Tue, 06 Oct 2020 18:59:03 GMT
Server: Apache
ETag: "ad90-5b1053146a730"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 44432

GET
H3-Q050 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:28:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 111620
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9744
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:28:03 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 111960
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:23 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 1350ms
23ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:25 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41522
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 0
0

GET
H/1.1 200
OK embed.js Show response
bankinfosecurity.disqus.com/ 69 KB
23 KB 592ms
294ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankinfosecurity.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

e1e054a920ed9c95bdcf34bccbc0861a8d847cd0b67374472971666c31646f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22861

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 765
date: Thu, 08 Oct 2020 01:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 08 Oct 2020 03:15:39 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 1392ms
34ms Script
application/javascript 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?892020
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d655e8cd62ba58d86b3bc9c8e1e04a76506a4dfc852c3b3813deb0aef284548

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2020 06:53:05 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=19479
Connection: keep-alive
Content-Length: 11933
Expires: Thu, 08 Oct 2020 06:53:05 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 965 B
761 B 62ms
18ms Script
application/x-javascript 2a02:26f0:2b00:7b2::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2b00:7b2::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=22376
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 livechat.ashx Show response
chatserver.comm100.com/ 990 B
933 B 1412ms
121ms Script
application/x-javascript 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fe66db584b92b70607f85dab9ebe96762bbe6a3b6e02af2bb0d74510a9c802b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 5dec15c6fac79d06-AMS
content-length: 515
cf-request-id: 05a76bf05900009d06d1bf9200000001

GET
H/1.1 200
OK 2682.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0021/ 309 B
820 B 103ms
22ms Script
application/x-javascript 13.224.186.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?445033
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.208 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-208.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6caf904d3dfc096ae3b4e40aed43181686bdf1bac4722b3dd2a775ab6d2a9992

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 18:23:53 GMT
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 03 Mar 2020 19:14:28 GMT
Server: AmazonS3
Age: 1667071
ETag: "53b0291ca3900aca920ad48e9790c1b7"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 309
X-Amz-Cf-Id: uldzF8U_IQCW9WQEJ7bBxv3DeuJjbRguStAGtuN_Rb-4nIwMFDgFUQ==

GET
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.com/ 6 KB
2 KB 155ms
155ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.com/ajax.php?json=twitterWidget
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120502.2031
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: bf3b919c876674e37869a3b13b80331adeaab41c7bd1b748e62129ffa4dcacf0

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/ 166 B
358 B 40ms
38ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=43, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154
x-akamai-path-stats: [1:5867:4294962429]

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 154ms
152ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f7e6b3726abf2d0&bkl=0&bl=1&pdt=845&sid=5f7e6b3726abf2d0&pub=ra-4fd21f2b39b17192&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bankinfosecurity.com&fp=ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=cybersecurity%2Cinformation%20security%2CCoveware%2CKPN%2Cransomware%2CPhobos%2CREvil%2CSodinokibi%2CRyuk%2C&colc=1602120503661&jsl=1&uvs=5f7e6b376d0e9f31000&skipb=1&callback=addthis.cbs.jsonp__484086662055032150
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4295a82589cbed7f7871b30bc190ecbb6d985b3c30a5e63ebf891b3b1a88955

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 08 Oct 2020 01:28:24 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4F84 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2BDB 0
0 25ms
25ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Thu, 08 Oct 2020 01:28:23 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 206
Partial Content ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 3 MB
0 527ms
359ms Media
video/mp4 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Last-Modified: Fri, 05 Jul 2013 12:56:36 GMT
X-Trans-Id: tx33ca1088b5394e578f0fa-005f36b0c8dfw1
ETag: e5d65b36cc2f1ee7de6cc53cd6609280
Content-Type: video/mp4
Content-Range: bytes 0-10621769/10621770
X-Timestamp: 1373028995.98411
Cache-Control: public, max-age=876
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10621770
Expires: Thu, 08 Oct 2020 01:43:00 GMT

GET
H2 200 2682.js Show response
script.crazyegg.com/pages/scripts/0021/ 3 KB
2 KB 26ms
11ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0021/2682.js
Requested by: Host: dnn506yrbagrg.cloudfront.net
URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?445033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b76b0645873cc7483c348bf007931e8a0dc7a66b9edee5df59d3c286f5bc3c9

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
ce-version: 11.1.118
age: 203261
cf-polished: origSize=3447
status: 200
cf-request-id: 05a76beb9e000005b78409a200000001
last-modified: Mon, 05 Oct 2020 17:00:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 5dec15bf6e4c05b7-FRA
cf-bgj: minify

GET
H2 200 vhasETOF_normal.jpg
pbs.twimg.com/profile_images/1131855016766124032/ 2 KB
2 KB 57ms
23ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1131855016766124032/vhasETOF_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

baee07e6cf9cf189699de48a4a7009c3920868c17af309a6c3c2fd773082ec46

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: MISS
status: 200
content-length: 1731
x-response-time: 17
last-modified: Fri, 24 May 2019 09:28:39 GMT
server: tsa_a
date: Thu, 08 Oct 2020 01:28:24 GMT
x-tw-cdn: ak
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 653ffbf52b8b55f6b5c526e9120ff3bd

GET
H2 200 b1rQHaWp_normal.jpg
pbs.twimg.com/profile_images/990976939602202626/ 2 KB
2 KB 47ms
32ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/990976939602202626/b1rQHaWp_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

aa6bb99958c99668c815297194ee751e59e73141765c5a41e4d113313bc0fb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: MISS
status: 200
content-length: 1959
x-response-time: 18
last-modified: Mon, 30 Apr 2018 15:29:28 GMT
server: tsa_a
date: Thu, 08 Oct 2020 01:28:24 GMT
x-tw-cdn: ak
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2b43b15fb757f86f270e8f87ebebb111

GET
H2 200 o8O3Kf9M_normal.png
pbs.twimg.com/profile_images/484336518631149569/ 2 KB
2 KB 115ms
114ms Image
image/png 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/484336518631149569/o8O3Kf9M_normal.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

8e60fab2e2b9c19d242fec6e050287e77a856131745637ba776d3e6a3412023c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: MISS
status: 200
content-length: 2035
x-response-time: 24
last-modified: Wed, 02 Jul 2014 14:01:19 GMT
server: tsa_a
date: Thu, 08 Oct 2020 01:28:24 GMT
x-tw-cdn: ak
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8683ae2b9e57b7bdf302317d5ea03f8d

POST
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.com/ 5 B
388 B 156ms
155ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.com/ajax.php?json=notificationCookies&action=getNotifications
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120502.2031
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:28:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 1F82 0
0 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.bankinfosecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 102554
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Oct 2020 01:28:24 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 200
OK horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js Show response
platform.twitter.com/js/ 6 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (fcn/4188)
Age: 102554
Etag: "15d6bf68a8d65b293e52ddc833724ed4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2195

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
26 B 45ms
20ms XHR
text/plain 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1370158934&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=671617895&gjid=114321151&cid=1019838014.1602120504&tid=UA-212197-2&_gid=1174877849.1602120504&_r=1&_slc=1&z=1641315901

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
134 B 36ms
14ms XHR
text/plain 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1370158934&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=691627336&gjid=1459276234&cid=1019838014.1602120504&tid=UA-212197-36&_gid=1174877849.1602120504&_r=1&_slc=1&z=543277587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
392 B 21ms
13ms Image
image/gif 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1370158934&t=event&_s=2&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dailyemailupdates&ea=impression&el=&_u=IEDAAEABAAAAAC~&jid=&gjid=&cid=1019838014.1602120504&tid=UA-212197-2&_gid=1174877849.1602120504&z=1494089883

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Oct 2020 21:09:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15510
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2020100201.js Show response
securepubads.g.doubleclick.net/gpt/ 271 KB
96 KB 82ms
30ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

1436c906c0691c6d7e77c015f3f454e1c3df917404c2b96171d5e7e899aa3c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Oct 2020 19:05:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97303
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 25ms
25ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 16 Jan 2021 01:28:24 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 32ms
15ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: sjs.bizographics.com
URL: https://sjs.bizographics.com/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35512
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
93 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-212197-36&cid=1019838014.1602120504&jid=691627336&gjid=1459276234&_gid=1174877849.1602120504&_u=IEDAAEABAAAAAC~&z=2083891207

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Oct 2020 01:28:24 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html
platform.twitter.com/embed/ Frame 9ABA 0
0 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1216351931020476417&lang=en&origin=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40FC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 555
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Oct 2020 01:28:24 GMT
Etag: "0b6e58b878f91c8b7b88de08db9c18e6"
Last-Modified: Tue, 06 Oct 2020 20:03:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40FC)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 577

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 824ms
171ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1602120504310&_mchCn=&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1602120504309-37676&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchRu=%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_campaign%3DEvent%20Promotions__-__utm_medium%3Demail__-___hsmi%3D96683910__-___hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw__-__utm_content%3D96683910__-__utm_source%3Dhs_email
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: b87e23a5-8f24-4f6b-b421-8bf89df729bd

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 990ms
165ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1602120504311&_mchRu=%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26amp%3Butm_medium%3Demail%26amp%3B_hsmi%3D96683910%26amp%3B_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26amp%3Butm_content%3D96683910%26amp%3Butm_source%3Dhs_email&_mchQp=cat%3D416%26cat%3D417%26cat%3D472%26cat%3D462%26cat%3D506%26cat%3D409%26cat%3D93%26cat%3D40%26cat%3D431%26cat%3D421%26cat%3D427%26cat%3D560%26cat%3D467%26cat%3D428%26cat%3D399%26cat%3D444%26cat%3D476%26assetID%3D13654%26assetType%3Darticle%26key%3Dcybersecurity%26key%3Dinformation%20security%26key%3Dcoveware%26key%3Dkpn%26key%3Dransomware%26key%3Dphobos%26key%3Drevil%26key%3Dsodinokibi%26key%3Dryuk%26key%3D&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1602120504309-37676&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchRe=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 45d4c188-639b-416d-b2f5-eb54ecbefa4f

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120504342&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1602120504342%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120504342&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent...

0
81 B

113ms
112ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120504342&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent+Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&liSync=true
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:25 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: 4urzZRzgOxZgXxkbTisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: MDo0XxzgOxYwX5PPXSsAAA==
pragma: no-cache
x-li-pop: afd-prod-edc2
x-msedge-ref: Ref A: 3E772E2E3E6344F78451BEF31026A993 Ref B: FRAEDGE1311 Ref C: 2020-10-08T01:28:24Z
x-frame-options: sameorigin
date: Thu, 08 Oct 2020 01:28:24 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120504342&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent+Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 34ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bankinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
246 B 14ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bankinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 223 KB
24 KB 171ms
138ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1285731632229516&correlator=4349796449806815&output=ldjh&impl=fifs&eid=21067701%2C21067390%2C21067633&vrg=2020100201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201008&iu_parts=4444691%2CBIS_TOP_728x90%2CBIS_MID_RB_300x250%2CBIS_MID_RB_2_300x250%2CBIS_MID_RB_3_300x250%2CBIS_MID_RB_300x600%2CBIS_MID_L_180x150%2CBIS_MID_R_180x150%2CBIS_MID2_L_180x150%2CBIS_MID2_R_180x150%2CBIS_TEXT_1%2CBIS_TEXT_2%2CBIS_BOTTOM_728x90%2CBIS_MID_728x90%2CBIS_Interstitial%2CBIS_TOP_320x50%2CBIS_BOTTOM_320x50%2CBIS_MID_320x50%2CBIS_CAT_LOGO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C180x150%2C180x150%2C180x150%2C180x150%2C280x70%2C280x70%2C728x90%2C728x90%2C640x480%2C320x50%2C320x50%2C320x50%2C216x54&cust_params=category%3D%255B416%252C417%252C472%252C462%252C506%252C409%252C93%252C40%252C431%252C421%252C427%252C560%252C467%252C428%252C399%252C444%252C476%255D%26gated%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1602120504&dt=1602120504431&dlt=1602120502368&idt=2041&frm=20&biw=1600&bih=1200&oid=3&adxs=615%2C1025%2C1025%2C-9%2C1010%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C15%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adys=71%2C587%2C4285%2C-9%2C2189%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C7586%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adks=606436291%2C592806581%2C4037182823%2C700692632%2C585369811%2C2214922354%2C1142555781%2C3687202745%2C1536889060%2C1397140349%2C824892936%2C1158310571%2C1554130010%2C3082656849%2C1657167512%2C3519266287%2C3120678580%2C3463778582&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&dssz=76&icsg=52776541529087&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x90%7C360x0%7C360x0%7C0x-1%7C390x595%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C780x7222&msz=770x90%7C360x250%7C360x250%7C0x-1%7C390x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1570x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C236x64&ga_vid=1019838014.1602120504&ga_sid=1602120504&ga_hid=1370158934&fws=0%2C0%2C0%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C644%2C128%2C128%2C2%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6c1a21feb1114f6d296c5c99d1aa98537ce87157c91c1e09552544bf1e79b11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23109
x-xss-protection: 0
google-lineitem-id: 5488910567,5488910567,5488910567,5488910567,5488910567,-2,-2,-2,-2,-2,-2,5488910567,5488910567,5496550240,-2,-2,-2,5488910567
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324635928,138324803771,138324818846,138325040833,138325038508,-2,-2,-2,-2,-2,-2,138324636126,138324636345,138325569944,-2,-2,-2,138325244371
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f390373f8323dfa8d6af1b39e1633bd7.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 57ms
13ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f390373f8323dfa8d6af1b39e1633bd7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4366 0
0 35ms
35ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUZShKwTgM0wq6M_QrblJlmrHfEPlDbQfi6Htf_aMTtQirofbn6aj8ZUydTeJjvdh6qdKHu9gO89sWkpOVljNo6iSsxvR0GHtXwEpEHO9Arkc9ZZiHcgf6zol8siXn2VPiCRZKi3EN9IedFIsNAVHw_N0Bmq8ogJZVXCeFhXq_Gp1WQhCSMl_VHGYqnU7W192Ph5Nu_f5ixgvIsP2_WQKqhw34x9ctdTY8-gwHQDl-jQcNDUG983Pkbnybzh_qGqsNTjQuOnfb9fRH4xs7r7Q&sai=AMfl-YSUeOyht9Olo7Dn_WxV3meuabEtKc6vW5YknRUYQEsnCE8Umq0hU6Ph6P9Blw0b8z3K3y0GCrjlfj5vE6p-B0O-8n3tPdiqqcTRC79AXorzx83775sxE6seU4_QCNw&sig=Cg0ArKJSzCmyzUiT9OQiEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 4366 18 KB
7 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 4366 3 KB
1 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4366 74 KB
28 KB 41ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 200 7614917863318880450
tpc.googlesyndication.com/simgad/ Frame 4366 90 KB
90 KB 33ms
17ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7614917863318880450

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2dafcf75177e09b7505be612ceec9add31f1b0ebf8c8f196d38d73ef2172f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245110
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92246
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:20:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8384 0
0 36ms
36ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqn_P-3mQOJJ8gWDE61On5kYd3D1gl70h3QuPhp9p98l4lwXv-YXh6S3K4jJzx6t4vEp6y3FRwF3VFhzKK4xSAToncgpbte2tHrsXvtkLBPP3bquw7XbkIWxVIFQXiS-Gpo8GfOiOlUVnvUCeuWKpPRPvUVzfTU3KM3ThaiDHx5NkiK1UEp8gJbGDNuFPXnVy_Xz99jdblK_39I9uZgupVbSs5_mB2__AuQ9M694VMcaI7XZszO4KI8GjP5XrsrFTjWiUAYI7q_WAuD1BspUTjM2FP&sai=AMfl-YTje3uT_o5V9zwEni9-6w3EDbMCvDjY9_32uolZXODPrkAMsCMwArE4LKoCbHUiYeBtAWK9FT0eZgbgqcKimPllN7GzcnEv27gO61PJxilrD3RbwJcEM_UK9jFmpYM&sig=Cg0ArKJSzKNMnvMYSND7EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 8384 18 KB
7 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 8384 3 KB
2 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8384 74 KB
28 KB 39ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8384 0
0 14ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQABf6pghTayD4v4GWOCXnT3cM47wT7foZIGl2-29FBWrDZ5bHyddJtySZIKL9orEIULQom
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 7405453216672365340
tpc.googlesyndication.com/simgad/ Frame 8384 115 KB
116 KB 30ms
18ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7405453216672365340

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c423887010b3cbe0875fb78bf1e60e551106805075dd38b3150d8ecc4c20fbd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245110
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118256
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 17:30:42 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 33ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 15ms
13ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=bankinfosecurity.com&host=www.bankinfosecurity.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 56A8 0
0 46ms
32ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttx1LrfpBdYQbTZfxzfnbkqBZ0eiEtDPHD5Vv287M6FdWcHJuQmpcoKMdzt7A8FfA_8xmL1r8bmFmHpEEMsHc5t5omwRJTSAUmshdG7lLPxv4Z8MawLzZYDJJws17TY5M_vTYkZXunDAKs20HivDz38khSiZ7fDnxqWFBsRWYAUWKX7CXvd1Xgo4POzZhe-rbhKSKCffZmRBHfF4U8OodaVzE0FyLePDSr2U4pdAQCfTIu3cfDjrxqY0dvnjKjOst3XfNAEpoRAhK3wT_BPky-GWhIEf8&sai=AMfl-YSr7xRXhMynKzqocW3ziKBGNvel_ky6znYLFGtFHBITXs0V0phuW03AHbMMTn14Vt_I_pV7kS0_Y192bxHpjtuzy2XG79HW2J8y1dnvOhOudAlP2zVBGfT8m0gJ8Tg&sig=Cg0ArKJSzBO5EevM7mFKEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 56A8 18 KB
7 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 56A8 3 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 56A8 74 KB
28 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 56A8 0
0 55ms
20ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3Qni-_DOzw3r3JX8cIzPJGle8suMfXi9Cj1eyTe8puLy8rQ5ScQJ2zuZeH2NSlYZRnhDE
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 15546947360494861944
tpc.googlesyndication.com/simgad/ Frame 56A8 125 KB
125 KB 27ms
9ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15546947360494861944

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b876145950a32bf33e85c949aaf29db47402fbffd0f3a969e45fa83b58ac9c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245110
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127690
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:38:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 621C 0
0 45ms
33ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnBV_bbW-7C2tvbf8oi0djNFDKwU3mXxu4pD2_oT49X5pbKtzG3VIKLHdFk4CArR7cOxIqpmlMDZjY2RwTPUNG4fBTNzQFXNmPqbPkpi8qWmqpAeAHE8PeI5vRDeEFigr4ZEa9ZLpYs1dz6amwPZnDlhhdyHSHkg927SvboTotfbJYUC5hPIK6Hk16Evvt0tVDfzBWPDXOBmNxg3Wiez6uIVr3Le2UcEb-UVGC76mtMn6XF-QaPLIiOPTEsjpWD1P9F9v2OSni2MoYLSSE-NMtm7tk&sai=AMfl-YSogSXb8CeTj3l0EufaGtKNB20R9kYdsNEjfGFRBwBbVaeMOsmn6NwPGxhtjdHfMsdpWlr1qepUBxN0ALI9JIrmc6NvF8fH5v8QNx6aHEZRVoQxa5iovbbEayaLdOg&sig=Cg0ArKJSzFZu5GvUef6cEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 621C 18 KB
7 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 621C 3 KB
1 KB 19ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 621C 74 KB
28 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 621C 0
0 52ms
22ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTZOxZevAAGxvj5coCCSCHceTLMrusb6zg8JlZJCI_TEW0z6CdhBwV_eqlKVSdsDscxdBf
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 16931159853215764700
tpc.googlesyndication.com/simgad/ Frame 621C 61 KB
61 KB 25ms
12ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16931159853215764700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c94fa29d3b37f82784d105b9589ab49df1abfc4bd944c1439ed948dd702c7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 12:37:31 GMT
x-content-type-options: nosniff
age: 219053
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62268
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:20:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 12:37:31 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A52C 0
0 39ms
32ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9YvwahtyVu0ZLKPxP2IB7DEzMufc3eh0uu7ar4We7SXFDP3T4oOMEki_4dRr2Rfu2BswesQi9hrqohzriM2C4sXV9qibXsWNdPK1Qzdtr0d9rlyvw-4DyTG4zRJxNQU7MJiPZmgGn0i-iFKCIdLouTRJd7u87PmcPoP9CsKzzzFKCAw-VaDp1fZFmQAg6-lJNfrqDcL4o2vaFadqyTzGPWniWlUoUcHz5CBZXAI1JwyTNpwYknmm77MJZcwkA5xx35-Ilr9EDut8JLm-23muFeDQ&sai=AMfl-YT10hnEwCoQNNxGZFa_l9Pc5a3dssne9VG8Z_Rao2zGW8RoHUu9Xoh23M3V6nvT8gstnp4EDUvDe-O3Tql-AWV-s0H5VlDROFUdKyFIO17dtmDsTb1ZIvh_WEUwXPY&sig=Cg0ArKJSzJmJkLMUTgDgEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 7614917863318880450
tpc.googlesyndication.com/simgad/ Frame A52C 90 KB
90 KB 15ms
9ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7614917863318880450

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2dafcf75177e09b7505be612ceec9add31f1b0ebf8c8f196d38d73ef2172f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245110
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92246
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:20:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame A52C 18 KB
7 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame A52C 3 KB
1 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A52C 74 KB
28 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame A52C 0
0 70ms
45ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTd5gLVArvFQtrhAuDzEwbUNv0B8h8dJdkj73X9olsr412EjsFQTNUgduWGqOzsh7Izmhf1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 818F 0
0 37ms
32ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyLKKstUiKa4F07LDlTLdJu6GLjZkKEGiarKmCv9wdXmyayOl4aWn_g-sg09J1BKndNj4aD-pk7Mm9_o2ag8Id9SeKtishxNdaYi23x7CdBNa3y1qGXprKTUrUFvc4xOv-S5z4b7W0BUAe-X3msN6agfxx_BHtQzy3v1hQJFJtChXbAU0YkbaZP0L5mbcfjs0XR468Pwxt8E9fzJFER3b_47M5KSz9nrGGVuUVajxFJijsUk_yVkp8oTJcNywbt4UOd11cBvPoh_ZHtaNX_UQQKw&sai=AMfl-YRqADEuxUHp8qe-K6wgYWarI522bBCF6R77kJkhHVhT5rrlrBtme_eCLFT7xK8A0o6uvi12XQy2mxpQHAdeoX7LLLZxtuqES4n4AzysW12S_MOqhp7-PR44MjEJwn8&sig=Cg0ArKJSzCZcCY33_qkWEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 818F 18 KB
7 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 818F 3 KB
1 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 818F 74 KB
28 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 818F 0
0 66ms
45ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLE_Dsq8QJKCnkvoSmCUsfDVIUmseClpbngGxrthaNTGOr1uxkWXcQSsnl8ZaJ9AkxTWNo
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 18364637846577120327
tpc.googlesyndication.com/simgad/ Frame 818F 73 KB
73 KB 22ms
12ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18364637846577120327

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bcab7894c767072695814dde2c7ea423136e59146fead4f5e7513edaf719cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 11:08:49 GMT
x-content-type-options: nosniff
age: 137975
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75103
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 17:24:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 11:08:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74D8 0
0 64ms
56ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudrztzVgg9JPNrplczh9PQZdVB37X43JW78aJrTejvokzOjRU_RvMDjhw-KTv1sNefk5XNP074fm0cxlqweWThbgfauiXSIttqrkTW1MjFYebhajoQ5O9mj9ZBBBEA_i-wUjriAIVQnKPhCXHQ_knAXBfGMEX76KxlIfatHs7BLfw2vRGlNsmGPJ9XoixmlO1kOeImdDfTnxtWL5ab6Dv4WNOqyA3LXuelWv7gN-DkvRabgpxYUD8mlcboagW93H1Rb8kDoH8HFNCQNU8&sai=AMfl-YRgNy4izD62fi1jZWeCM7EIwPS5ADANF3Gv1BhPmM9HCCy0WXj-ZIVIaJhBdkJsQj2upW5RPnfU8Apc9HrmLM6PgOYZqBdnM8KIY07IxnvYbDhAyuXNuBnkuU7K5Wk&sig=Cg0ArKJSzCEyR_wQzbXFEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 74D8 18 KB
7 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 74D8 3 KB
1 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74D8 74 KB
28 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:24 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 74D8 0
0 37ms
21ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUm3u0CFQLRyodwfDZXjzHpU81BD7bkS265YZZpBYAicXq6h7Hz0CLEa8-qiO-n1HY20C-
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 8328986240128410704
tpc.googlesyndication.com/simgad/ Frame 74D8 7 KB
7 KB 19ms
8ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8328986240128410704

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf700ba5224dd4f3d1267daa6665215dcccc63b68589ea33b7349899561a686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245110
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7066
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 19:06:42 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8384 0
21 B 40ms
40ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRBZnuv7TsjhQ3Tw9EEdHjZ6cbVn-60QeoXwgap6-uq2K9v1jgal78hD9dkfpjbSA2st312xMj1jwiy4e23DHyJFobv8fokO9xYtaqCtR16c5ZOltdNPPNbC6RUEzQvTN-W1JSacPiokfyZi9QL6dNBev5KaSb47dG4PDAp_dgSr14vWOpP9y9cHRmsMeQJQ5OdDgi6Rk5xy-O8FBVSCERNpD7mhjg6krW7wKz6K12GbBz9rk2A96J_LdnfOnxlR6_3tRSEtKTSl6MXevVaOOWMPZJTug&sai=AMfl-YQS-zmr5mTEQNKX6z6faiaZ8LfbXC7MZZ9Ph0dTw5tGApqHUgOu318_pUJmcIuo5jAFUAXUvKy5DI8YlYgqXTwNQzJaMWg79qsRYL6J5MGYbtwnwIMb1P4zd2Tc6BY&sig=Cg0ArKJSzHzVVPSmLKEIEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8384 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac2ac2084346826fbb41f65bad30bac38ae3a51e240399e5f653e5307fe46d18

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4366 0
21 B 39ms
37ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrvpOn630hg3RroDJgtADpF08xaYgEukegFMlVxPnJWeZ1eWefnvsWR5c0eGKR1EtFE9QGSbkK1Z7LK6-vnfFN6mWrnYWDBc7ZrCVr_DVlfGC5tpedrlRAIzWs0Z2CISzNEZMEsDGaQAFKrHu3cDPiCAedtGN_8UnGWXRWQSUJCDh5p5nEhb0FV0cwxT-WFGRT1TLCORKrjCfiBLoe6qQDR4B-PCRC_NHopLj8R2kkPUDhdQkG-5SF-xBH-rzIzuOlSVkAsKebm4w5Jgwdbnpctw&sai=AMfl-YRHKmwTg1e2KA6Uv-ra_Ya7SJRcv9_of7Kpehi_P0zVnjRhEjAwSSdFeujoj_wNLlRTdGh5ak1uhfETiW4A-efNlbPk98lJQW39ucewhSUHNgcI116YqFbuEKTL31s&sig=Cg0ArKJSzMqdmkjjLalgEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4366 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94e40663a83143c2010ea693d43dc3bade38bc2d1b2e52b838a86b1e5ef6c324

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 56A8 0
21 B 65ms
65ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv70Dd2fkq_fO_DUhX9aKctmUZJsW17UXQeMkUi3lR338svqmlGBp7tTdh1LjeYtFMlTACOGZIEQiBqVhPyNqmVudq_7TXujOOW2WLSmjnRrDv0t1eI_fJE0En3TBIU29wLSQp0pUyHfCk7pNFsvTrA3Dq2mUCsCVEyq4TYHRKArFk-9WdXG-Y1hdwiT6d-pP07EBASLzjtD_WmPRLvhLqjvQaV0A5Pt5a_LviLN25bd2jvBtYF4voZnANZOMSVWt59STtFzcqz-68AJf1EedQyQl73a1m-w&sai=AMfl-YQrFUuRUG-JWlf5DIWPcEacPW5YMTRh9r2gBygh2yC3ZeMMc3ctbKNx-SzauP1BABzQQHwKBHB6YoTF3sXNjs1HmEHCqs_MpktXFQs_6vGwJxxVnLq5JwlcfMgUOak&sig=Cg0ArKJSzNYQO5vlARYcEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 56A8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98325235dc6cd150b94dff11d7715e0db78f9c32f5371151aa1c519cadc27f7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A52C 0
21 B 40ms
39ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswEDoy0qH4_rh2M0oWdtAQw1VHDAJvbnjVU_DJIFzXzroVmT0TK3d_9wm28dOnG_v551PzSMQ97nZrXvwbVE4WaCWToz37Sae87w9rpgAvKfz_3GaxspBWlEyVTKZ3QHI4HOoZpNeAQ7ychcQQLKM9fTl1BHUZCKoDhHKdl7tCA-XWUQhDiy--sLv-eV_b8TqwXGozQCceBzPM9xAcTV03uL5OvPv52PeWFLJDZyA0wyasvkt8dDaLtT85GYot1I70hkpnDVf_0m02HGe_k5flErQtYg&sai=AMfl-YRk79mNi8gR7xAF9mKb79NSCvaNzCwSpqxhOhyWX-_X8ZhljQg7QEWR6YcbszEQg5ozpabC1YclCZg8cQxWw9INyXa_kfPpoRJH2TvRPm0pJ3R7hkSV4STq023oV4c&sig=Cg0ArKJSzOP948ID4eoaEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A52C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fd4da7247486719a21a8928dd19967e334508db11ba651dff763dd34d16a1e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 621C 0
21 B 32ms
32ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLUww3rbz3lX6q0ERsN0ZO9MpB9gVof-VlcFoXIkDCdY8Pb2Ad4URuJiZvYQHA7atIxoJ2zH3POREvIcnQl9ml3fqIM7lpEKUXVPtxKjFgMy-R-u4szRZirIU9HUSi-oMH4t8-EF59l6Idwfj7KU2yCkWf4olEWWo8Pnp6p-pPEpkTheRlRJx8r-FZsB7KeDinVXnEDNfebiY8wpcmiYoTWji4h-qTeGUGSG-be2M41cENQsEVy_z2gSjgp6yTGoSxwL9FLB4EfV1Nv1KPKoWs7k-TaZY&sai=AMfl-YQQgDllvY64uhLqOurFY64Z4vyEfmtpQIB2aCgK2zLwklk2-5gypaVmjTj-yy9CTG-eHjU_vlpc3Ci0zzLFhaG3houmFw27oZHoUHNS0ji8xpItKWzW6w_RNCvPhg8&sig=Cg0ArKJSzN6SsRdY6nj4EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 621C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48db21aa65b5d769a6be735fc4eae9ace64e71a7819aa8d0390dab6cb5e6287

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 818F 0
21 B 33ms
32ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG5Jr9Gk6b3Kh2DQEkic96HFEYwKXo2niTvYCyk4450rNbSDqdVmG8fohQ2cc2y8x-8tiZNEEJ54XT351FCFUfqT5RO9Woui0WQvMJXvaE7687mK1HIIQU4zjbOG72Vd3xAtodlQluwOADqcCfRAbVs24vTwySsyzKcYT5eaZYeAQ_KkcnxgdEUOxmI_IHWqGWdqrJRnc-DCUYHfeh8Ulpc8s20318f3z-s7ea-LJgyNFo72H7J7abnH_LASGdtoFGkWXn1UY7GfP50t_i3FtfLr8l&sai=AMfl-YRaVWOcJay-mlG2eoVXJrRk_yrwzvUwBywu8sFlqQoYPhBJWFL_-JuV5BaEi79wF4zcmAcj47hsJZCXsOL_2S_D4SvXiZXm9KGGKFHndE6hhXAObRZOlEueHrTfO-o&sig=Cg0ArKJSzGaNxr4H01nPEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74D8 0
44 B 33ms
32ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVZfiwiIeWzFsuFFWCrFASz_XNVZ3D2mCG_mOYmFBmvSW4yQqiOQRg-8jxeqL5GMvWfQvQLN1L1umlv5qJcUzkOQ5v8YrexJO7ukcJhwxy85tm1aVE_Ix-UoD3INDZZyYrbp_r9XJi2DripPe79dneFDaQ3xzPKDAe3pxOO-FJ9rFpctrpy8CHGFZ-gVhnZ8fcHUWFgoNLh7LUgKYIwAS_p1cLGMekMB8KgGQcaIgNqC6dAawcU7eBBXmaeFJExzHZa_L5nmOrK4YJnKnm1g&sai=AMfl-YRI438ycgWup1fEYPR8KmpyHPpo43-VDKjhAITwY9zI_vlTQZnoV7TbOj3n-nh_UkZBqzQ0bCJE--56mzWveCa0UHsncP9jZyNVzF7laitGBDLNetcuiyRmHHn-M1k&sig=Cg0ArKJSzOy3j2DH7yL0EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 74D8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9462d3ddb05a216970427fac8295993891b9ac9935ef45c876ec9493d7cdc94a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.d70637fa1c39d358d2553bf476f09a98.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 66ms
35ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.d70637fa1c39d358d2553bf476f09a98.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 189877
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 22103
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 20:15:50 GMT
server: cloudflare
etag: "5f7b7ef6-5657"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a76beedd0000073e0cb07200000001
accept-ranges: bytes
cf-ray: 5dec15c49bcc073e-FRA
expires: Tue, 05 Oct 2021 20:43:43 GMT

GET
H2 200 common.bundle.e07f4f02bedd02259fb3f3e092970560.js
c.disquscdn.com/next/embed/ 0
88 KB 67ms
36ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e07f4f02bedd02259fb3f3e092970560.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3359287
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 89940
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Sun, 30 Aug 2020 04:13:44 GMT
server: cloudflare
etag: "5f4b2778-15f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a76beedd0000073e0cb08200000001
accept-ranges: bytes
cf-ray: 5dec15c49bcd073e-FRA
expires: Mon, 30 Aug 2021 04:20:17 GMT

GET
H2 200 lounge.bundle.e036f421f8b1b0c7a5e3f86da59ffb99.js
c.disquscdn.com/next/embed/ 0
113 KB 51ms
21ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e036f421f8b1b0c7a5e3f86da59ffb99.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 100796
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 115097
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 06 Oct 2020 21:17:56 GMT
server: cloudflare
etag: "5f7cdf04-1c199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a76beedd0000073e0cb09200000001
accept-ranges: bytes
cf-ray: 5dec15c49bce073e-FRA
expires: Wed, 06 Oct 2021 21:28:27 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
8 KB 426ms
15ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:25 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 53
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 7281
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 2422 0
0 294ms
126ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&t_d=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&t_t=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&s_o=default

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

Connection: keep-alive
Content-Length: 2712
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 10 Aug 2020 08:03:43 GMT
ETag: W/"lounge:view:7840541092.f953e7201cb605d947e32d8d907343c3.2"
Content-Encoding: gzip
Date: Thu, 08 Oct 2020 01:28:25 GMT
Age: 7
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 644 B
2 KB 34ms
34ms Script
application/javascript 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=57819&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&pv=1602120505523_zg4z0cwmj&bl=en-us&cb=3703535&return=&ht=&d=&dc=&si=1602120505523_zg4z0cwmj&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a21d1aad3df97576330e436a0161a431c989d3da14a3bc2829f615a5c6182811

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:28:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 468
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 520ms
174ms Script
application/javascript 3.89.179.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=892020
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.179.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-179-232.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 09 Oct 2020 01:28:25 GMT

GET
H2 200 bundle.c1414569ae0d48cdd8c614158295e905.js Show response
vue.comm100.com/js/ Frame A373 1002 KB
243 KB 43ms
26ms Script
application/javascript 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Requested by: Host: chatserver.comm100.com
URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 99219fecaa6e9ee4f6c103172f2b6c870c5f6adab22535afba2090680a3253fa

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1361991
x-powered-by: ASP.NET
status: 200
content-length: 248284
cf-request-id: 05a76bf0e900009d06d1802200000001
last-modified: Tue, 22 Sep 2020 07:08:27 GMT
server: cloudflare
etag: "80a7d2baf90d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5dec15c7daed9d06-AMS

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3613665788828844043&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665788828844043&redir=

42 B
915 B

35ms
35ms

Image
image/gif

34.251.184.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665788828844043&redir=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.184.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-184-34.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-05a0c13e3.edge-irl1.demdex.com 5.78.0.20200908113611 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: p0GOwv2YS9g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: h2rznfgQQwg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665788828844043&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3613665788828844043
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMzY2NTc4ODgyODg0NDA0MxAAGg0Iudb5-wUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=1d594d98e1de5140842fe9eb1a9a746a91d2d70135a0a675ce9198a53f670fe9f4cb09cee1a4f8eb&person_id=3613665788828844043&eid=50082

43 B
312 B

34ms
34ms

Image
image/gif

34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=1d594d98e1de5140842fe9eb1a9a746a91d2d70135a0a675ce9198a53f670fe9f4cb09cee1a4f8eb&person_id=3613665788828844043&eid=50082
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:25 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 21:28:25 GMT

Redirect headers

date: Thu, 08 Oct 2020 01:28:25 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=1d594d98e1de5140842fe9eb1a9a746a91d2d70135a0a675ce9198a53f670fe9f4cb09cee1a4f8eb&person_id=3613665788828844043&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=6ade344b-abdd-4e2a-bab5-0901459c943b
https://ml314.com/csync.ashx?fp=6ade344b-abdd-4e2a-bab5-0901459c943b&person_id=3613665788828844043&eid=53819

43 B
312 B

34ms
33ms

Image
image/gif

34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=6ade344b-abdd-4e2a-bab5-0901459c943b&person_id=3613665788828844043&eid=53819
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:24 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 21:28:25 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:28:25 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://ml314.com/csync.ashx?fp=6ade344b-abdd-4e2a-bab5-0901459c943b&person_id=3613665788828844043&eid=53819
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Thu, 08 Oct 2020 21:28:25 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665788828844043
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665788828844043
https://ml314.com/csync.ashx?fp=ff5af12fdc3c1a6fbb46a75a5b763f17&eid=50146&person_id=3613665788828844043

43 B
312 B

34ms
33ms

Image
image/gif

34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=ff5af12fdc3c1a6fbb46a75a5b763f17&eid=50146&person_id=3613665788828844043
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:25 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 21:28:25 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:25 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=ff5af12fdc3c1a6fbb46a75a5b763f17&eid=50146&person_id=3613665788828844043
cache-control: no-cache
x-server: 10.45.15.199
content-length: 0
expires: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

0
344 B

23ms
22ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:26 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=r8hrb20&t=gif
Date: Thu, 08 Oct 2020 01:28:26 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame A373 996 B
888 B 740ms
709ms XHR
text/json 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 948a0e2203b91961b74d4ca9d8e37734b6f8c7da96f24b70839a52b536541c60

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Oct 2020 01:28:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 548
cf-request-id: 05a76bf17c00009d06d1806200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: private
access-control-allow-credentials: true
cf-ray: 5dec15c8cb0e9d06-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8384 42 B
269 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZJOTooYSTBtlgCdaoLALIj4Qm_UrGc2eHRELHZDJ_23wXQLFQQxZLpywj06LwCaMShy8YAyJcIr8OSTnRIMJYwETRK8BaqucpJdoYu5g&sig=Cg0ArKJSzH18_U3yY-2dEAE&adk=592806581&tt=-1&bs=1600%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=587,1040,837,1340&postrxl=1&mcvt=1008&rs=0&ht=0&tfs=246&tls=1254&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=6&niot_cbk=243&md=2&btr=0&cpmav=0&lm=2&rst=1602120504644&dlt&rpt=387&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1251&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201007

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4366 42 B
65 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYOnjB3cBYgomdcZw6snZDmq4QgQNJmO8W-QL_QL8zH0Wa30kcK2ZSjrkTTFwolHnNGunN6LQlGlXkG9H8xYVhO2RqzyXbcFHaNGUPDzI&sig=Cg0ArKJSzGAQ63blKUIEEAE&adk=606436291&tt=-1&bs=1600%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=71,636,161,1364&postrxl=1&mcvt=1010&rs=0&ht=0&tfs=237&tls=1247&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=233&md=2&btr=0&cpmav=0&lm=2&rst=1602120504642&dlt&rpt=406&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1246&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201007

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 74D8 42 B
65 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLlEt9pQCUk6Mpl3BDB6E3QstS30y1_Z2bcWC7VF5AMe5WoF0xiA4PzkA6yX45N51IlXYJ9sngPP7ZFBXNpcwmiSoZrX2c_yIC4w3dPBQ&sig=Cg0ArKJSzH7-zo06my8JEAE&adk=3463778582&tt=-1&bs=1600%2C1200&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&p=323,754,377,970&postrxl=1&mcvt=1029&rs=0&ht=0&tfs=105&tls=1134&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=75&md=2&btr=0&cpmav=0&lm=2&rst=1602120504693&dlt&rpt=322&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1133&is=216%2C54&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=216x54&itpl=3&v=20201007

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame A373 1 KB
1 KB 738ms
737ms XHR
text/json 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f2caa3c710897ddb79bdbdaadbb07957517c4bacfa00ab1b19e45e4a53318ed1

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Oct 2020 01:28:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 723
cf-request-id: 05a76bf44700009d06d1811200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: private
access-control-allow-credentials: true
cf-ray: 5dec15cd3bd29d06-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H/1.1 200
OK bis-hdr.desktop.r2.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 2 KB
979 B 133ms
132ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.desktop.r2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 595

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020100201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eba19e65165ce8cf52a11df3fcfbe2bb497d0e01115004cc7c5cf0c3398e4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6737
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 818F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9379623abd574d27f5f35cdb70312df2ef4d6f92a25601403f4518095b8d45c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 2 KB
1 KB 104ms
33ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:26 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 107122
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1044
x-llid: 6fc33885a8d9ce5ca7ace975f9c5d0be

GET
H2

204

64ead273d1f41aa7
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7

0
191 B

75ms
26ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/64ead273d1f41aa7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 08 Oct 2020 01:28:26 GMT
cache-control: max-age=0,no-cache,no-store
expires: Tue, 11 Oct 1977 12:34:56 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"

Redirect headers

status: 301
content-length: 0
location: https://pixel.sitescout.com/iap/64ead273d1f41aa7

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:28:26 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 5E5B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Wed, 07 Oct 2020 23:00:52 GMT
expires: Thu, 07 Oct 2021 23:00:52 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8854
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 9664 0
0 43ms
25ms Document
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

status: 204
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Thu, 08 Oct 2020 01:28:26 GMT
server: AC1.1

GET
H2 200 dabbb58b17f5118e
pixel.sitescout.com/up/ 43 B
267 B 719ms
699ms Image
image/gif 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/dabbb58b17f5118e?cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
status: 200
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
24 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020100201&jk=1285731632229516&bg=!Xl2lXX3NAAWYAzhQmFiv-DLIzc6SoAIAAABDUgAAAA0KAX4TTJq52DNqJeDgYZVDkvVDR2xXu7zhM5itSdKyzpLwyz16lKaJ7gdOGJLHvJdHo2CmtfaG5QWjg3wC5OjsywjJJ7C5-ggcRedxe3qGy9-BsWLEPs1yU8dE3rd3N1Dfj2GAbTu0wwGfmwOaemOY1Po5EVDo6B4axL7myDJFrOe8IS_lLA55AZOLO62QwNk6GtCc6DBSB6pQX-FrbTO-WBo9U2tosUlKqHD5oBHeAil7bL3bJ99-OkvxaBG8Aa16OUg3U9t33MdoK7xbSSuoQBA-v7tUU4BgWaymy2rEiGNdUgDtFEd5q5gBSPQZzeRiQc1dskdH9tMg3p_X5O7DZ7hGX4jBZhwLHafvNiwCKFgleJXUcGqDk1T1Zoi53eHFnLG059iSavViX9qirakmXQeJmLSVkTsC6IYF8i7KwotPCN7FfpBr8O3NIM9F8bJCYvWy63kdicKrVUg42eIasmupe52e7tlBsOeh0_0VSjheml2DNAe00Kpy8MOjX6a7mQHmkauOXuvfAgBlvhz0aLXyjqiPTV8nczuy3bnd_uigOdQGgSsGFU1OdDb-rm1bYFIfuf7AhqbEyA9_uq0-3e09cXMYNfKmAD_qPNVnsCt0g8OrXrGepbOOGFVKtqol_anNjcoS7yrpD5Vd7Yz2DKC5VUQvLB76ohlztF_HFk5nFY7FLmN9FPNJ6cAygrdJe-lp_gbb_-nVPtF6ocRhJpaz0k9zhIkSlt_WqfbqbPuEVCFIIKfwtykvtGDHnLzl93DpamuI3EOhBY9xQ-vaV2o-rKww0BoMe1w-g8RZ37O-Uo_mltsmUCaut9g7WZPfediW1v_vkpY3wyhWzOMxz9sdHWgKF6sHpx6rHDjjH4dmkw8SN_-BeYpFB-eFm3M8xTHk1kWKaLV24Fdn2nkY1F6qnEClJlaAPQKeKtUGOybq_yM8Vj34eFFWV8iKK4kC1eryfAJEYWEIPmAk1ot-lN4mkdPEC8jSid7_mbhnJhESt0bF3BIWC5DNsj0oN8wO2jSk-oC__P-ulbAYfH5YyV6cjbX3FvfZkunOj5Q5uSl_QqBuVGvfJmfY5QHcUWS3a31zgLBbmIrjAol3mEyzW6mrYxP1ZloeBAEZv7tjj7KJZIFs1T_ACHd1Tp-uXj9gdfZbAmTg5KfU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 campaign.ashx Show response
chatserver3.comm100.com/ Frame A373 6 KB
3 KB 767ms
731ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/campaign.ashx?siteId=92035&campaignId=1275&lastUpdateTime=75567E86D28614B61879350BF24B10CF3D5F2F97D558627059BACCEACEA691D0
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:28:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 2617
cf-request-id: 05a76bf7510000fa648e15d200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5dec15d219e1fa64-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 818F 42 B
88 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhW6CYipbGOlIOx8UyTnWAe23617cid2dt2LXEBFzZwrwepO55DXYcsar8n-aI1emPedv_umcZK7P8-rujHZJnzjn3TTDKL5SSqTMnN1I&sig=Cg0ArKJSzIGqTm6UbW9ZEAE&adk=3082656849&tt=-1&bs=1600%2C1200&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&p=168,480,648,1120&postrxl=1&mcvt=1019&rs=0&ht=0&tfs=1886&tls=2905&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=2&niot_cbk=158&md=2&btr=0&cpmav=0&lm=2&rst=1602120504693&dlt&rpt=359&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-29-2-28-28-0-0-0&tvt=2904&is=640%2C480&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=29&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=640x480&itpl=3&v=20201007

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:28:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK imsync.ashx Show response
ml314.com/ 17 B
427 B 34ms
34ms Script
text/html 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/imsync.ashx?pi=3613665788828844043&data=eyJwaCI6OTQ5Nywid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNjAyMTIwNTA1NTIzX3pnNHowY3dtaiIsInNkIjoxMjAwfQ%3D%3D
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:40 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 135

GET
H/1.1 200
OK imsync.ashx Show response
ml314.com/ 17 B
427 B 34ms
33ms Script
text/html 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/imsync.ashx?pi=3613665788828844043&data=eyJwaCI6OTQ5Nywid2giOjEyMDAsInRicyI6MCwiZHQiOjMwLCJwaWQiOiIxNjAyMTIwNTA1NTIzX3pnNHowY3dtaiIsInNkIjoxMjAwfQ%3D%3D
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:28:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 135

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://contact.alsid.com/e2t/tc/VVYRZk7fklQzW6Tky514llp_CW8fXtNV4gWkP0N5l4bkh3p_9LV1-WJV7CgTQcW4jF-Q23xKxTtW2-6Yqb8v5D8_W8pRjgr329Cq4VwFVd11hjBBTW3m3rb_63H2SQW3JR8Y18vldWwVwQpCg6MtfzvW5bv-NY323yWkW9bbzZT2-GwPWW6kcnxX46FG-yW2-mj0T7y6_wPW353C9X4wtnMJVwkXgB6YBvTxW8vzqJD66qFJlN4L1LBWgFMvSW165ZR-7714BlW6FzX046jJ02jW4DGPsV6zd6N9W1Q_hTG7yVh_RW3hB7-17f-HrtW63KklB495j22W3_Nc578XjqnRVd1zP049MqVlW6Jbfg_5k2_c2VFVP036n8XGpW1zg3sG2QzDjrN4yyPV3wb5XxW2w4F9Q3m6mqw35wM1(Line 13) Message: toS
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 051-ZXI-237 [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com
051-zxi-237.mktoresp.com
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com
adservice.google.com
adservice.google.de
bankinfosecurity.disqus.com
c.disquscdn.com
cdn01.basis.net
chatserver.comm100.com
chatserver3.comm100.com
contact.alsid.com
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com
disqus.com
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
f390373f8323dfa8d6af1b39e1633bd7.safeframe.googlesyndication.com
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
in.ml314.com
m.addthis.com
match.adsrvr.org
ml314.com
munchkin.marketo.net
pagead2.googlesyndication.com
pbs.twimg.com
pixel-a.basis.net
pixel.sitescout.com
platform.twitter.com
ps.eyeota.net
px.ads.linkedin.com
s7.addthis.com
script.crazyegg.com
securepubads.g.doubleclick.net
sjs.bizographics.com
snap.licdn.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
v1.addthisedge.com
vue.comm100.com
worker.ismgcorp.com
www.bankinfosecurity.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
s7.addthis.com
104.109.95.62
104.130.251.6
104.20.4.43
104.20.5.43
13.224.186.208
151.101.12.134
151.101.64.134
172.217.16.194
178.79.242.181
192.28.147.68
2.18.233.88
2.18.235.40
23.210.248.44
2600:1480:4000:e5::
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6811:83b4
2606:4700::6812:a813
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2003
2a00:1450:4001:814::2002
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2001
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2008
2a00:1450:4001:825::2001
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9c
2a02:26f0:2b00:7b2::3adf
2a02:26f0:6c00:296::25ea
2a05:f500:10:101::b93f:9105
3.121.27.153
3.89.179.232
34.120.207.148
34.249.122.179
34.251.184.34
50.56.167.254
52.210.253.186
63.33.218.134
66.155.71.150
0403c515c5536112b5861d54cac246d18459deda44b39a5a2c5df9de61fb1d31
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055097971005ebe69e878dcac676ffd374023b00105fe44f9eacab592125d26d
073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab
0c4accf30afc031dcb451116c98478ec576f272fd4c3a2238e75de4a9de4783c
0fb6e91af33743bcaa2607e68f577561406f6a2e98706aad910e8b4b87b0d7bc
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1436c906c0691c6d7e77c015f3f454e1c3df917404c2b96171d5e7e899aa3c84
199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d
1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90
1bef2db7382c6ccb87330344baa7d41b186dae65caf68be842eff0135f7b3fd8
1df54f8dbef8cd08be86c494bca772a96cf27befb090225e493b825f3c9270b0
1e2d056273fc351e8e5a737598ed3183123f0e3eb949e79892d5fba36394b804
1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e
22eebfc59195e416f7a2c75d774b2dbc23d676045560dfbfaf2e7a0e5cb0c4be
23da1dd7c3c9ea31b5cba0b16ddc8bd521f11ba2b622692f4ec5703fc7555221
247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251
256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b
29a712b6b2fcbb3b269d7ed6ebf79d824565230ad888cb330850b64d7120a67b
29fc20dde9756a5d7609e0922846a104358f3a14a6d4addaa292d0b6fd7293d0
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2eba19e65165ce8cf52a11df3fcfbe2bb497d0e01115004cc7c5cf0c3398e4f9
3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61
35f2ec4ccf6ffe8eb7d38a99ed8a62168cdbd62b6abe4190ed2f8acbd1e550cf
3b7d6d0424c30819e0b26d96c8b56b8e4676ac5d653068ff62bb98eca8996ffd
3bd0b92cc518315c75682e4d5224b205a2342a9ef0211f691b75e7ea53ca03a9
3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3
3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939
401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c
4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
498fca4d26545e4c880c6274f52fa51fe3969ab1e00adb93b8bb0758ae0bb6f7
4ac70c25427ee4c5d8aab662e578c8a41238bed58fabf9a5e007f40ce2f18332
4b5338691e8fe24b9f5c758f9ee0e5b8fdc92ae2fb1d257c2c11ef774ecc5c08
4b76b0645873cc7483c348bf007931e8a0dc7a66b9edee5df59d3c286f5bc3c9
4bb5458a327e2c07911e9c3a33615af83428c2682fab4abc0a691154440801be
4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305
4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186
4c94fa29d3b37f82784d105b9589ab49df1abfc4bd944c1439ed948dd702c7b9
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04
4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390
4f65172cf1560e67a4b40f4a698a4406648240a551fe11c9a63eeafeed3e2aac
4fac36753dd1c16056c04d8142125e708c1d6c44d6d5906e009cd3487917cc56
5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577
52b6282ec22c7e5d1e7053d40b0bf220227931f84ee7a2504cbe29f63581e25a
532a553e83ef36070af13f3cc7185d268e3c1e609a0d58e23044be8497830bd3
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5582702e5c3761e45e6b279aa8adae9fa0dd4e787da99c954bf0cf5926c9e689
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5f58cd7e45b2163d52f7c4f5ec1ff75b21a8e58a7b646da8236bccd95d16f65b
5fec84428e2f011dcfcafc98d11e591d983959534aa6e668f56f4ef00854af79
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
625fe25b5223dbf4bed0ba00d2b4e41a28384ba9fe952e07440b3eab0215a127
62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea
6699f01143db728abd2c63ea26e7d067b8908bf6cb84059653757aff1dd885d6
69278fe35261286939e10f3832f461f9bf6addf267ffe0134e26be3d313dbd7d
6ab58161de587ae970a0a44762ee958838e961ef928c58cd9a2e680b3348171c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcab7894c767072695814dde2c7ea423136e59146fead4f5e7513edaf719cd5
6c1a21feb1114f6d296c5c99d1aa98537ce87157c91c1e09552544bf1e79b11e
6caf904d3dfc096ae3b4e40aed43181686bdf1bac4722b3dd2a775ab6d2a9992
6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0
6fbbe23fd5c7169008f0344223770976f0284da565346d05f27c5d962c536d57
6ff6fc40d92ba4d4853b2b4eda1bad70484a85cceb9bb371d6430b0445d2d944
73c33b32563e2637be90df68581c0ef5bbea9c1a4adb40efb236e864bf0f606b
75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0
77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1
78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1
7992bf4c67b2c0209562ea69a0788e115c7ff3ddbbb955e77be3d0311d87f058
7d02f9bc1c7fcb14a9b1abe6cf2f220a44fa75221025d7c9964f715f0144aa3b
7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760
7d655e8cd62ba58d86b3bc9c8e1e04a76506a4dfc852c3b3813deb0aef284548
7f59c27c1725a063adf2ea814ff0a1e3425e732c4cb7ad0baea3ddae5b721085
7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8
80b3a7b8fa2f7513527e5cd22e7674136d237c8382debb79fd57acd70896ea6c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8388d38e2cc888f21ec1c50862c6565f1305d98f75a4e86989df4e27a3028a0d
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89
8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf
8bca57519350180478d4a8bda6c1e2d99ceec3257e484459055119da25d71aa5
8ccfdf42877037670930e65c205ea0353531575475d29d62ff8f459b72531e17
8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e
8e60fab2e2b9c19d242fec6e050287e77a856131745637ba776d3e6a3412023c
8eb20e5580f80d3c0b7774df6da9c8b577407a05ee76a4433bd0e095d31fba59
8fd4da7247486719a21a8928dd19967e334508db11ba651dff763dd34d16a1e0
8fe66db584b92b70607f85dab9ebe96762bbe6a3b6e02af2bb0d74510a9c802b
9379623abd574d27f5f35cdb70312df2ef4d6f92a25601403f4518095b8d45c5
93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39
93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94
9462d3ddb05a216970427fac8295993891b9ac9935ef45c876ec9493d7cdc94a
948a0e2203b91961b74d4ca9d8e37734b6f8c7da96f24b70839a52b536541c60
94e0c0d6c127bda523dadca10142ccb5067b5881bf3f54dbd7337bc03f6fe48e
94e40663a83143c2010ea693d43dc3bade38bc2d1b2e52b838a86b1e5ef6c324
970ea7e2eced4dea206add7c2f326305464289e4f05dcdb50cbf7547759ae24d
977ad6f0040516963fa6ffe06a02895625f91a75f548524f164f69a9c9c33f05
98325235dc6cd150b94dff11d7715e0db78f9c32f5371151aa1c519cadc27f7f
98b7a065a2fe07cffa3c706cd7feda83d067e194f82023a614c9a0b312388c46
99219fecaa6e9ee4f6c103172f2b6c870c5f6adab22535afba2090680a3253fa
9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a21d1aad3df97576330e436a0161a431c989d3da14a3bc2829f615a5c6182811
a2dafcf75177e09b7505be612ceec9add31f1b0ebf8c8f196d38d73ef2172f24
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5f40c4ade80ce99185995716977cf6f3d461815e79ec2a4279e605a63fc2047
a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d
a7a4bbb8d67be3c9f040e20e99ab132b9af6f99971d112f74751aa3347d15807
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0
aa6bb99958c99668c815297194ee751e59e73141765c5a41e4d113313bc0fb0f
ac2ac2084346826fbb41f65bad30bac38ae3a51e240399e5f653e5307fe46d18
ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee
b09605e93ea31f8a56878c649fd3d75a316485ad6485aa1c9bcfc5aae121c70f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b876145950a32bf33e85c949aaf29db47402fbffd0f3a969e45fa83b58ac9c67
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de
ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f
baee07e6cf9cf189699de48a4a7009c3920868c17af309a6c3c2fd773082ec46
bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e
bf3b919c876674e37869a3b13b80331adeaab41c7bd1b748e62129ffa4dcacf0
bf6005f6e5e8f5fbecf055ce4e63dfc6096b584acf0973e4da11a5ce408fd414
c09cf4b6a8d7250fd79637fba66286b2b6f61582a5ae71894e1506d302e6cd38
c1fd1157140962871adabb2c4dcae806e3acadb8cd672a995c9a1675e963562b
c423887010b3cbe0875fb78bf1e60e551106805075dd38b3150d8ecc4c20fbd0
c48db21aa65b5d769a6be735fc4eae9ace64e71a7819aa8d0390dab6cb5e6287
c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2
c922571f00cbeeb2c51d53066b76efa9f46487ea6a5a4361fe11ae27312e5e43
cb5b342fef792e0966f734e1aaf8ca27f9411bb3b11cdf0d0c42daccc83359ee
ce95c6cde0c6fb2e69a15cca63fded4719cf4275cd03fcc6279cf4d0e9ea0177
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d12f6cf7edbff2f3c822ab34097959439742be46dbef07aa645929594ec1f58c
d4295a82589cbed7f7871b30bc190ecbb6d985b3c30a5e63ebf891b3b1a88955
d78489fc36dabb005c4aa9088e8bf675dbba88db0a40b22b2d6163ac2f693fac
d93f11b9b3c1c2e17e0ccfc61fbec9d56bc19b43afed81580b28da4abf41c3c4
d9da61cbf2665aed71c6d5c6d58282fa9ca941d488718bf16fc49f819fa2bbf2
dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279
dcf700ba5224dd4f3d1267daa6665215dcccc63b68589ea33b7349899561a686
e12c7ef56e8244af1de27e6717aea5fedcab5bf4701c6f4c8a7f82a7cefe708c
e1e054a920ed9c95bdcf34bccbc0861a8d847cd0b67374472971666c31646f7f
e23cd6ec036d05a916661b49f4ecd66267741eaca34726213635cad53239c067
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31
e77aff24d02c37edcbeb68b5e565a43367436a996f37b8d8df26c8fa6a368805
e7bd0b1c71678463acb8f96f3a6cd4eeda6ee0c196ded8bf557ac5b2b5ae864a
e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6
ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461
ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d
eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5
eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ba087e5db261aad74219647cb8f9004e32305ab23ef02a162f4c79574dd90d
f0f87842d5f5ddd7b3c1f2ced30c670e494e075769cd798c1c81bd92831121ac
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af
f2caa3c710897ddb79bdbdaadbb07957517c4bacfa00ab1b19e45e4a53318ed1
f39f33327378cf5aad8b1d72b7f2c5ced2f64686ee86cd18c2a7dea386151963
f49eaccc717300154b7e0b0ddb63a95b28cb427335e3714472eb4936cc33e8b6
f4aa5a3b3420b193597567f536578c6edb5204a3b119c65701208c20befde87c
f52831041e56692711b8cef37ed2b9efd1e7a57244700662956ba76ee75e37fc
f8a3f3e789888cc4d06c6168c575b44481339a6cf22395a0f1ae232090937af9
fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

www.bankinfosecurity.com Open in urlscan Pro 50.56.167.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

247 Requests

96 %HTTPS

49 %IPv6

36 Domains

56 Subdomains

40 IPs

8 Countries

10919 kBTransfer

17884 kBSize

0 Cookies

74 Outgoing links

Page URL History

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bankinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

96 %
HTTPS

49 %
IPv6

36
Domains

56
Subdomains

40
IPs

8
Countries

10919 kB
Transfer

17884 kB
Size

0
Cookies

247 HTTP transactions
0 data transactions