www.computerweekly.com Open in urlscan Pro
206.19.49.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Submission: On March 23 via api (March 23rd 2021, 2:20:50 pm UTC) from US

Summary HTTP 169 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 51 IPs in 5 countries across 27 domains to perform 169 HTTP transactions. The main IP is 206.19.49.153, located in United States and belongs to ATT-CERFNET-BLOCK, US. The main domain is www.computerweekly.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2019. Valid for: 2 years.

This is the only time www.computerweekly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	206.19.49.153 206.19.49.153	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
23	163.171.129.149 163.171.129.149	54994 (QUANTILNE...) (QUANTILNETWORKS)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:d800:e:5a70:ca47:86e1	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.64 13.226.159.64	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.54 13.226.159.54	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	206.19.49.191 206.19.49.191	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	18.158.31.168 18.158.31.168	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.70 13.226.159.70	16509 (AMAZON-02) (AMAZON-02)
1 1	206.19.49.186 206.19.49.186	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	34.192.142.95 34.192.142.95	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:218... 2600:9000:2182:e400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.67 13.226.159.67	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.75 13.226.159.75	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	54.225.165.85 54.225.165.85	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	54.88.207.148 54.88.207.148	14618 (AMAZON-AES) (AMAZON-AES)
2	34.192.124.255 34.192.124.255	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.159.24 13.226.159.24	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5 8	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	13.226.159.56 13.226.159.56	16509 (AMAZON-02) (AMAZON-02)
13	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
7	18.204.252.33 18.204.252.33	14618 (AMAZON-AES) (AMAZON-AES)
6	2a02:26f0:10c... 2a02:26f0:10c:49e::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
8	213.254.244.20 213.254.244.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	99.86.3.47 99.86.3.47	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	213.254.244.17 213.254.244.17	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
169	51

1 206.19.49.153 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)
PTR: searchsites.techtarget.com

www.computerweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 163.171.129.149 (United Kingdom)

ASN54994 (QUANTILNETWORKS, US)

cdn.ttgtmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:d800:e:5a70:ca47:86e1 (United States)

ASN16509 (AMAZON-02, US)

cdn.flipboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-64.dus51.r.cloudfront.net

gdpr-tcfv2.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-54.dus51.r.cloudfront.net

ccpa.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.191 (United States)

ASN7018 (ATT-INTERNET4, US)

users.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.31.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-31-168.eu-central-1.compute.amazonaws.com

consent.computerweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-70.dus51.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.186 (United States) 1 redirects

ASN17225 (ATT-CERFNET-BLOCK, US)

go.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.192.142.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-142-95.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:e400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-67.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-75.dus51.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.165.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-165-85.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.207.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-207-148.compute-1.amazonaws.com

ccpa-service.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.124.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-124-255.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-24.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.90 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-56.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a51eb4276ed3948d536800a37317c1ce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.204.252.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-252-33.compute-1.amazonaws.com

ads-v2.spotible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:10c:49e::4469 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20223.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20225.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-47.fra6.r.cloudfront.net

cdn.spotible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.17 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps20234.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com a51eb4276ed3948d536800a37317c1ce.safeframe.googlesyndication.com tpc.googlesyndication.com	464 KB
23	ttgtmedia.com cdn.ttgtmedia.com	528 KB
22	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	150 KB
16	doubleverify.com cdn.doubleverify.com tps.doubleverify.com tps20223.doubleverify.com tps20225.doubleverify.com tps20234.doubleverify.com	274 KB
13	google-analytics.com www.google-analytics.com	20 KB
10	google.com www.google.com adservice.google.com	24 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	359 KB
8	spotible.com ads-v2.spotible.com cdn.spotible.com	124 KB
8	adnxs.com 5 redirects ib.adnxs.com	9 KB
6	googletagservices.com www.googletagservices.com	190 KB
5	dpmsrv.com a.dpmsrv.com s.dpmsrv.com	55 KB
4	sp-prod.net gdpr-tcfv2.sp-prod.net ccpa.sp-prod.net ccpa-service.sp-prod.net	63 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	computerweekly.com www.computerweekly.com consent.computerweekly.com	112 KB
2	nr-data.net bam-cell.nr-data.net	1016 B
2	google.de adservice.google.de	482 B
2	chartbeat.net ping.chartbeat.net	337 B
2	privacy-mgmt.com cdn.privacy-mgmt.com	2 KB
2	googletagmanager.com www.googletagmanager.com	113 KB
2	techtarget.com 1 redirects users.techtarget.com go.techtarget.com	2 KB
2	flipboard.com cdn.flipboard.com	8 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	33 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	rlcdn.com idsync.rlcdn.com	66 B
1	googleadservices.com partner.googleadservices.com	411 B
1	ipify.org api.ipify.org	263 B
1	chartbeat.com static.chartbeat.com	14 KB
169	27

	Domain	Requested by
23	cdn.ttgtmedia.com	www.computerweekly.com cdn.ttgtmedia.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.computerweekly.com
12	securepubads.g.doubleclick.net	www.googletagservices.com www.computerweekly.com
10	pagead2.googlesyndication.com	cdn.ttgtmedia.com pagead2.googlesyndication.com www.computerweekly.com www.googletagservices.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	ib.adnxs.com	5 redirects
8	www.google.com	www.computerweekly.com www.gstatic.com www.google.com securepubads.g.doubleclick.net
7	ads-v2.spotible.com	www.computerweekly.com ads-v2.spotible.com
6	cdn.doubleverify.com	securepubads.g.doubleclick.net www.computerweekly.com
6	www.googletagservices.com	cdn.ttgtmedia.com pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
5	stats.g.doubleclick.net	www.computerweekly.com
5	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
4	tps.doubleverify.com	cdn.doubleverify.com
4	fonts.gstatic.com	www.google.com fonts.googleapis.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	a.dpmsrv.com	ajax.googleapis.com www.computerweekly.com s.dpmsrv.com
2	tps20234.doubleverify.com	cdn.doubleverify.com
2	tps20225.doubleverify.com	cdn.doubleverify.com
2	tps20223.doubleverify.com	cdn.doubleverify.com
2	bam-cell.nr-data.net	js-agent.newrelic.com www.computerweekly.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	ping.chartbeat.net	www.computerweekly.com
2	ccpa-service.sp-prod.net	www.computerweekly.com
2	cdn.privacy-mgmt.com	www.computerweekly.com
2	consent.computerweekly.com	www.computerweekly.com
2	www.googletagmanager.com	www.computerweekly.com www.googletagmanager.com
2	cdn.flipboard.com	www.computerweekly.com
1	js-agent.newrelic.com	www.computerweekly.com
1	cdn.spotible.com	www.computerweekly.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	a51eb4276ed3948d536800a37317c1ce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	idsync.rlcdn.com	www.computerweekly.com
1	cm.g.doubleclick.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	api.ipify.org	www.computerweekly.com
1	s.dpmsrv.com	cdn.ttgtmedia.com
1	static.hotjar.com	cdn.ttgtmedia.com
1	static.chartbeat.com	cdn.ttgtmedia.com
1	go.techtarget.com	1 redirects
1	users.techtarget.com	ajax.googleapis.com
1	ccpa.sp-prod.net	cdn.ttgtmedia.com
1	gdpr-tcfv2.sp-prod.net	cdn.ttgtmedia.com
1	ajax.googleapis.com	www.computerweekly.com
1	www.computerweekly.com
169	47

This site contains links to these domains. Also see Links.

Domain
www.techtarget.com
users.computerweekly.com
www.facebook.com
twitter.com
www.linkedin.com
share.flipboard.com
api.addthis.com
www.sophos.com
searchsecurity.techtarget.com
news.sophos.com
id-ransomware.malwarehunterteam.com
www.google.com
searchcio.techtarget.com
searchnetworking.techtarget.com
searchdatacenter.techtarget.com
searchdatamanagement.techtarget.com
media.bitpipe.com
reprints.ygsgroup.com
techtarget.zendesk.com

Subject Issuer	Validity	Valid
*.computerweekly.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
ssl.cdngc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.flipboard.com DigiCert SHA2 High Assurance Server CA	`2019-11-02` - `2021-11-15`	2 years	crt.sh
*.sp-prod.net R3	`2021-03-10` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
consent-eng.brianmadden.com R3	`2021-02-15` - `2021-05-16`	3 months	crt.sh
*.privacy-mgmt.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.dpmsrv.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.spotible.com Go Daddy Secure Certificate Authority - G2	`2019-11-04` - `2021-11-04`	2 years	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Frame ID: E51DEB60DDB102D28F6A83C137FE5546
Requests: 103 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-&co=aHR0cHM6Ly93d3cuY29tcHV0ZXJ3ZWVrbHkuY29tOjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=qwvler9omi75
Frame ID: 9AD1D486D673DF9F029446F5887931E6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html
Frame ID: F940C43E1547BD026E9B2321D4E4F87F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 91B2B93C31944978851677E7D086707C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&h=280&slotname=8728364240&adk=2592093652&adf=675987550&pi=t.ma~as.8728364240&w=1200&fwrn=4&fwrnh=100&lmt=1616509225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616509224563&bpp=48&bdt=2740&idt=833&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5446219641815&frm=20&pv=2&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aIUqanDLvU&p=https%3A//www.computerweekly.com&dtd=927
Frame ID: D67D2D9054ACC5A4D0EB03386FBFBF85
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&adk=3355495575&adf=2226393769&lmt=1616509226&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ea=0&flash=0&pra=7&wgl=1&dt=1616509224612&bpp=4&bdt=2789&idt=1707&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5446219641815&frm=20&pv=1&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1731
Frame ID: 087B21A90D7E6918DDE98C6558C361F3
Requests: 1 HTTP requests in this frame

Frame: https://ads-v2.spotible.com/tag/universal-tag.js
Frame ID: C829AC5B3616FE2948CCAF732CD94FC7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRtTqy-7yhJ7XcilBvtG7u0rlkjdoGWbIUEUZmPbLWDDwcl1N684fqOeMgmZSCLBhz3yhCrtIPbxCxdG3bS90pUKHK7h--w62Ce1ARgQgXs22yFymKDxh-Zj2_Szko5IsauixYnw3TUGr58cqbyws2lb_Y4F72hXeyxc_2XjV5jMRWyjvIw5eN8Zg5mmvWlrEJ1E8MSgnnVbxjPtJh09yyoqit42BA5SSLuanrSAPLUxTWhQe1VkOZ6hMJcEZB7hMz_Dj7TtFkwTaoy-u69_tbRQLODLktZFYYa4CbtJzSog&sig=Cg0ArKJSzLsZHjuagznNEAE&adurl=
Frame ID: B775D93304C35CBC40209640FF1D44DD
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_fRmKqiCBQR1fJLXKgkfDQoeZlL1gSK3cFrjFH6G198b1v-683iipBByh33j5x2jayvhF5wAVxb-9tih8nX667qDDAXVAhv6nDEchbyruVc0hTbjHsOA2I9M2BvVpbWNDVnZVnbGknI8TC24K7HbIWMoblh0AASwYuG2Sx0TcNc2OwDI-wTNkJz_-jJZIepuE1MwhkqiYi614Y9PcvB9_3xNMlnmmYI-R0s2TR2v_2rOq6oWsGZGTxiaU_JScQOB1i-gFrZY6yOV-Pnwl-ATGW8TvCIWN2TT9gVE&sig=Cg0ArKJSzM1caNN7CD_QEAE&adurl=
Frame ID: C08BAA9D74E633B9564263A536C8A736
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstopjeMZ7pvK0rCX-6BINyXhxhCJzPaW3kkcM8TQ7d990bEaeU3JMYFxhrrAnbNeBYHn5MT8idfn4NYrV19jDYmeeV75gbIPkxG1kBMmSQs2AqDQzNGxkR5cYXYYVgEQeqOENfsbmlC5BfdeTYwhPP56Y6IsWZMNvt4s_HfVBBFBnE8iIQ0OFs4uZOKCBpIYKHmsyb_EhCkcmcemRFlQVuc8Q4kmJ3m_FXyoDspK5TtwBH7rc0qhbN1muZUCvaSRPd_vFP17RDyo3c1Ok8a6GPUffr3cExpAtups9Bh_iJvOQ&sig=Cg0ArKJSzEHL3FORngStEAE&adurl=
Frame ID: 9381A614C2D2D4BEEBF25901F693B1A4
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1146.js
Frame ID: 2118890548749986C10230426ACFE531
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1146.js
Frame ID: B41B579DA00C754B0AF3509AFCDC7532
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1146.js
Frame ID: 5885379B1AE36E33AB4284B334F401ED
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js
Frame ID: 1DFEED95820E811557975068DD8C92F9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2966F14B4751841469C38A26793DA2A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

169
Requests

100 %
HTTPS

50 %
IPv6

27
Domains

47
Subdomains

51
IPs

5
Countries

2613 kB
Transfer

7350 kB
Size

1
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techtarget.com/network
Title:

Search URL Search Domain Scan URL

URL: https://users.computerweekly.com/registration/ComputerWeekly/LoginRegister.page?fromURL=https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Title: Join CW+

Search URL Search Domain Scan URL

URL: https://users.computerweekly.com/registration/ComputerWeekly/Register.page
Title: Register

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/html/cookie_policy.html
Title: Cookies

Search URL Search Domain Scan URL

URL: https://users.computerweekly.com/registration/ComputerWeekly/Register.page?Offer=HeaderLink
Title: Sign up for Computer Weekly's daily email

Search URL Search Domain Scan URL

URL: https://www.facebook.com/computerweekly

Search URL Search Domain Scan URL

URL: https://twitter.com/computerweekly

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3089746

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&t=1616509222714&utm_campaign=tools&utm_medium=article-share&utm_source=www.computerweekly.com

Search URL Search Domain Scan URL

URL: https://api.addthis.com/oexchange/0.8/forward/email/offer?pubid=uxtechtarget&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&title=Unusual+DearCry+ransomware+uses+%E2%80%98rare%E2%80%99+approach+to+encryption&email_template=TechTargetSearchSites&ct=1

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&t=1616509222831&utm_campaign=tools&utm_medium=article-share&utm_source=www.computerweekly.com

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/contributor/Alex-Scroxton
Title: Alex Scroxton,

Search URL Search Domain Scan URL

URL: https://www.sophos.com/en-us.aspx
Title: Sophos

Search URL Search Domain Scan URL

URL: https://users.computerweekly.com/registration/computerweekly/LoginRegister
Title: login

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/privacy-partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://users.computerweekly.com/registration/ComputerWeekly/DisplayConsentText.page?languageCd=en&enText=true
Title: Declaration of Consent.

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/news/252497747/DearCry-ransomware-impacting-Microsoft-Exchange-servers
Title: in the US, Canada, Australia and beyond

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/03/15/dearcry-ransomware-attacks-exploit-exchange-server-vulnerabilities/
Title: More information on the DearCry samples analysed by Sophos can be found here

Search URL Search Domain Scan URL

URL: https://id-ransomware.malwarehunterteam.com/
Title: ID Ransomware

Search URL Search Domain Scan URL

URL: https://www.google.com/adsense/support/bin/request.py?contact=abg_afc
Title: -ADS BY GOOGLE

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/
Title: SearchCIO

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/feature/How-to-measure-the-success-of-agile-transformation
Title: How to measure the success of agile transformation

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/tip/5-ways-to-gain-the-financial-benefits-of-cloud-computing
Title: 5 ways to gain the financial benefits of cloud computing

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/feature/Ultimate-guide-to-digital-transformation-for-enterprise-leaders
Title: Ultimate guide to digital transformation for enterprise leaders

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/
Title: SearchSecurity

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/feature/How-to-set-up-Palo-Alto-security-profiles
Title: How to set up Palo Alto security profiles

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/feature/Authors-advice-on-Palo-Alto-firewall-getting-started
Title: Author's advice on Palo Alto firewall, getting started

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/news/252498156/Acer-hit-by-apparent-attack-from-REvil-ransomware-group
Title: Acer hit by apparent attack from REvil ransomware group

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/
Title: SearchNetworking

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/tip/Key-tasks-in-a-network-maintenance-checklist
Title: Key tasks in a network maintenance checklist

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/tip/Infographic-Compare-the-leading-SD-WAN-vendors-before-you-buy
Title: SD-WAN comparison chart: 15 vendor products to assess

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/conference/Cisco-Live-conference-coverage-news-and-analysis
Title: Cisco Live 2021 conference coverage, news and analysis

Search URL Search Domain Scan URL

URL: https://searchdatacenter.techtarget.com/
Title: SearchDataCenter

Search URL Search Domain Scan URL

URL: https://searchdatacenter.techtarget.com/news/252498045/IBM-tools-speed-mainframe-application-modernization-projects
Title: IBM tools speed mainframe application modernization projects

Search URL Search Domain Scan URL

URL: https://searchdatacenter.techtarget.com/tip/Nvidia-vs-AMD-Compare-GPU-offerings
Title: Nvidia vs. AMD: Compare GPU offerings

Search URL Search Domain Scan URL

URL: https://searchdatacenter.techtarget.com/tip/CRAC-design-upgrades-simplify-HVAC-maintenance
Title: CRAC design upgrades simplify HVAC maintenance

Search URL Search Domain Scan URL

URL: https://searchdatamanagement.techtarget.com/
Title: SearchDataManagement

Search URL Search Domain Scan URL

URL: https://searchdatamanagement.techtarget.com/news/252498060/Oracle-Autonomous-Data-Warehouse-updated-with-new-data-tools
Title: Oracle Autonomous Data Warehouse updated with new data tools

Search URL Search Domain Scan URL

URL: https://searchdatamanagement.techtarget.com/news/252498052/Instaclustr-acquires-Credativ-to-boost-managed-databases
Title: Instaclustr acquires Credativ to boost managed databases

Search URL Search Domain Scan URL

URL: https://searchdatamanagement.techtarget.com/news/252497970/Starburst-and-Varada-partner-for-Trino-data-platform-effort
Title: Starburst and Varada partner for Trino data platform effort

Search URL Search Domain Scan URL

URL: https://media.bitpipe.com/io_10x/io_102267/item_1107555/TTGT-ComputerWeekly_Media-Kit_final.pdf
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/
Title: Corporate Site

Search URL Search Domain Scan URL

URL: https://reprints.ygsgroup.com/m/techtarget
Title: Reprints

Search URL Search Domain Scan URL

URL: https://techtarget.zendesk.com/hc/en-us/requests/new?ticket_form_id=360004852434
Title: Do Not Sell My Personal Info

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://go.techtarget.com/clicktrack-r/activity/activity.gif?activityTypeId=16&t=2240036641&t2=2240163303&t3=2240036660&t4=2240036667&t5=2240163309&t6=2240036639&t7=2240163304&t8=2240163310&t9=2240036659&a=2021-03-23%2010:20:21&g=252497918&c=normal&r=541871 HTTP 302
https://cdn.ttgtmedia.com/images/spacer.gif

Request Chain 54

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&sw%3D252497918https%253A%252F%252Fwww.computerweekly.com%252Fnews%252F252497918%252FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption%26q%3DxImp%26v%3D1.x%26cl%3D68%26pixelIndex%3D0%26r%3D815621%26tzOffset%3D-60%26url%3Dhttps%253A%252F%252Fwww.computerweekly.com%252Fnews%252F252497918%252FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&_=1616509224650 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26sw%253D252497918https%25253A%25252F%25252Fwww.computerweekly.com%25252Fnews%25252F252497918%25252FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption%2526q%253DxImp%2526v%253D1.x%2526cl%253D68%2526pixelIndex%253D0%2526r%253D815621%2526tzOffset%253D-60%2526url%253Dhttps%25253A%25252F%25252Fwww.computerweekly.com%25252Fnews%25252F252497918%25252FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption%26_%3D1616509224650 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=1113658277350730709&sw=252497918https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&q=xImp&v=1.x&cl=68&pixelIndex=0&r=815621&tzOffset=-60&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&_=1616509224650

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1113658277350730709&pixelIndex=0&_=1616509224651 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1113658277350730709&pixelIndex=0&_=1616509224651&google_gid=CAESEEMMM4dI8S9wm6YuBKdenuY&google_cver=1

Request Chain 167

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=21934503,21934500,21934498,19858027,2378844,7838491,7838492,7838563,7844583,7844585,7844587,8380284,2609968,2365326,19407840,21302742,22000745,22000743,22000748,22000746 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D21934503%2C21934500%2C21934498%2C19858027%2C2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C19407840%2C21302742%2C22000745%2C22000743%2C22000748%2C22000746

Request Chain 168

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=22000744,17275233,21728859,21728860,21756252,19087141,19000164,17946121,25062731,25147693,24554971,2433138,24323937,21855343,996243,1345723,1345710,1345724,1345719,1345727 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D22000744%2C17275233%2C21728859%2C21728860%2C21756252%2C19087141%2C19000164%2C17946121%2C25062731%2C25147693%2C24554971%2C2433138%2C24323937%2C21855343%2C996243%2C1345723%2C1345710%2C1345724%2C1345719%2C1345727

Request Chain 169

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=1345716,1345717,1345711,5648811,565952,14793258,17369550,13610887,12013010 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D1345716%2C1345717%2C1345711%2C5648811%2C565952%2C14793258%2C17369550%2C13610887%2C12013010

169 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Unusual-DearCry-ransomware-uses-rare-approach-to-encryption Show response
www.computerweekly.com/news/252497918/ 335 KB
111 KB 645ms
287ms Document
text/html 206.19.49.153
ATT-CERFNET-BLOCK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

206.19.49.153 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),

Reverse DNS

searchsites.techtarget.com

Software

Resource Hash

0f6a4d354a385dc0617024b3165ecdf2fe2c1aa4838b41e345bfaeb28da5aee3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.computerweekly.com
:scheme: https
:path: /news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:21 GMT
x-frame-options: SAMEORIGIN
cache-control: no-cache,no-store,must-revalidate
pragma: no-cache
expires: Wed, 31 Dec 1969 23:59:59 GMT
content-type: text/html;charset=UTF-8
content-language: en
set-cookie: JSESSIONID=C9AB06593335702F45C53B81B70EE96F; Path=/; HttpOnly cc=1; Path=/ tt_gm=252497918; Domain=computerweekly.com; Path=/ f5_cspm=1234; TS017b6b21=012c664659360f1f763bfc6f36c928fd7944efadcf68661e54abb67ab3bdd6e1331173a74a2c3c024db481546fd293bc6182308e39b1b39afdf4e035d43a637d188c55c489fde1c9af75b7ccc5caf34a7b3db850139ecc681c16e7e8a6c56dcce1953ed6ea; Path=/; Secure; HTTPOnly TS01cf36ac=012c664659429365c6303b9ddbec1ea69209feb1a868661e54abb67ab3bdd6e1331173a74af747b35942076b2eb30ba28d0fdbfda738e509227bb26c3e9aa9598c495a3c01; path=/; domain=computerweekly.com; HTTPonly; Secure
p3p: CP="CAO DSP COR NID CURa ADMa TAIa IVAo IVDo CONo TELo OTPo OUR IND PHY ONL UNI NAV DEM"
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 10:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13812
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 10:30:10 GMT

GET
H2 200 main.css
cdn.ttgtmedia.com/rms/ux/responsive/css/ 819 KB
165 KB 204ms
68ms Stylesheet
text/css 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.99.1
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 2b0532fec9236eaf59fd56b1b20a8dcf2f342c31225f31c4e5a54f8fe43fe535

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 21:18:35 GMT
server: PWS/8.3.1.0.8
age: 411413
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30859
content-type: text/css
via: 1.1 PS-JFK-04af1235:9 (W), 1.1 PSygldLON4zd14:7 (W), 1.1 PSygldLON2ni58:3 (W)
cache-control: max-age=604800
x-px: ht PSygldLON2ni58LHR
accept-ranges: bytes
expires: Thu, 25 Mar 2021 20:03:29 GMT

GET
H2 200 gdprTCFv2-config.min.js Show response
cdn.ttgtmedia.com/cmp/sourcepoint/ 4 KB
2 KB 226ms
90ms Script
text/javascript 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/gdprTCFv2-config.min.js?v=7.99.1
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: c91c877732622b76a6d0e2b7e400b39bcde9c71eea14879a4ae8d369a940ad60

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 19:05:33 GMT
server: PWS/8.3.1.0.8
age: 411413
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30861
content-type: text/javascript
via: 1.1 PS-JFK-04af1235:9 (W), 1.1 PSygldLON4ax12:10 (W), 1.1 PSygldLON2hl59:11 (W)
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
content-length: 2136
expires: Thu, 25 Mar 2021 20:03:29 GMT

GET
H2 200 ccpa-config.min.js Show response
cdn.ttgtmedia.com/cmp/sourcepoint/ 3 KB
2 KB 226ms
91ms Script
text/javascript 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/ccpa-config.min.js?v=7.99.1
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8fb531da663fb8967dbc126518537b258a94cb75c761c0e1e354f826fd1f1bb7

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 19:05:33 GMT
server: PWS/8.3.1.0.8
age: 411412
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30863
content-type: text/javascript
via: 1.1 PS-JFK-04af1235:9 (W), 1.1 PSygldLON2mb11:0 (W), 1.1 PSygldLON2kt55:6 (W)
cache-control: max-age=604800
x-px: ht PSygldLON2kt55LHR
accept-ranges: bytes
content-length: 1483
expires: Thu, 25 Mar 2021 20:03:30 GMT

GET
H2 200 ttCmpApi.min.js Show response
cdn.ttgtmedia.com/cmp/ 10 KB
4 KB 242ms
107ms Script
text/javascript 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/cmp/ttCmpApi.min.js?v=7.99.1
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 1fbed173066a5fdeb51a30ae6f2bb9c65f0a18bb139ac743a29f0909bfcc856d

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 19:05:33 GMT
server: PWS/8.3.1.0.8
age: 411412
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30862
content-type: text/javascript
via: 1.1 PS-JFK-04af1235:9 (W), 1.1 PSygldLON2xi13:8 (W), 1.1 PSygldLON2uk54:3 (W)
cache-control: max-age=604800
x-px: ht PSygldLON2uk54LHR
accept-ranges: bytes
content-length: 3519
expires: Thu, 25 Mar 2021 20:03:30 GMT

GET
H2 200 responsive.min.js Show response
cdn.ttgtmedia.com/rms/ux/responsive/js/ 156 KB
57 KB 243ms
108ms Script
text/javascript 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 74840c6a90233c5dc5fa9794c943539ff476fb3246073ab31422110cda1ea072

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 21:17:01 GMT
server: PWS/8.3.1.0.8
age: 411412
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30864
content-type: text/javascript
via: 1.1 PS-JFK-04af1235:9 (W), 1.1 PSygldLON2xi13:0 (W), 1.1 PSygldLON2hl59:8 (W)
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
expires: Thu, 25 Mar 2021 20:03:30 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
684 B 19ms
17ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b07b04bb71a26f9ef037e3a1d6ea5b42bce2934d0a016a93a1e6d0fdda8a58c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 14:20:22 GMT

GET
H2 200 computerweekly.css
cdn.ttgtmedia.com/rms/ux/responsive/css/ 83 KB
18 KB 223ms
89ms Stylesheet
text/css 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/css/computerweekly.css
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 1a9fbf4ae1b5c9df25fed08657ac7ddd4ee1c290f2f1c315eb8674319e9b8486

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 21:18:36 GMT
server: PWS/8.3.1.0.8
age: 579644
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30860
content-type: text/css
via: 1.1 PSmgnyNY2no188:9 (W), 1.1 PSygldLON2ii12:7 (W), 1.1 PSygldLON2hl59:0 (W)
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
expires: Tue, 23 Mar 2021 21:19:38 GMT

GET
H2 200 ransomware-attack-computer-adobe.jpg
cdn.ttgtmedia.com/visuals/German/article/ 126 KB
127 KB 68ms
63ms Image
image/jpeg 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/visuals/German/article/ransomware-attack-computer-adobe.jpg
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 945993d20298c945717fc53264921fa5bbd6951d9ddc8e90eb5ecc287d1293d8

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 VMmgasbIAD1pn58:0 (W), 1.1 PSygldLON4zd14:0 (W), 1.1 PSygldLON2uk54:11 (W)
last-modified: Thu, 07 Mar 2019 13:27:25 GMT
server: PWS/8.3.1.0.8
age: 375814
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30910
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSygldLON2uk54LHR
accept-ranges: bytes
content-length: 129094
expires: Fri, 26 Mar 2021 05:56:48 GMT

GET
H2 200 cw_logo_mobile.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 1000 B
1 KB 67ms
63ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/cw_logo_mobile.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: fb5e28fdd0de7a44d791caced2ba3ee08ff0935a1eb0cb0cd2e26cbfe9eaa385

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PS-JFK-04af1235:6 (W), 1.1 PSygldLON2ii12:8 (W), 1.1 PSygldLON2hl59:14 (W)
last-modified: Tue, 09 Mar 2021 21:17:17 GMT
server: PWS/8.3.1.0.8
age: 579647
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30911
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
content-length: 1000
expires: Tue, 23 Mar 2021 21:19:35 GMT

GET
H2 200 cw_logo.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 1 KB
2 KB 66ms
62ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/cw_logo.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 214cd4ca43939f1ab3ccab342b3cd8877055f222954fc23429ec2fde4933f943

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PS-JFK-04af1235:9 (W), 1.1 PSygldLON2xi13:8 (W), 1.1 PSygldLON2kt55:15 (W)
last-modified: Tue, 09 Mar 2021 21:17:03 GMT
server: PWS/8.3.1.0.8
age: 286575
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30912
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2kt55LHR
accept-ranges: bytes
content-length: 1375
expires: Sat, 27 Mar 2021 06:44:07 GMT

GET
H2 200 cw_tt_logo.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 585 B
914 B 66ms
62ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/cw_tt_logo.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 1b52a72fe4549d43712c264a844cc41bb9fe249a464a0cf6a94c4db6b547cb06

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PS-JFK-04Q9j236:6 (W), 1.1 PSygldLON2mb11:5 (W), 1.1 PSygldLON2ni58:11 (W)
last-modified: Tue, 09 Mar 2021 21:17:04 GMT
server: PWS/8.3.1.0.8
age: 578757
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30913
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2ni58LHR
accept-ranges: bytes
content-length: 585
expires: Tue, 23 Mar 2021 21:34:25 GMT

GET
H2 200 flbuttons.min.js Show response
cdn.flipboard.com/web/buttons/js/ 7 KB
8 KB 35ms
6ms Script
text/html 2600:9000:211e:d800:e:5a70:ca47:86e1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d800:e:5a70:ca47:86e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 04:49:24 GMT
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
last-modified: Wed, 23 Dec 2020 17:43:48 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1608743508/ctime:1608745368/gid:1000/gname:ubuntu/md5:e9b04ad509ffb00302d9625f75774548/mode:33204/mtime:1608745368/uid:1000/uname:ubuntu
age: 78293
etag: W/"e9b04ad509ffb00302d9625f75774548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 7407
x-amz-cf-id: 8Ep72Le1c5YfJQ_WIq9XdMD363DSJKWXIAG2BWkn386p3XcpSMRjew==

GET
H2 200 Alex-Scroxton-2018.jpg
cdn.ttgtmedia.com/rms/computerweekly/ 5 KB
6 KB 69ms
64ms Image
image/jpeg 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/computerweekly/Alex-Scroxton-2018.jpg
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 42450abba6b5284596322dad13e649ce593895f0a5e6e33906c6918134f39563

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 VM-IAD-015al236:0 (W), 1.1 PSygldLON4yt37:8 (W), 1.1 PSygldLON2kt55:6 (W)
last-modified: Thu, 16 Apr 2020 21:55:02 GMT
server: PWS/8.3.1.0.8
age: 399324
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30915
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSygldLON2kt55LHR
accept-ranges: bytes
content-length: 5423
expires: Thu, 25 Mar 2021 23:24:58 GMT

GET
H2 200 reg_wrapper_curl.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 2 KB
2 KB 69ms
64ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/reg_wrapper_curl.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: f2447a6647c20cded4a81d2267acc3bdc71864f0da8a9999527fce36eeb5fc8c

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PSmgnyNY2no188:1 (W), 1.1 PSygldLON4zd14:8 (W), 1.1 PSygldLON2hl59:10 (W)
last-modified: Tue, 09 Mar 2021 21:17:12 GMT
server: PWS/8.3.1.0.8
age: 578756
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30916
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
content-length: 2210
expires: Tue, 23 Mar 2021 21:34:26 GMT

GET
H2 200 DLO_PreventingDataBreach395x304_200X133.png
cdn.ttgtmedia.com/rms/computerweekly/ 10 KB
11 KB 79ms
70ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/computerweekly/DLO_PreventingDataBreach395x304_200X133.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: c05cfa33bd1c16cad0b9dbb60bbe03ebdb45f4c6c7bdb420f14020a7d88ebd5c

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 VMmgnyNY3vz67:4 (W), 1.1 PSygldLON4ax12:1 (W), 1.1 PSygldLON2hl59:8 (W)
last-modified: Thu, 12 Nov 2020 10:36:36 GMT
server: PWS/8.3.1.0.8
age: 366323
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30918
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
content-length: 10639
expires: Fri, 26 Mar 2021 08:34:59 GMT

GET
H2 200 reg_cover_curl.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 783 B
1 KB 79ms
71ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/reg_cover_curl.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: b3acce24017949185a1f304970dd14fc0ba4b48e9a179bf01b8bf030f4d98722

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PS-JFK-04af1235:0 (W), 1.1 PSygldLON2xi13:3 (W), 1.1 PSygldLON2uk54:15 (W)
last-modified: Tue, 09 Mar 2021 21:17:10 GMT
server: PWS/8.3.1.0.8
age: 579671
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30919
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2uk54LHR
accept-ranges: bytes
content-length: 783
expires: Tue, 23 Mar 2021 21:19:11 GMT

GET
H2 200 culafi_alexander.jpg
cdn.ttgtmedia.com/rms/onlineImages/ 6 KB
6 KB 78ms
71ms Image
image/jpeg 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/onlineImages/culafi_alexander.jpg
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: ce38636bf68d0ff8f23cbdbb766880adde631cd0904e41433799b41a3c14199e

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 VMmgnyNY2gh45:0 (W), 1.1 PSygldLON2ii12:6 (W), 1.1 PSygldLON2hl59:6 (W)
last-modified: Wed, 13 Nov 2019 16:32:48 GMT
server: PWS/8.3.1.0.8
age: 151105
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30920
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
content-length: 5691
expires: Sun, 28 Mar 2021 20:21:57 GMT

GET
H2 200 CWE-230321-cover-252px.jpg
cdn.ttgtmedia.com/rms/computerweekly/ 11 KB
11 KB 79ms
72ms Image
image/jpeg 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/computerweekly/CWE-230321-cover-252px.jpg
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 251c5049f3470e5f4ead6a8879063bdd19af9cade52fddbbc8c81e885e9ca950

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PSmgnyNY2no188:10 (W), 1.1 PSygldLON4ev13:10 (W), 1.1 PSygldLON2ni58:11 (W)
last-modified: Fri, 19 Mar 2021 18:01:08 GMT
server: PWS/8.3.1.0.8
age: 8217
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30921
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSygldLON2ni58LHR
accept-ranges: bytes
content-length: 11365
expires: Tue, 30 Mar 2021 12:03:25 GMT

GET
H2 200 responsive-ui.min.js Show response
cdn.ttgtmedia.com/rms/ux/responsive/js/ 201 KB
73 KB 66ms
64ms Script
text/javascript 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive-ui.min.js?v=7.99.1
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 898fd503201ef7a34909191f7f8328387d15fab7937526d899e6ef9919403db9

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 21:16:58 GMT
server: PWS/8.3.1.0.8
age: 411412
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30909
content-type: text/javascript
via: 1.1 PS-JFK-04af1235:9 (W), 1.1 PSygldLON2mb11:8 (W), 1.1 PSygldLON2hl59:4 (W)
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
expires: Thu, 25 Mar 2021 20:03:30 GMT

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
gdpr-tcfv2.sp-prod.net/ 151 KB
44 KB 306ms
44ms Script
application/javascript 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/gdprTCFv2-config.min.js?v=7.99.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-64.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 21:07:41 GMT
server: AmazonS3
age: 754
etag: W/"8073094d2add7dd857b75129d94e1d56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Tue, 23 Mar 2021 14:07:49 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 8nUQbtHq_6vV_xDAFdzfypX99wtGL0NfDfEvTyTdUn__y7K99pdLYg==

GET
H2 200 ccpa.js Show response
ccpa.sp-prod.net/ 54 KB
18 KB 299ms
37ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa.sp-prod.net/ccpa.js
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/ccpa-config.min.js?v=7.99.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f5125217d1ef16b021cc5c94724846ae2e0a9e899190172fb36160c03dbaf5a

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:06:31 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 20:05:44 GMT
server: AmazonS3
age: 832
etag: W/"ecfaefdd1ff6f239a11f80def7f25291"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: RpwvMUjR-aW9TtzwqxRTWKZZAp0MqG_jWDywjPMDB3NJrEwfFXQRbA==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 331 KB
130 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.computerweekly.com
Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 12:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5719
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 12:45:03 GMT

GET
H/1.1 200 GetCookiesWithCallback Show response
users.techtarget.com/registration/json/common/ 61 B
682 B 620ms
127ms Script
application/json 206.19.49.191
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://users.techtarget.com/registration/json/common/GetCookiesWithCallback?callback=jQuery110203792220635850585_1616509222169&fetchCookie=crs,tt_ut,co&_=1616509222170
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 206.19.49.191 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: /
Resource Hash: 3bd80347564ae9a2905825e6b85749c5ae1eff99fe412fa4392fc3c2596dbbd7

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:22 GMT
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 61
Content-Type: application/json;charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
48 KB 28ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWWZSH

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cf2eaed2dda34e5225e68b12ac4eab7c29af4c0d8428cc7c6cf84538c7b2002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49347
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Mar 2021 14:20:22 GMT

GET
H2 200 border_diagonal.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 108 B
437 B 72ms
71ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/border_diagonal.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 68f4a6009b77ef6b5cc867f57d0095ff7db697d95821fc747e5dae6cecdf79b9

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PS-JFK-04af1235:4 (W), 1.1 PSygldLON4ev13:3 (W), 1.1 PSygldLON2kt55:14 (W)
last-modified: Tue, 09 Mar 2021 21:17:10 GMT
server: PWS/8.3.1.0.8
age: 579673
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30922
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2kt55LHR
accept-ranges: bytes
content-length: 108
expires: Tue, 23 Mar 2021 21:19:09 GMT

GET
H2 200 nav_logo.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 850 B
1 KB 71ms
70ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/nav_logo.png
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 089aca69c964aa0d24bd619f1182ff5a5f2dc40f5a5e19d738b1f00c8bee4177

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PSmgnyNY2no188:9 (W), 1.1 PSygldLON4zd14:5 (W), 1.1 PSygldLON2kt55:1 (W)
last-modified: Tue, 09 Mar 2021 21:06:10 GMT
server: PWS/8.3.1.0.8
age: 579676
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30923
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2kt55LHR
accept-ranges: bytes
content-length: 850
expires: Tue, 23 Mar 2021 21:19:06 GMT

GET
H2 200 iconRSS.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 167 B
496 B 77ms
76ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/iconRSS.png
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/css/computerweekly.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 34a3969231c5fc2ad974008685042d51164920ac724b8d3913d44a21e4286e19

Request headers

Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/computerweekly.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PS-JFK-04af1235:5 (W), 1.1 PSygldLON2xi13:3 (W), 1.1 PSygldLON2hl59:14 (W)
last-modified: Tue, 09 Mar 2021 21:17:14 GMT
server: PWS/8.3.1.0.8
age: 579669
x-ws-request-id: 6059f926_PSygldLON2kt55_7539-30926
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2hl59LHR
accept-ranges: bytes
content-length: 167
expires: Tue, 23 Mar 2021 21:19:13 GMT

GET
H2 200 clear.gif
cdn.flipboard.com/dev_O/ 43 B
473 B 8ms
5ms Image
image/gif 2600:9000:211e:d800:e:5a70:ca47:86e1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flipboard.com/dev_O/clear.gif?utm_source=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d800:e:5a70:ca47:86e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 04:28:44 GMT
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
last-modified: Wed, 23 Dec 2020 17:41:53 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1608745226/ctime:1608745224/gid:20/gname:staff/md5:ad4b0f606e0f8465bc4c4c170b37e1a3/mode:33188/mtime:1608745180/uid:501/uname:greg
age: 35499
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 43
x-amz-cf-id: Cb6wgTSCSXaiYDpy_L_lJTLBNpTq8gf0ReOfMYhcK77uAqtmVqIkGg==

GET
H2 200 TechTarget-Icon.woff
cdn.ttgtmedia.com/rms/ux/responsive/fonts/ 34 KB
35 KB 159ms
54ms Font
application/x-woff 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/fonts/TechTarget-Icon.woff
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.99.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: c0b18af7ffbea00e11e274d86c2c66b5c1b9e03590056625c43b4061f518f91b

Request headers

Origin: https://www.computerweekly.com
Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.99.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:22 GMT
via: 1.1 PSmgnyNY2no188:6 (W), 1.1 PSygldLON4ax12:1 (W), 1.1 PSygldLON2ni58:12 (W)
last-modified: Tue, 09 Mar 2021 21:16:46 GMT
server: PWS/8.3.1.0.8
age: 578758
x-ws-request-id: 6059f926_PSygldLON2hl59_9178-35659
content-type: application/x-woff
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSygldLON2ni58LHR
accept-ranges: bytes
content-length: 35156
expires: Tue, 23 Mar 2021 21:34:24 GMT

GET
H2 200 get_site_data Show response
consent.computerweekly.com/mms/ 19 B
257 B 101ms
28ms XHR
text/plain 18.158.31.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.computerweekly.com/mms/get_site_data?requestUUID=6853a0b0-7712-4705-855e-3e972faf8005&account_id=370&href=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.31.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-31-168.eu-central-1.compute.amazonaws.com
Software: Jetty(9.4.2.v20170220) /
Resource Hash: 286515bdd1da1e0b8c5dcbc703a409f855d8e9e45b129b0e4bab9a8140434ed2

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:23 GMT
x-sp-mms-node: mms-awb.node.fra.consul
server: Jetty(9.4.2.v20170220)
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: max-age=2592000
access-control-allow-credentials: true

OPTIONS
H2 200 native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 102ms
42ms Preflight
text/html 13.226.159.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=4a4e7903-02af-47a1-afc9-5315b28adeed&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A370%2C%22requestUUID%22%3A%224a4e7903-02af-47a1-afc9-5315b28adeed%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.computerweekly.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22gdpr%5C%22%2C%5C%22CPC%5C%22%3A%5C%221%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 13.226.159.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-70.dus51.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.computerweekly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Tue, 23 Mar 2021 14:20:23 GMT
x-powered-by: Express
access-control-allow-origin: https://www.computerweekly.com
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
allow: POST,GET,HEAD
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 40ab-I7gDaT8MCyj2a7tfgcRH2AYdSqL-RoHqCHp6Vre9NFcrzrkcw==

GET
H2 200 native-message Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 5 KB
2 KB 99ms
97ms XHR
application/json 13.226.159.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=4a4e7903-02af-47a1-afc9-5315b28adeed&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A370%2C%22requestUUID%22%3A%224a4e7903-02af-47a1-afc9-5315b28adeed%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.computerweekly.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22gdpr%5C%22%2C%5C%22CPC%5C%22%3A%5C%221%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-70.dus51.r.cloudfront.net
Software: / Express
Resource Hash: e571f6b08e75da1916180b9003e1dbeebaeb6bd7f757035e829cd0657a70496d

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Mar 2021 14:20:23 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: kEt1Fwj27vgUOR95NHS9i3dZwV7iZc3a2R1HNkOkNtFP5rpLYuHH-A==
via: 1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)

GET
H2 200 cw_footer_logo.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 2 KB
2 KB 52ms
51ms Image
image/png 163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/cw_footer_logo.png
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/css/computerweekly.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 474d7a7f07e193a147e6c362b2c37863aa8cefe3ad959f77f6a3272e75b1d01f

Request headers

Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/computerweekly.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:23 GMT
via: 1.1 PS-JFK-04Q9j236:6 (W), 1.1 PSygldLON2mb11:9 (W), 1.1 PSygldLON2kt55:5 (W)
last-modified: Tue, 09 Mar 2021 21:17:11 GMT
server: PWS/8.3.1.0.8
age: 578757
x-ws-request-id: 6059f927_PSygldLON2kt55_7539-31008
content-type: image/png
cache-control: max-age=604800
x-px: ht PSygldLON2kt55LHR
accept-ranges: bytes
content-length: 1759
expires: Tue, 23 Mar 2021 21:34:26 GMT

GET
H2

200

spacer.gif
cdn.ttgtmedia.com/images/
Redirect Chain

https://go.techtarget.com/clicktrack-r/activity/activity.gif?activityTypeId=16&t=2240036641&t2=2240163303&t3=2240036660&t4=2240036667&t5=2240163309&t6=2240036639&t7=2240163304&t8=2240163310&t9=2240...
https://cdn.ttgtmedia.com/images/spacer.gif

43 B
370 B

56ms
52ms

Image
image/gif

163.171.129.149
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/images/spacer.gif
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.129.149 , United Kingdom, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:24 GMT
via: 1.1 VM-IAD-015al236:3 (W), 1.1 PSygldLON4ev13:2 (W), 1.1 PSygldLON2kt55:10 (W)
last-modified: Fri, 20 Jan 2012 13:30:40 GMT
server: PWS/8.3.1.0.8
age: 362364
x-ws-request-id: 6059f928_PSygldLON2kt55_7539-31189
content-type: image/gif
cache-control: max-age=604800
x-px: ht PSygldLON2kt55LHR
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Mar 2021 09:41:00 GMT

Redirect headers

Location: https://cdn.ttgtmedia.com/images/spacer.gif
Date: Tue, 23 Mar 2021 14:20:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 81
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 message_url Show response
consent.computerweekly.com/mms/v2/ 0
293 B 121ms
26ms XHR
application/json 18.158.31.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.computerweekly.com/mms/v2/message_url?requestUUID=6853a0b0-7712-4705-855e-3e972faf8005&account_id=370&abp=false&href=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&consentUUID=undefined&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fccpa-service.sp-prod.net%3A1013%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Afalse%2C%5C%22consentedToAll%5C%22%3Afalse%2C%5C%22rejectedAny%5C%22%3Afalse%7D%22%7D%5D&stage_campaign=false&cookie=%5B%5D&t[ccpa_cta]=-1&t[type]=ccpa
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.31.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-31-168.eu-central-1.compute.amazonaws.com
Software: Jetty(9.4.2.v20170220) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:23 GMT
x-sp-mms-node: mms-an3.node.fra.consul
server: Jetty(9.4.2.v20170220)
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-sp-mms-env: 1
content-length: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9AD1 19 KB
10 KB 64ms
47ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-&co=aHR0cHM6Ly93d3cuY29tcHV0ZXJ3ZWVrbHkuY29tOjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=qwvler9omi75

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb5fda26787e80330f7329cd8ddf24eed2fb2d89757c347743cd0ad73d3a1877

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kXCGyMS+Iv2thfZ4L1jTbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-&co=aHR0cHM6Ly93d3cuY29tcHV0ZXJ3ZWVrbHkuY29tOjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=qwvler9omi75
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.computerweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.computerweekly.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 14:20:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-kXCGyMS+Iv2thfZ4L1jTbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10052
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 21 B
670 B 522ms
122ms Script
text/javascript 34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSegList&cl=68&_=1616509222171
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-142-95.compute-1.amazonaws.com
Software: /
Resource Hash: 35ef9ac2d40057982eda09d60724c474cd8c211a24e682d310b68cc47edd9f7d

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 47
Expires: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 80ms
11ms Script
application/x-javascript 2600:9000:2182:e400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:e400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 20:21:43 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 02:13:48 GMT
server: nginx
age: 64720
etag: W/"604ace5c-8e8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: t7qAbW0aLaumI5FYxyAyPE2HRaH4r5KSyuBRAhJj7TfHnshLqnpQww==
expires: Tue, 23 Mar 2021 20:21:43 GMT

GET
H2 200 hotjar-22351.js Show response
static.hotjar.com/c/ 16 KB
3 KB 99ms
30ms Script
application/javascript 13.226.159.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-22351.js?sv=6

Requested by

Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-67.dus51.r.cloudfront.net

Software

Resource Hash

8c4202ca2b0e7ca9d93e89d4da57a47f80316b719566579ae277eff7076f0809

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:19:33 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 51
etag: W/20e8a0ab2f72f2f39c0394c643626cc3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Q6SpImAJ9VxNonTzg7srtq_TyrifhNjwRbh3IUgQx-JrT_SdCGr1cA==
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)

GET
H/1.1 200
OK dpm_b4c96d80854dd27e76d8cc9e21960eebda52e962.min.js Show response
s.dpmsrv.com/ 272 KB
51 KB 145ms
35ms Script
application/x-javascript 13.226.159.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_b4c96d80854dd27e76d8cc9e21960eebda52e962.min.js
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-75.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78a26eba5abb0a6132d9cbc8812cb4f85ad048d95cc22435b9935ce6983dd212

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 16:40:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Mar 2021 16:40:14 GMT
Server: AmazonS3
Age: 77989
ETag: "9b93e62f3355fa2d09257f1283b212fc"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 51453
X-Amz-Cf-Id: jptXFF8R_g1VyvmImcsrXWEJOr6QfdktBv1NTP4jtzNNX-qq89F9ag==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 91ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 14:20:23 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
65 KB 50ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RRBYR9CGB9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWWZSH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

126c33ec7630a0ccef1fdc53fef83eaf5d5f1caefeaf8d8a3e9820c8e213c5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66090
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:23 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 24 B
263 B 546ms
158ms XHR
application/json 54.225.165.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.165.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-85.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: b6bd0e2ebcb4e0a35e3b4c07f647976dc8a37088de6887bb1ac47fb46452f4e4

Request headers

Accept: */*
Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:23 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.computerweekly.com
Connection: keep-alive
Content-Length: 24

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWWZSH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3119
date: Tue, 23 Mar 2021 13:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 15:28:25 GMT

OPTIONS
H2 200 display-dns
ccpa-service.sp-prod.net/ccpa/consent/1013/ Frame 0
0 385ms
135ms Preflight
text/html 54.88.207.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa-service.sp-prod.net/ccpa/consent/1013/display-dns?requestUUID=6853a0b0-7712-4705-855e-3e972faf8005
Protocol: H2
Server: 54.88.207.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-207-148.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.computerweekly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Mar 2021 14:20:24 GMT
content-type: text/html; charset=utf-8
content-length: 4
access-control-allow-origin: https://www.computerweekly.com
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache
allow: POST

POST
H2 200 display-dns Show response
ccpa-service.sp-prod.net/ccpa/consent/1013/ 569 B
852 B 382ms
135ms XHR
application/json 54.88.207.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa-service.sp-prod.net/ccpa/consent/1013/display-dns?requestUUID=6853a0b0-7712-4705-855e-3e972faf8005
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.207.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-207-148.compute-1.amazonaws.com
Software: /
Resource Hash: d13cca4c7ccd4611fcbd5d78128421864167e2505534cac1b3267ce0630fb8ab

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Mar 2021 14:20:24 GMT
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 569

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 366ms
119ms Image
image/gif 34.192.124.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=techtargetnetwork.com&p=%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&u=UQ-fFBuMEwcCq5AIY&d=computerweekly.com&g=41935&g0=CW%2C%20CW%20-%20IT%20security&g1=Alex%20Scroxton%2C%20NEWS%2C%20CW%20-%20NEWS&n=1&f=00001&c=0&x=0&m=0&y=5157&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3185&t=OQf26CDvGkXfJuN5Cfb7dfBZzIe&V=124&i=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&tz=-60&sn=1&sv=BWpjaKCqI56PCdP_xlDXyk9fzrWeK&sd=1&im=061b2ff3&_
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.124.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-124-255.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
79 B 13ms
13ms Other
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RRBYR9CGB9&gtm=2oe3h0&_p=840024322&sr=1600x1200&gcs=G11-&ul=en-us&cid=1376360622.1616509224&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sid=1616509223&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.TopicTree=IT%20security%2C2240036589%3EHackers%20and%20cybercrime%20prevention%2C2240036641&ep.ContentType=EOC%20content%2FNews&ep.ContentID=252497918&ep.PublicationYear=2021&epn.AppCode=127&epn.MemberStatus=0&ep.SiteName_ID=ComputerWeekly&ep.Collection=None%2CNone&ep.HasVideo=false&ep.PublicationDate=03%2F2021&ep.MarketTax=(27)(6)(0)%204580%2C223%2C4582%2C27%2C15%2C4518%2C224%2C4528%2C4525%2C4522%2C4282%2C4287%2C4288%2C354%2C226%2C339%2C4559%2C4552%2C228%2C357%2C47%2C50%2C254%2C332%2C229%2C4301%2C36%2C4555%2C4579%2C30%2C4586%2C4339%2C4311&epn.WordCountRange=567&epn.ContentAge=7&epn.InlineLinkCounter=10&ep.EntranceType=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBYR9CGB9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.80e35cdf321570eb5b34.js Show response
script.hotjar.com/ 217 KB
58 KB 111ms
36ms Script
application/javascript 13.226.159.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.80e35cdf321570eb5b34.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-22351.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-24.dus51.r.cloudfront.net

Software

Resource Hash

9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446177
x-cache: Hit from cloudfront
content-length: 58627
access-control-allow-origin: *
last-modified: Thu, 18 Mar 2021 10:23:26 GMT
etag: "4a7c1a7cb16c5ef7e63405bd6f9a943a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: W6PQo17MIJ9oXLE9jGtDtSSYoMJZ8Ths4yEF68a4amQFk-vD7EWN_A==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
19 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45b3bf56f7e146372d88e6f43c9e3ea619f9d5175c12339730bfc0eabe23f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 241 of 1000 / last-modified: 1616498114"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19733
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:24 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ 226 KB
85 KB 49ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6050985421795229&plah=www.computerweekly.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 14:20:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/ Frame F940 10 KB
5 KB 13ms
10ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210318/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.computerweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.computerweekly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 15:27:13 GMT
expires: Mon, 05 Apr 2021 15:27:13 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 82391
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 42ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=flddiff&left=.google.de&right=.google.de&eq=true&fld=8&bvr=r20210318

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&sw%3D252497918https%253A%252F%252Fwww.computerweekly.com%252Fnews%252F252497918%252FUnusual-DearCry-ransomware-uses-rare-ap...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26sw%253D252497918https%25253A%25252F%25252Fwww.computerweekly.com%25252Fnews%25252F252497918%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=1113658277350730709&sw=252497918https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&q=xImp...

245 B
997 B

126ms
124ms

Script
text/javascript

34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=1113658277350730709&sw=252497918https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&q=xImp&v=1.x&cl=68&pixelIndex=0&r=815621&tzOffset=-60&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&_=1616509224650
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-142-95.compute-1.amazonaws.com
Software: /
Resource Hash: fd4afd174f3f587276ebcee91ab7e20924b0e91aecdb1f49d7c14a98f2208019

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 218
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:25 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid: 75d287fa-b151-4392-887d-b2d1584b9135
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=1113658277350730709&sw=252497918https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&q=xImp&v=1.x&cl=68&pixelIndex=0&r=815621&tzOffset=-60&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&_=1616509224650
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2957
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:31:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19047342-14&cid=1376360622.1616509224&jid=1348798512&uid=0&gjid=1589336925&_gid=710053614.1616509225&_u=YCDAgEAjAAAAAE~&z=53246748

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 14:20:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 22ms
18ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=840024322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAj~&jid=1348798512&gjid=1589336925&cid=1376360622.1616509224&uid=0&tid=UA-19047342-14&_gid=710053614.1616509225&gtm=2wg3h0PWWZSH&gcs=G11-&cg1=NEWS%20content&cg2=IT%20security-2240036589&cg3=20210316&cg4=Hackers%20and%20Cybercrime%20Prevention-1541293&cg5=%2Fpage%2Fetpk_IT%20security-2240036589%2Fptpk_Hackers%20and%20cybercrime%20prevention-2240036641%2Ftrue%2FNEWS%2Fcontent%2Fcid_252497918%2Fdate_20210316%2Fmem_127%2Fclst_Security-2240110803%2Frtpk_Hackers%20and%20Cybercrime%20Prevention-1541293%2Fidx_0%2Furl_https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&cd1=IT%20security-2240036589&cd2=Hackers%20and%20cybercrime%20prevention-2240036641&cd3=NEWS%20content%2FNews&cd4=252497918&cd5=20210316&cd6=127&cd7=Security&cd8=Hackers%20and%20Cybercrime%20Prevention-1541293&cd9=NOT_MEMBER&cd10=185.156.175.0&cd11=false&cd12=0&cd13=&z=884864732

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 20:21:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64731
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 9AD1 50 KB
25 KB 17ms
13ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-&co=aHR0cHM6Ly93d3cuY29tcHV0ZXJ3ZWVrbHkuY29tOjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=qwvler9omi75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 2949
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Wed, 23 Mar 2022 13:31:15 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 9AD1 331 KB
130 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 12:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5721
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 12:45:03 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame 91B2 2 KB
1 KB 167ms
54ms Document
text/html 13.226.159.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-22351.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-56.dus51.r.cloudfront.net
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.computerweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.computerweekly.com/

Response headers

content-type: text/html
content-length: 851
date: Sun, 14 Feb 2021 22:59:58 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Fri, 12 Feb 2021 15:00:08 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: I-8OYKxYwixq3XJwzTxFbPV2gWgNMgNnkjUsGGxOqdHgckDLi1MS7A==
age: 3165627

GET
H2 200 pubads_impl_2021031701.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
101 KB 118ms
34ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 08:39:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102424
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:25 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
411 B 62ms
60ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.computerweekly.com&callback=_gfp_s_&client=ca-pub-6050985421795229

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6050985421795229&plah=www.computerweekly.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

aae9276b9b714beeb56a74b322f00e1812fc3525b82211b6641b6eb2d971da6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
317 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.computerweekly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.computerweekly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D67D 64 KB
22 KB 1044ms
1023ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&h=280&slotname=8728364240&adk=2592093652&adf=675987550&pi=t.ma~as.8728364240&w=1200&fwrn=4&fwrnh=100&lmt=1616509225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616509224563&bpp=48&bdt=2740&idt=833&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5446219641815&frm=20&pv=2&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aIUqanDLvU&p=https%3A//www.computerweekly.com&dtd=927

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffd2b8d763da217d1a1e46d625386c16d1e64fd4efa57d5ecc9d3ae6e6dfc837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&h=280&slotname=8728364240&adk=2592093652&adf=675987550&pi=t.ma~as.8728364240&w=1200&fwrn=4&fwrnh=100&lmt=1616509225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616509224563&bpp=48&bdt=2740&idt=833&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5446219641815&frm=20&pv=2&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aIUqanDLvU&p=https%3A//www.computerweekly.com&dtd=927
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.computerweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.computerweekly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 14:20:26 GMT
server: cafe
content-length: 21947
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 14:35:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 14:20:26 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 86ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429055681843"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
47 B 23ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=840024322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjAAAAAG~&jid=986924188&gjid=1427552352&cid=1376360622.1616509224&uid=0&tid=UA-19047342-11&_gid=710053614.1616509225&_r=1&gtm=2wg3h0PWWZSH&gcs=G11-&z=1706337952

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
426 B 123ms
44ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19047342-25&cid=1376360622.1616509224&jid=574044188&uid=0&gjid=2082665211&_gid=710053614.1616509225&_u=aCDAgEAjAAAAAG~&z=749799909

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 14:20:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
25 B 95ms
44ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19047342-17&cid=1376360622.1616509224&jid=190479478&uid=0&gjid=720093562&_gid=710053614.1616509225&_u=aCDAgEAjAAAAAG~&z=897767720

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 14:20:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 21ms
21ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=840024322&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DLO%20Activity&ea=252491879_Preventing%20identity%20theft%20in%20a%20data%20breach&el=DLO%20Call%20to%20Action&ev=0&_u=aCDACEAjBAAAAG~&jid=560269999&gjid=1947301420&cid=1376360622.1616509224&uid=0&tid=UA-19047342-13&_gid=710053614.1616509225&_r=1&gtm=2wg3h0PWWZSH&gcs=G11-&cd1=IT%20security-2240036589&cd2=Hackers%20and%20cybercrime%20prevention-2240036641&cd3=NEWS%20content&cd4=252497918&cd5=20210316&cd6=127&cd7=Security&cd8=Hackers%20and%20Cybercrime%20Prevention-1541293&cd9=NOT_MEMBER&cd10=185.156.175.0&cd11=false&cd12=0&cd13=&cd14=Topic&z=599275441

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 42ms
40ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=840024322&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DLO%20Activity&ea=252491879_Preventing%20identity%20theft%20in%20a%20data%20breach&el=DLO%20Call%20to%20Action&ev=0&_u=aCDACEAjBAAAAG~&jid=1733461826&gjid=2000088083&cid=1376360622.1616509224&uid=0&tid=UA-19047342-14&_gid=710053614.1616509225&_r=1&gtm=2wg3h0PWWZSH&gcs=G11-&cd1=IT%20security-2240036589&cd2=Hackers%20and%20cybercrime%20prevention-2240036641&cd3=NEWS%20content&cd4=252497918&cd5=20210316&cd6=127&cd7=Security&cd8=Hackers%20and%20Cybercrime%20Prevention-1541293&cd9=NOT_MEMBER&cd10=185.156.175.0&cd11=false&cd12=0&cd13=&cd14=Topic&z=1126809449

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
47 B 41ms
40ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=840024322&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DLO%20Activity&ea=252491879_Preventing%20identity%20theft%20in%20a%20data%20breach&el=DLO%20Call%20to%20Action&ev=0&_u=aCDACEAjBAAAAG~&jid=1825210250&gjid=1832419178&cid=1376360622.1616509224&uid=0&tid=UA-19047342-25&_gid=710053614.1616509225&_r=1&gtm=2wg3h0PWWZSH&gcs=G11-&cd1=IT%20security-2240036589&cd2=Hackers%20and%20cybercrime%20prevention-2240036641&cd3=NEWS%20content&cd4=252497918&cd5=20210316&cd6=127&cd7=Security&cd8=Hackers%20and%20Cybercrime%20Prevention-1541293&cd9=NOT_MEMBER&cd10=185.156.175.0&cd11=false&cd12=0&cd13=&cd14=Topic&z=489825854

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=840024322&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DLO%20Activity&ea=252491879_Preventing%20identity%20theft%20in%20a%20data%20breach&el=DLO%20Call%20to%20Action&ev=0&_u=aCDACEAjBAAAAG~&jid=161269550&gjid=982019388&cid=1376360622.1616509224&uid=0&tid=UA-19047342-17&_gid=710053614.1616509225&_r=1&gtm=2wg3h0PWWZSH&gcs=G11-&cd1=IT%20security%2C2240036589%3EHackers%20and%20cybercrime%20prevention%2C2240036641&cd2=EOC%20content%2FNews&cd3=252497918&cd4=2021&cd5=127&cd6=0&cd7=ComputerWeekly&cd8=None%2CNone&cd9=false&cd10=03%2F2021&cd11=(27)(6)(0)%204580%2C223%2C4582%2C27%2C15%2C4518%2C224%2C4528%2C4525%2C4522%2C4282%2C4287%2C4288%2C354%2C226%2C339%2C4559%2C4552%2C228%2C357%2C47%2C50%2C254%2C332%2C229%2C4301%2C36%2C4555%2C4579%2C30%2C4586%2C4339%2C4311&cd12=567&cd13=7&cd15=0&cd14=10&z=1164033569

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 23ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=840024322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAG~&jid=574044188&gjid=2082665211&cid=1376360622.1616509224&uid=0&tid=UA-19047342-25&_gid=710053614.1616509225&gtm=2wg3h0PWWZSH&gcs=G11-&cg1=NEWS%20content&cg2=IT%20security-2240036589&cg3=20210316&cg4=Hackers%20and%20Cybercrime%20Prevention-1541293&cg5=%2Fpage%2Fetpk_IT%20security-2240036589%2Fptpk_Hackers%20and%20cybercrime%20prevention-2240036641%2Ftrue%2FNEWS%2Fcontent%2Fcid_252497918%2Fdate_20210316%2Fmem_127%2Fclst_Security-2240110803%2Frtpk_Hackers%20and%20Cybercrime%20Prevention-1541293%2Fidx_0%2Furl_https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&cd1=IT%20security-2240036589&cd2=Hackers%20and%20cybercrime%20prevention-2240036641&cd3=NEWS%20content%2FNews&cd4=252497918&cd5=20210316&cd6=127&cd7=Security&cd8=Hackers%20and%20Cybercrime%20Prevention-1541293&cd9=NOT_MEMBER&cd10=185.156.175.0&cd11=false&cd12=0&cd13=&cd15=NONAMP&z=697372339

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 23:19:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54033
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 24ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=840024322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ul=en-us&de=UTF-8&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAG~&jid=190479478&gjid=720093562&cid=1376360622.1616509224&uid=0&tid=UA-19047342-17&_gid=710053614.1616509225&gtm=2wg3h0PWWZSH&gcs=G11-&cg1=NEWS%20content&cg2=IT%20security-2240036589&cg3=20210316&cg4=Hackers%20and%20Cybercrime%20Prevention-1541293&cg5=%2Fpage%2Fetpk_IT%20security-2240036589%2Fptpk_Hackers%20and%20cybercrime%20prevention-2240036641%2Ftrue%2FNEWS%2Fcontent%2Fcid_252497918%2Fdate_20210316%2Fmem_127%2Fclst_Security-2240110803%2Frtpk_Hackers%20and%20Cybercrime%20Prevention-1541293%2Fidx_0%2Furl_https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&cd1=IT%20security%2C2240036589%3EHackers%20and%20cybercrime%20prevention%2C2240036641&cd2=EOC%20content%2FNews&cd3=252497918&cd4=2021&cd5=127&cd6=0&cd7=ComputerWeekly&cd8=None%2CNone&cd9=false&cd10=03%2F2021&cd11=(27)(6)(0)%204580%2C223%2C4582%2C27%2C15%2C4518%2C224%2C4528%2C4525%2C4522%2C4282%2C4287%2C4288%2C354%2C226%2C339%2C4559%2C4552%2C228%2C357%2C47%2C50%2C254%2C332%2C229%2C4301%2C36%2C4555%2C4579%2C30%2C4586%2C4339%2C4311&cd12=567&cd13=7&cd15=0&cd14=10&z=897916045

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 10:33:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BArdHoEJJ9tx22JYqA1E80_aKpvw-uSXDEzT08yaGuo.js Show response
www.google.com/js/bg/ Frame 9AD1 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/BArdHoEJJ9tx22JYqA1E80_aKpvw-uSXDEzT08yaGuo.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

040add1e810927db71db6258a80d44f34fda2a9bf0fae4970c4cd3d3cc9a1aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-&co=aHR0cHM6Ly93d3cuY29tcHV0ZXJ3ZWVrbHkuY29tOjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=qwvler9omi75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 796
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
expires: Wed, 23 Mar 2022 14:07:10 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9AD1 2 KB
3 KB 44ms
26ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 498475
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 24 Mar 2021 19:52:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9AD1 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 412741
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9AD1 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 499213
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:40:13 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
433 B 87ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&tn=DIV&cls=grecaptcha-badge&ign=false

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 087B 0
549 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&adk=3355495575&adf=2226393769&lmt=1616509226&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ea=0&flash=0&pra=7&wgl=1&dt=1616509224612&bpp=4&bdt=2789&idt=1707&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5446219641815&frm=20&pv=1&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1731

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&adk=3355495575&adf=2226393769&lmt=1616509226&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&ea=0&flash=0&pra=7&wgl=1&dt=1616509224612&bpp=4&bdt=2789&idt=1707&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5446219641815&frm=20&pv=1&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1731
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.computerweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.computerweekly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 14:20:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 14:35:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 14:20:26 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
48 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19047342-14&cid=1376360622.1616509224&jid=1733461826&uid=0&gjid=2000088083&_gid=710053614.1616509225&_u=aCDACEAjBAAAAG~&z=486552477

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 14:20:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
25 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19047342-17&cid=1376360622.1616509224&jid=161269550&uid=0&gjid=982019388&_gid=710053614.1616509225&_u=aCDACEAjBAAAAG~&z=1497665748

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 14:20:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9AD1 102 B
263 B 16ms
15ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-&co=aHR0cHM6Ly93d3cuY29tcHV0ZXJ3ZWVrbHkuY29tOjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=qwvler9omi75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 14:20:26 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1113658277350730709&pixelIndex=0&_=1616509224651
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1113658277350730709&pixelIndex=0&_=1616509224651&google_gid=CAESEEMMM4dI8S9wm6YuBKdenuY&google_cver=1

0
598 B

143ms
138ms

Script
text/javascript

34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1113658277350730709&pixelIndex=0&_=1616509224651&google_gid=CAESEEMMM4dI8S9wm6YuBKdenuY&google_cver=1
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-142-95.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1113658277350730709&pixelIndex=0&_=1616509224651&google_gid=CAESEEMMM4dI8S9wm6YuBKdenuY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 117ms
45ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1113658277350730709
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:26 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 323ms
20ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.computerweekly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 329ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.computerweekly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 371ms
69ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=942753024772523&correlator=3649619358995782&output=ldjh&impl=fif&eid=31060469%2C31060502%2C31060530%2C31060367%2C44739387&vrg=2021031701&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=3618%2CCW%2CNEWS&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=type%3Doop&cust_params=pth%3Dnews.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption%26ss%3Dcw%26gci%3D252497918%26tax%3D2240036641%26markettax%3D4580%252C223%252C4582%252C27%252C15%252C4518%252C224%252C4528%252C4525%252C4522%252C4282%252C4287%252C4288%252C354%252C226%252C339%252C4559%252C4552%252C228%252C357%252C47%26markettax_ranked%3D4580%2520major%252C223%2520significant%252C4582%2520major%252C27%2520major%252C15%2520major%252C4518%2520major%252C224%2520major%252C4528%2520major%252C4525%2520major%252C4522%2520major%252C4282%2520major%252C4287%2520major%252C4288%2520major%252C354%2520major%252C226%2520major%252C339%2520significant%252C4559%2520significant%252C4552%2520major%252C228%2520significant%252C357%2520major%252C47%2520major%26clu%3D2240110803%26ppc%3D0%26ui%3D16792685388%26layout%3Ddesktop%26viewport%3D1600%26site%3Dcomputerweekly%26cmp%3D1&cookie=ID%3De95b1983564fcc8d-22cf37f7d8ba00e1%3AT%3D1616509225%3ART%3D1616509225%3AS%3DALNI_MbQxbkSNN9KzT2-DXK4J10Qwb15BQ&bc=31&abxe=1&lmt=1616509227&dt=1616509227167&dlt=1616509221823&idt=5186&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2644195583&ucis=1&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5540&msz=1x1&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=false&fws=128&ohw=0

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

477f0079ec0aa59b3722d2bb69b3106cda057ac3b4adcb82777fb37f748cca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2258
x-xss-protection: 0
google-lineitem-id: 4652816574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315327362
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a51eb4276ed3948d536800a37317c1ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 62ms
13ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a51eb4276ed3948d536800a37317c1ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 12ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
6 KB 382ms
78ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=942753024772523&correlator=3649619358995782&output=ldjh&impl=fif&eid=31060469%2C31060502%2C31060530%2C31060367%2C44739387&vrg=2021031701&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=3618%2CCW%2CNEWS&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cust_params=pth%3Dnews.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption%26ss%3Dcw%26gci%3D252497918%26tax%3D2240036641%26markettax%3D4580%252C223%252C4582%252C27%252C15%252C4518%252C224%252C4528%252C4525%252C4522%252C4282%252C4287%252C4288%252C354%252C226%252C339%252C4559%252C4552%252C228%252C357%252C47%26markettax_ranked%3D4580%2520major%252C223%2520significant%252C4582%2520major%252C27%2520major%252C15%2520major%252C4518%2520major%252C224%2520major%252C4528%2520major%252C4525%2520major%252C4522%2520major%252C4282%2520major%252C4287%2520major%252C4288%2520major%252C354%2520major%252C226%2520major%252C339%2520significant%252C4559%2520significant%252C4552%2520major%252C228%2520significant%252C357%2520major%252C47%2520major%26clu%3D2240110803%26ppc%3D0%26ui%3D16792685388%26layout%3Ddesktop%26viewport%3D1600%26site%3Dcomputerweekly%26cmp%3D1&cookie=ID%3De95b1983564fcc8d-22cf37f7d8ba00e1%3AT%3D1616509225%3ART%3D1616509225%3AS%3DALNI_MbQxbkSNN9KzT2-DXK4J10Qwb15BQ&bc=31&abxe=1&lmt=1616509227&dt=1616509227180&dlt=1616509221823&idt=5186&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=160&adks=854187666&ucis=2&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x110&msz=728x110&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

cb6afb5c51ce8c2999fce27c3ad1ff8be0f26bf71259fbffe8a76efe257eef51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6300
x-xss-protection: 0
google-lineitem-id: 154259497
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289070101
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
6 KB 379ms
78ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=942753024772523&correlator=3649619358995782&output=ldjh&impl=fif&eid=31060469%2C31060502%2C31060530%2C31060367%2C44739387&vrg=2021031701&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=3618%2CCW%2CNEWS&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pos%3Dtop&cust_params=pth%3Dnews.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption%26ss%3Dcw%26gci%3D252497918%26tax%3D2240036641%26markettax%3D4580%252C223%252C4582%252C27%252C15%252C4518%252C224%252C4528%252C4525%252C4522%252C4282%252C4287%252C4288%252C354%252C226%252C339%252C4559%252C4552%252C228%252C357%252C47%26markettax_ranked%3D4580%2520major%252C223%2520significant%252C4582%2520major%252C27%2520major%252C15%2520major%252C4518%2520major%252C224%2520major%252C4528%2520major%252C4525%2520major%252C4522%2520major%252C4282%2520major%252C4287%2520major%252C4288%2520major%252C354%2520major%252C226%2520major%252C339%2520significant%252C4559%2520significant%252C4552%2520major%252C228%2520significant%252C357%2520major%252C47%2520major%26clu%3D2240110803%26ppc%3D0%26ui%3D16792685388%26layout%3Ddesktop%26viewport%3D1600%26site%3Dcomputerweekly%26cmp%3D1&cookie=ID%3De95b1983564fcc8d-22cf37f7d8ba00e1%3AT%3D1616509225%3ART%3D1616509225%3AS%3DALNI_MbQxbkSNN9KzT2-DXK4J10Qwb15BQ&bc=31&abxe=1&lmt=1616509227&dt=1616509227183&dlt=1616509221823&idt=5186&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=653&adks=2173794729&ucis=3&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1140d97c0b185cecfd7e9e01c58e145ec054e76dc424154c4dbaf8da64a26d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6425
x-xss-protection: 0
google-lineitem-id: 5630848200
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341792407
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
6 KB 378ms
76ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=942753024772523&correlator=3649619358995782&output=ldjh&impl=fif&eid=31060469%2C31060502%2C31060530%2C31060367%2C44739387&vrg=2021031701&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=3618%2CCW%2CNEWS&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x251&prev_scp=pos%3Dbottom&cust_params=pth%3Dnews.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption%26ss%3Dcw%26gci%3D252497918%26tax%3D2240036641%26markettax%3D4580%252C223%252C4582%252C27%252C15%252C4518%252C224%252C4528%252C4525%252C4522%252C4282%252C4287%252C4288%252C354%252C226%252C339%252C4559%252C4552%252C228%252C357%252C47%26markettax_ranked%3D4580%2520major%252C223%2520significant%252C4582%2520major%252C27%2520major%252C15%2520major%252C4518%2520major%252C224%2520major%252C4528%2520major%252C4525%2520major%252C4522%2520major%252C4282%2520major%252C4287%2520major%252C4288%2520major%252C354%2520major%252C226%2520major%252C339%2520significant%252C4559%2520significant%252C4552%2520major%252C228%2520significant%252C357%2520major%252C47%2520major%26clu%3D2240110803%26ppc%3D0%26ui%3D16792685388%26layout%3Ddesktop%26viewport%3D1600%26site%3Dcomputerweekly%26cmp%3D1&cookie=ID%3De95b1983564fcc8d-22cf37f7d8ba00e1%3AT%3D1616509225%3ART%3D1616509225%3AS%3DALNI_MbQxbkSNN9KzT2-DXK4J10Qwb15BQ&bc=31&abxe=1&lmt=1616509227&dt=1616509227187&dlt=1616509221823&idt=5186&frm=20&biw=1600&bih=1200&oid=3&adxs=720&adys=1606&adks=702282463&ucis=4&ifi=6&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x600&msz=300x600&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=false&fws=0&ohw=0&btvi=1

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c2475c81f947b477b9263a56d081e12ac4ee2e13ba9fbafca0e7f087b43fadf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6430
x-xss-protection: 0
google-lineitem-id: 5630848200
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341352221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 universal-tag.js Show response
ads-v2.spotible.com/tag/ Frame C829 4 KB
2 KB 399ms
135ms Script
application/javascript 18.204.252.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-v2.spotible.com/tag/universal-tag.js
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.252.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-252-33.compute-1.amazonaws.com
Software: /
Resource Hash: de622677e7b5ca44db0124b2224df98899a99884fe22d519a7645e77e51d2a96

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:27 GMT
cache-control: public, max-age=3600
content-encoding: gzip
etag: "a58ca5dac2cf03066e37e461382561df"
vary: accept-encoding
content-type: application/javascript

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B775 0
0 73ms
72ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRtTqy-7yhJ7XcilBvtG7u0rlkjdoGWbIUEUZmPbLWDDwcl1N684fqOeMgmZSCLBhz3yhCrtIPbxCxdG3bS90pUKHK7h--w62Ce1ARgQgXs22yFymKDxh-Zj2_Szko5IsauixYnw3TUGr58cqbyws2lb_Y4F72hXeyxc_2XjV5jMRWyjvIw5eN8Zg5mmvWlrEJ1E8MSgnnVbxjPtJh09yyoqit42BA5SSLuanrSAPLUxTWhQe1VkOZ6hMJcEZB7hMz_Dj7TtFkwTaoy-u69_tbRQLODLktZFYYa4CbtJzSog&sig=Cg0ArKJSzLsZHjuagznNEAE&adurl=

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 14:20:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame B775 2 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:18:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B775 118 KB
36 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B775 0
0 13ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxhefM10NFkMTtK8lwoHlr9nJ7S9Wbvo-phWJ1tuhqpv6Zo4BY_fAlrAyHA34dBbxChB3zqE74gQtqRK_MtE9Pmfning
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B775 7 KB
3 KB 113ms
22ms Script
application/javascript 2a02:26f0:10c:49e::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4775388715&ord=2826047693&litm=5630848200&scrt=138341792407&splc=/3618/CW/NEWS&adu=153796537&unit=300x250&btreg=5630848200138341792407&btadsrv=5630848200138341792407&cb=1390694813&ctx=19913272&cmp=DV402603&spos=top&c1=2240036641&c2=computerweekly&c3=&c4=0&c5=&c8=news.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fa57c3f9d183c672e35364859903c259235517855e530d6707404031c7b3db97

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Mar 2021 15:42:43 GMT
Server: Microsoft-IIS/10.0
ETag: "809b4d5681ed71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H3-Q050 200 8453352930463294421
tpc.googlesyndication.com/simgad/ Frame B775 20 KB
20 KB 77ms
23ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8453352930463294421

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3e156c7150e6ed781880ebe57c986b7828ec5af813ab91caac58e9c421a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:07:24 GMT
x-content-type-options: nosniff
age: 339184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20546
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 06:52:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 16:07:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C08B 0
0 71ms
69ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_fRmKqiCBQR1fJLXKgkfDQoeZlL1gSK3cFrjFH6G198b1v-683iipBByh33j5x2jayvhF5wAVxb-9tih8nX667qDDAXVAhv6nDEchbyruVc0hTbjHsOA2I9M2BvVpbWNDVnZVnbGknI8TC24K7HbIWMoblh0AASwYuG2Sx0TcNc2OwDI-wTNkJz_-jJZIepuE1MwhkqiYi614Y9PcvB9_3xNMlnmmYI-R0s2TR2v_2rOq6oWsGZGTxiaU_JScQOB1i-gFrZY6yOV-Pnwl-ATGW8TvCIWN2TT9gVE&sig=Cg0ArKJSzM1caNN7CD_QEAE&adurl=

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 14:20:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame C08B 2 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:17:39 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C08B 118 KB
36 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:28 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C08B 0
0 17ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCsqupkXb1TfdNe5DL0AgsxURSjD14Iesv1TBNcrQYJfUx_5gzkjHce-EaGuxX-66wnPWzVyauYcNsXx5sanfEHot12w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame C08B 7 KB
3 KB 42ms
10ms Script
application/javascript 2a02:26f0:10c:49e::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=24606097&ord=231503977&litm=154259497&scrt=138289070101&splc=/3618/CW/NEWS&adu=153796537&unit=728x90&btreg=154259497138289070101&btadsrv=154259497138289070101&cb=1629401284&ctx=19913272&cmp=DV402603&spos=&c1=2240036641&c2=computerweekly&c3=&c4=0&c5=&c8=news.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fa57c3f9d183c672e35364859903c259235517855e530d6707404031c7b3db97

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Mar 2021 15:42:43 GMT
Server: Microsoft-IIS/10.0
ETag: "809b4d5681ed71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H3-Q050 200 8207901073319489182
tpc.googlesyndication.com/simgad/ Frame C08B 139 KB
139 KB 43ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8207901073319489182

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f19cfd2c1dd4fc58aeebf6c107122dabbe35bfbf4c1c6856a570263793e0bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 17:06:30 GMT
x-content-type-options: nosniff
age: 162838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142337
x-xss-protection: 0
last-modified: Thu, 26 Sep 2019 13:31:47 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 17:06:30 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9381 0
0 93ms
87ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstopjeMZ7pvK0rCX-6BINyXhxhCJzPaW3kkcM8TQ7d990bEaeU3JMYFxhrrAnbNeBYHn5MT8idfn4NYrV19jDYmeeV75gbIPkxG1kBMmSQs2AqDQzNGxkR5cYXYYVgEQeqOENfsbmlC5BfdeTYwhPP56Y6IsWZMNvt4s_HfVBBFBnE8iIQ0OFs4uZOKCBpIYKHmsyb_EhCkcmcemRFlQVuc8Q4kmJ3m_FXyoDspK5TtwBH7rc0qhbN1muZUCvaSRPd_vFP17RDyo3c1Ok8a6GPUffr3cExpAtups9Bh_iJvOQ&sig=Cg0ArKJSzEHL3FORngStEAE&adurl=

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 9381 2 KB
1 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:17:39 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9381 118 KB
36 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:28 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9381 0
0 67ms
45ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6QrJawxUN8jeCquEQrjpFCIxv2xb5BoNrJE8HmiXDP0Ru4ytzlHgrH_pC7gwEuxlkovIthrMJpTBdEORlKXegi1YQaQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9381 7 KB
3 KB 53ms
30ms Script
application/javascript 2a02:26f0:10c:49e::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4775388715&ord=2826047693&litm=5630848200&scrt=138341352221&splc=/3618/CW/NEWS&adu=153796537&unit=300x600&btreg=5630848200138341352221&btadsrv=5630848200138341352221&cb=1892208707&ctx=19913272&cmp=DV402603&spos=bottom&c1=2240036641&c2=computerweekly&c3=&c4=0&c5=&c8=news.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fa57c3f9d183c672e35364859903c259235517855e530d6707404031c7b3db97

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Mar 2021 15:42:43 GMT
Server: Microsoft-IIS/10.0
ETag: "809b4d5681ed71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H3-Q050 200 15387226203905402481
tpc.googlesyndication.com/simgad/ Frame 9381 97 KB
97 KB 53ms
31ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15387226203905402481

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd430db300f5f88282e09bff292af9926fb9a7771337b25ce0b1d3965ff437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 08:00:30 GMT
x-content-type-options: nosniff
age: 541198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99569
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 06:49:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 08:00:30 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9AD1 9 KB
7 KB 126ms
106ms XHR
application/json 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39347412288fc58f738830a1f6eff50dfb843710642cba5816efc1c7e02fa090

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcV86YUAAAAAEb1Oo_dHxxcy7KHnWoxY2MD1TS-&co=aHR0cHM6Ly93d3cuY29tcHV0ZXJ3ZWVrbHkuY29tOjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=qwvler9omi75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 23 Mar 2021 14:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6626
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 14:20:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D67D 6 KB
778 B 45ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&h=280&slotname=8728364240&adk=2592093652&adf=675987550&pi=t.ma~as.8728364240&w=1200&fwrn=4&fwrnh=100&lmt=1616509225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616509224563&bpp=48&bdt=2740&idt=833&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5446219641815&frm=20&pv=2&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aIUqanDLvU&p=https%3A//www.computerweekly.com&dtd=927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 13:46:04 GMT
server: ESF
date: Tue, 23 Mar 2021 14:20:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 14:20:28 GMT

GET
DATA 200
OK truncated
/ Frame B775 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 676e3fb7003df882f1014795906fdba5f5466310dd583eebebe9e80afaff8830

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements1146.js Show response
cdn.doubleverify.com/ Frame 2118 476 KB
86 KB 14ms
13ms Script
application/javascript 2a02:26f0:10c:49e::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1146.js
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ada2b7b8e97b28a0c397cf381249d2ba6b7bd3c6f028cb071ef548e6451d31e7

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Mar 2021 07:48:29 GMT
Server: Microsoft-IIS/10.0
ETag: "80c475eb11bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946083600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87408

GET
DATA 200
OK truncated
/ Frame C08B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 561108b2206f37ad80815d65055d8e5d3de1567dce6562b90ac2d7d7c78b4c3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements1146.js Show response
cdn.doubleverify.com/ Frame B41B 476 KB
86 KB 15ms
15ms Script
application/javascript 2a02:26f0:10c:49e::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1146.js
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ada2b7b8e97b28a0c397cf381249d2ba6b7bd3c6f028cb071ef548e6451d31e7

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Mar 2021 07:48:29 GMT
Server: Microsoft-IIS/10.0
ETag: "80c475eb11bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946083600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87408

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame D67D 1 KB
980 B 11ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:17:52 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame D67D 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:17:35 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame D67D 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:17:39 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D67D 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame D67D 12 KB
5 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:19:28 GMT

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame D67D 25 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 03:37:36 GMT
server: sffe
age: 45228
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Mon, 21 Jun 2021 01:46:41 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/996132073851719689/ Frame D67D 23 KB
23 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/996132073851719689/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab54bcaadf48b495943a87d7aa2225f3f5eb02a15153b0e2f5b14ff6bd4e0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:34:26 GMT
x-content-type-options: nosniff
age: 445563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23702
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 21:02:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:34:26 GMT

GET
DATA 200
OK truncated
/ Frame D67D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9381 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c8440bb7a0efd0a0bee9bd947e141838df5fc6942a12d1c9eb88222d27d60ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements1146.js Show response
cdn.doubleverify.com/ Frame 5885 476 KB
86 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:49e::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1146.js
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ada2b7b8e97b28a0c397cf381249d2ba6b7bd3c6f028cb071ef548e6451d31e7

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Mar 2021 07:48:29 GMT
Server: Microsoft-IIS/10.0
ETag: "80c475eb11bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946083600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87408

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B775 0
0 793ms
119ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdXH26UbSTtgMj5Cs_h2nPpmNdxJhEC3XgGKOwGhQXaIBLRtnL5n113eyBFGOpMNR--ud7VV8XM1Xta4ty000Rpvya7sMG5sF2oV_jdiHynuIosJ1THOJ6cWELiIi_9lYCBjhdvbXTFVGqgD5hFzD7aJ1a1JJiH8f9T2HPl9GCZ1PXoiz1_zpGRk9mOkqBA6vSa8kKlUU75tpLYPiTtD3mslQxjOjkA6aC1gVilcH6W-vXiVASEYONKd9bV0iY4ql_SHtZdt1rMmsplS_UanGmjiGi3ZHoKEE5DJVhZ_gMLAfN&sig=Cg0ArKJSzHcZwR-XfDQeEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 14:20:30 GMT

GET
H2 200 delivery.js Show response
ads-v2.spotible.com/creative/TKOn/ 72 KB
24 KB 119ms
118ms Script
application/javascript 18.204.252.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-v2.spotible.com/creative/TKOn/delivery.js
Requested by: Host: ads-v2.spotible.com
URL: https://ads-v2.spotible.com/tag/universal-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.252.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-252-33.compute-1.amazonaws.com
Software: /
Resource Hash: bf0f02ba1e09f22ee7fa465076dd59cfe58f1f99b55b1866089e6c3ee2d7d217

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:29 GMT
cache-control: no-cache
content-encoding: gzip
etag: "0d4dafb3c76bd67a720e3fbfc913770d"
vary: accept-encoding
content-type: application/javascript;charset=utf-8

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C08B 0
0 770ms
119ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDh6xIMQAxVXmOVqNMjej71A9IQuN-s_pfYyVBsXyE3AtDc7BiOCujSNMZ9NmWR-r6CHy1ksOkhH9DoIBUEpftXNhasdR0c7DJ8GeFsth4XuYc2xa3P_KAq0g0nEQDSu5gwGPth5ICTn7bOPVQ2sp0PxS17gXLNxEcAe95NAHHLHGr_K73kRgfMMEN2YBMWO7psRcHC1CuGjEIfx13M4qBuF4AShmT0arWmklzGR0O6MjWSOWnneBVcgwIho5-aJDi4_1OvXOD0CbgKx4xJx_QZoNZat0lYOr3tKAUfw&sig=Cg0ArKJSzFTuMT-TWZrGEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 14:20:30 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9381 0
0 763ms
118ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVa_amr2wQCbwLzlj0FMBQyByaDwo3gWqJArSOhteIvVdV4CaMmcFncywMD1jtJKjz4HTvXNCJKAijMfFOZzRxad9fITZkqssb8j-5o93Tyo_QUlKrU_mVilSQ4jnGz8JfWoPbDDWQ7dCMqIPW2PJKjylzJRjk64pg0P5MgV4aUnTSCooX44eWJPCe0LQuDduC1Tqm8h5gIHlL4jk-YSqWKeFe0_0oEIsIX2UL2JXX_xzyaIsF_F1RDiDSFuRPHqCNPtmbM8SVi-e4TGXa-g6O7YUO1prGJt1tx8SnEpdgeobF&sig=Cg0ArKJSzGp9CBVt3fqVEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 14:20:30 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D67D 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2ytCKflZYPusJcSHlgSDg7mIC4OcuZdfnuS5gJ4L64_D_5EOEAEggYzIGWCViriCyAegAcy94YQDyAEJqQIMniV5jPCzPqgDAcgDywSqBKcCT9AjWN8u_nrSy7rpoBRTSxM63TkhyqpcoishsC_qerJncRWjsOsgq4GP6zUJG2UnVPFP2tNfHmVv0LrXPtuEWdjb9Gm2o8CWMFVEOOCnsJzQF_va72dkZNaJ5G4lygO48V9u_ueKvVtRW0ih5433iYlVrzNzkZ8bQb0oJ3KRPXUC0EuU_L7BOBXh6iWr5D1GdD30WClcdZ5IgkELV2sMEm9tvERd-w3ug2ry4eKIUk79kclfW8wb3tXGWoUeHWusv9Dy-zgL4qsOuh6KypEk19nytzMJVRs0UybBFaSAzJ3UFC4brjiUjEdIH71txEuTGV8_QExdeogCd52iGK_A7XtGUE6bZ2_CnnkxnNVfIXa0Kn_tfqed5bnL9p0zeQwU3gI9XpjW08AEuvTpk_YCkgUECAQYAZIFBAgFGASgBi6AB5zCnnuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQpcO5AtIIBwiAYRABGB-ACgHICwHYEw2IFASyFxoKGAgAEhRwdWItNjA1MDk4NTQyMTc5NTIyOQ&sigh=CYYyaPkOnrI&template_id=484&tpd=AGWhJmvtvHZPQHy3cXnC86YOuLxWaIqixhn5KcQyklnp7imVIw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&addtl_consent=1~&client=ca-pub-6050985421795229&output=html&h=280&slotname=8728364240&adk=2592093652&adf=675987550&pi=t.ma~as.8728364240&w=1200&fwrn=4&fwrnh=100&lmt=1616509225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616509224563&bpp=48&bdt=2740&idt=833&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5446219641815&frm=20&pv=2&ga_vid=1376360622.1616509224&ga_sid=1616509225&ga_hid=840024322&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44738185%2C44739387&oid=3&pvsid=942753024772523&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aIUqanDLvU&p=https%3A//www.computerweekly.com&dtd=927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 14:20:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 13ms
13ms Other
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RRBYR9CGB9&gtm=2oe3h0&_p=840024322&sr=1600x1200&gcs=G11-&ul=en-us&cid=1376360622.1616509224&dl=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&dt=Unusual%20DearCry%20ransomware%20uses%20%E2%80%98rare%E2%80%99%20approach%20to%20encryption&sid=1616509223&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBYR9CGB9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B775 42 B
501 B 278ms
39ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRHE3mxgiBIdBUuGLyzx_F-ULakvSk79jBFAWX3702JMSQljynrsBAHPwgACoxq8pVVSxondK9Y8PruSTOI4pRpxJma0DTGqGjGO3IsMM&sig=Cg0ArKJSzDw6qDuUPbDQEAE&id=osdim&mcvt=1000&p=653,1060,903,1360&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210322&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2173794729&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616509228122&dlt=0&rpt=1561&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C08B 42 B
108 B 65ms
61ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEgyj1cNpalrtxoJj2Z_omF-OHaXW7nrtm14smMo6TaInbd_wuTS8dhEmkpabYKIDW4TY5f_AAQARzCpmryHCaWulkZuiWxkYqzx2zZHk&sig=Cg0ArKJSzAuqh6NjMSU_EAE&id=osdim&mcvt=1079&p=160,436,250,1164&mtos=1079,1079,1079,1079,1079&tos=1079,0,0,0,0&v=20210322&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=854187666&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616509228296&dlt=0&rpt=1416&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2118 1 KB
1 KB 116ms
41ms Script
text/javascript 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3ETau%3F6HDTauadachfh%60gTau%26%3FFDF2%3D%5Cs62CrCJ%5CC2%3FD%40%3EH2C6%5CFD6D%5CC2C6%5C2AAC%40249%5CE%40%5C6%3F4CJAE%3A%40%3FU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3ETar9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1616509230811549&jsCallback=dvCallback_1616509230811755&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1146&tgjsver=1146&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&fwc=0&fcl=97&flt=2&fec=1171&fcifrms=13&brh=2&dvp_epl=307&noc=16&ctx=19913272&cmp=DV402603&btreg=5630848200138341792407&btadsrv=5630848200138341792407&adsrv=104&unit=300x250&seltag=1&sadv=4775388715&ord=2826047693&litm=5630848200&scrt=138341792407&splc=/3618/CW/NEWS&adu=153796537&spos=top&c1=2240036641&c2=computerweekly&c4=0&c8=news.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1611016.1278025387&dvp_tukv=90610636799.90732&dvp_uuid=79451966546.06793&dvp_tuid=1516354671788&dvp_vcms=264&dvp_slmsd=1404&dvp_vcmsd=1668
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 5c0a4d5734e04693e4c9d56189facce3992da3becb47cbceda1e2b3dfc44d969

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 3/22/2021 2:20:30 PM

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B41B 2 KB
1 KB 38ms
37ms Script
text/javascript 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3ETau%3F6HDTauadachfh%60gTau%26%3FFDF2%3D%5Cs62CrCJ%5CC2%3FD%40%3EH2C6%5CFD6D%5CC2C6%5C2AAC%40249%5CE%40%5C6%3F4CJAE%3A%40%3FU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3ETar9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1616509231168300&jsCallback=dvCallback_1616509231168664&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1146&tgjsver=1146&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&fwc=0&fcl=97&flt=2&fec=1171&fcifrms=13&brh=2&dvp_epl=307&noc=16&ctx=19913272&cmp=DV402603&btreg=154259497138289070101&btadsrv=154259497138289070101&adsrv=104&unit=728x90&seltag=1&sadv=24606097&ord=231503977&litm=154259497&scrt=138289070101&splc=/3618/CW/NEWS&adu=153796537&c1=2240036641&c2=computerweekly&c4=0&c8=news.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=7903401.415073445&dvp_tukv=88718690333.51898&dvp_uuid=8834856388.318104&dvp_tuid=1271547535819&dvp_vcms=41&dvp_slmsd=1833&dvp_vcmsd=1874
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 93d8a756d6339db50455dcad7ee3b37226ca2e56bc3df52034f406dbd3d234cf

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 3/22/2021 2:20:30 PM

GET
DATA 200
OK truncated
/ Frame D67D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64f9d7c82020bda2073772ac96cb8b57b3a529528b416625cec9803f555d8249

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D67D 15 KB
16 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 498480
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D67D 15 KB
16 KB 42ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 488321
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:41:50 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 5885 1 KB
1 KB 39ms
38ms Script
text/javascript 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3ETau%3F6HDTauadachfh%60gTau%26%3FFDF2%3D%5Cs62CrCJ%5CC2%3FD%40%3EH2C6%5CFD6D%5CC2C6%5C2AAC%40249%5CE%40%5C6%3F4CJAE%3A%40%3FU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3ETar9EEADTbpTauTauHHH%5D4%40%3EAFE6CH66%3C%3DJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1616509231524275&jsCallback=dvCallback_1616509231524295&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1146&tgjsver=1146&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&fwc=0&flt=2&fec=1171&fcifrms=13&brh=2&dvp_epl=307&noc=16&ctx=19913272&cmp=DV402603&btreg=5630848200138341352221&btadsrv=5630848200138341352221&adsrv=104&unit=300x600&seltag=1&sadv=4775388715&ord=2826047693&litm=5630848200&scrt=138341352221&splc=/3618/CW/NEWS&adu=153796537&spos=bottom&c1=2240036641&c2=computerweekly&c4=0&c8=news.252497918.Unusual-DearCry-ransomware-uses-rare-approach-to-encryption&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=3636242195.2482033&dvp_tukv=1763851.7442335868&dvp_uuid=1046175252195.1309&dvp_tuid=1573255318479&dvp_vcms=16&dvp_slmsd=1956&dvp_vcmsd=1972
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7999e7aad61877bc328e95c5b1ae7419e4e53ec24151d3a6c2253f17467b3163

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:31 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 3/22/2021 2:20:31 PM

GET
H2 200 Infografik_EU-Datenschutz-Ratgeber.jpg
cdn.spotible.com/creative/TKOn/hashed/81a1fa6205fda205459f0f99f2eecfd4/ 97 KB
97 KB 137ms
41ms Image
image/jpeg 99.86.3.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.spotible.com/creative/TKOn/hashed/81a1fa6205fda205459f0f99f2eecfd4/Infografik_EU-Datenschutz-Ratgeber.jpg
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-47.fra6.r.cloudfront.net
Software: /
Resource Hash: e2a7c5b4b1ca9564a20d81f2a80b429c5614266a9688f7a9ef1e13e69a6479e2

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:31 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: "81a1fa6205fda205459f0f99f2eecfd4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 99058
x-amz-cf-id: AC0F03BoleKfChmz9rKA6q49vAQ1CV7VdyvrUL0fb6T9AJIUmVM6IQ==

GET
H2 200 JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DFE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 2030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5657
x-xss-protection: 0
expires: Wed, 23 Mar 2022 13:46:41 GMT

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 81ms
27ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: DBQXF5VGERPQ674M
x-cache: HIT
content-length: 11777
x-amz-id-2: IFtiBzdE4snYrOOxwTSl7Z1L+6UNeohOBTvjlgAVuulj+0LeTAzLp7QdcX5eaZ8TWkQowdlRPIA=
x-served-by: cache-hhn4066-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1616509232.172194,VS0,VE0
date: Tue, 23 Mar 2021 14:20:32 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 20252

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
23ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1873788fa9a46cc4288974ce5249744990b738144037a4185fb567f7033a4f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6448
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 14:20:32 GMT

GET
H2 200 report
ads-v2.spotible.com/creative/TKOn/ 43 B
113 B 120ms
118ms Image
image/gif 18.204.252.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-v2.spotible.com/creative/TKOn/report?,1616509231,693001;UNIQUE_USER_GLOBAL!0,1,0;UNIQUE_USER_DAILY!0,1,0;UNIQUE_USER_HOURLY!0,1,0;IMPRESSION!0,1,0!1,1,0!19,1,0!21,1,0!87,1,0;IN_VIEW!0,1,1!1,1,1!19,1,1!21,1,1!87,1,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.252.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-252-33.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:31 GMT
cache-control: no-store
content-length: 43
content-type: image/gif

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ 0
186 B 67ms
66ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4nidie7YU7Vo7WebSvmyAjklJ24ibWP2E7DF5pur4AqNdXf2L3iujCkIJEKwd2VrY2nfpoQOSR_xaDPMYYeq3fXSUhTRJ-nBEbFbaSwqApNrJ1NAahLt0XnYMuxhTNx5WyRUbTMxU_f_CDWcT9aBePHvxrknWpRQwi_MhmgdmLoICK_5kBhNaRcawlm2NWKf3LjaFp3cyxvTHvINP9S58muWfmF-7ossAA7qM6HlBmrTcjbHELC2ySD2nPiCz1m9fp1457DBFatr1uddDThJsKaLm2xnbJ8FYWYIHyJqcRB1B_dNdaiOBi995J7XOkyzhiZj1kVwo&sig=Cg0ArKJSzLDbMaMYMjWTEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 14:20:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 14:20:32 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.computerweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1068cf12f6 Show response
bam-cell.nr-data.net/1/ 57 B
518 B 321ms
269ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/1068cf12f6?a=313780&v=1208.49599aa&to=ZQMAYxdYXUBSAkFbClxJLFgXVFJfWhtQVjBAD010ClRDRkcER2UAVw0OTkpXVkRATh8dMFwTEUIEVR53VgBHcRdLSxBWC0pcXkQAR1dIRxUHREhLUkFWTFRCFUAJA1QNFEdcHgRbURdLFhZeClc%3D&rst=11222&ck=0&ref=https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption&ap=349&be=1323&fe=10924&dc=2034&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1616509221174,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:3,%22c%22:3,%22s%22:22,%22ce%22:358,%22rq%22:358,%22rp%22:645,%22rpe%22:1265,%22dl%22:649,%22di%22:1932,%22ds%22:1932,%22de%22:2035,%22dc%22:10902,%22l%22:10902,%22le%22:10933%7D,%22navigation%22:%7B%7D%7D&fp=1406&fcp=1406&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 14:20:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 63484d0eeb98cc4a-ZRH
cf-request-id: 09010e7d530000cc4a660b0000000001

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2966 12 KB
5 KB 10ms
10ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.computerweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.computerweekly.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 23 Mar 2021 13:55:16 GMT
expires: Wed, 23 Mar 2022 13:55:16 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1516
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2966 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 2031
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5657
x-xss-protection: 0
expires: Wed, 23 Mar 2022 13:46:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 53ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=942753024772523&bg=!f3ylfDjNAAbUo7L91KM7ACkAdvg8Wu6-Nazr4wKNAguGCLPaBW5JRaMhNgIhP9qiWPhWqcfcw7gwPgIAAAL0UgAAABxoAQcKAYpPuzWquuqHK81ZvMt5qTbruVvFJhu5vW6mi3elYMzyF-kFpM4boEzsygwSqNABx0zyLURAxP3JlftSJx4T95FtQDbUhBu8sS2WNyfyv6QBKBUtyAVB61C4kOeHsFjXrGySbgQjAyMcOQ26jhzz1CA8ExDt41k4UbS-Vd44wPXDG27O_auulv2CXPBusi5qM9sB0qkU3Ep5IUvJZX6dTs1JysykHbfZ0JNKINcwlfjw39eEPPWAXqAtzCA5Zvtt7dYeBoC-NeLIA2oygDSLIRLjx89UYxT5cDbgVx0dvNkHTA8hOmpQ71Tic3qVhAhoC2KO8gCnG8xwFBBM7G3b58LmAtd1tfpVU_1L2AMBe0ljMrZsC9RiYw2zRkQU0WFnJ7i0u4wBXZpjHLv8nJyeqqyKjE9606IUsUysuXw1BZIP9uSt5Njz6JYxmIue7v0VAs6HvYBtYlbdzsFWBr4AB1sFljk5dT_3zqpPTfocSCNcNYkg9RDbrSkbFGjMv7MM3dfGfylZSe6yifE6mQHPRYa67vSJ46BfYVoOjHvuMGtfKbY50TiJh9NsJYMRFtsdgp4Q8VumU2a2U1jjvjKl9AErpndqMnaA9vM36qrK5fFzl_xVQJMY8640D7lU-3UKnD5Sy-HwdwLIMjSd2aXNlHKRQvYeO-zqxhd3ArseI0TXcAF2XETyD0xoODYocQGD4HPtziBmZ-bhtM9WjnO1Tbx6FDZwGPxZR9GExNNd32HdMnDlFx0P_HJCAbGNUin0pa_M7yJhKZ4jCuTdBTbafgVXRoRZLjVl3SDVAPIJE3DGa7w6_zQRzHG6AoVLwbxGqt8LcVEHzWPRBkEpcuXAob1hIXKotRLafqKI9FVRZq5q-OlTHGXfChLNkjn7kDLvH9tge7c2ffzCFU7HjBmeF19x85hWI_QHIyGlo8VvangDGVkZO1QULkknwXUtyw9e-z9LhLK2sk1uzkIQcbxTYs0CjkALSwJSvkVy7WsyUdqfo7G_SMi6XaQlmO7E9IZsxItt7IXcoa9YgtWGLfeZY9f47KIJfRbKA1RxmSAxcMdzNuhhOKBv1r3Nw-SdYVB5BUeOJY9FLQgseNY3yZ8SV0oGg0hNP-Gar2wKrk3UzcLxiYjWJXM_bA_qIrS2xA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK event.png
tps20223.doubleverify.com/ Frame 2118 67 B
472 B 99ms
34ms Other
image/png 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20223.doubleverify.com/event.png?impid=ea5830a03e254e7abc2f19acfd9e4a3d&gdpr=&gdpr_consent=&dvp_gdv2_Func=1&dvp_gdv2_Applies=0&dvp_gdv2_Succ=1&dvp_gdv2_Dur=0&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&vdur=117&eoid=5&msrjs=1146&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1616509233827598
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.computerweekly.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 3/22/2021 2:20:33 PM

POST
H/1.1 200
OK event.png
tps20225.doubleverify.com/ Frame B41B 67 B
472 B 462ms
34ms Other
image/png 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20225.doubleverify.com/event.png?impid=618979b72b194fb1ab172341fc92bf0a&gdpr=&gdpr_consent=&dvp_gdv2_Func=1&dvp_gdv2_Applies=0&dvp_gdv2_Succ=1&dvp_gdv2_Dur=0&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&vdur=39&eoid=5&msrjs=1146&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1616509234014116
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.computerweekly.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 3/22/2021 2:20:34 PM

POST
H/1.1 200
OK event.png
tps20234.doubleverify.com/ Frame 5885 67 B
472 B 464ms
33ms Other
image/png 213.254.244.17
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20234.doubleverify.com/event.png?impid=30f5afb7f2784e2e80a02974b3cb3a4d&gdpr=&gdpr_consent=&dvp_gdv2_Func=1&dvp_gdv2_Applies=0&dvp_gdv2_Succ=1&dvp_gdv2_Dur=2&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&vdur=40&eoid=5&msrjs=1146&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1616509234046141
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.17 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.computerweekly.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 3/22/2021 2:20:34 PM

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ Frame C08B 305 B
417 B 69ms
36ms Image
image/jpeg 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?cmp=DV020594&ctx=818052&plc=impdm&dvp_cmp=DV402603&dvp_ctx=19913272&jsver=1146&dvp_imp=618979b72b194fb1ab172341fc92bf0a&cbust=1616509234315285
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Content-Length: 142
Expires: 3/22/2021 2:20:34 PM

POST
H/1.1 200
OK event.png
tps20223.doubleverify.com/ Frame 2118 67 B
472 B 31ms
31ms Other
image/png 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20223.doubleverify.com/event.png?impid=ea5830a03e254e7abc2f19acfd9e4a3d&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=8&ismms=300&isumms=300&isvelg=1&nvr=4&isgmmims=301&isgmv4mims=300&isbxdms=3380&b0=2634&b11=735&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3369&sftb=3369&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isgmpims=300&engalms=281&engscrlms=1230&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&dvp_ltspl=8000&cbust=1616509234828551
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.computerweekly.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 3/22/2021 2:20:34 PM

POST
H/1.1 200
OK event.png
tps20225.doubleverify.com/ Frame B41B 67 B
472 B 31ms
31ms Other
image/png 213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20225.doubleverify.com/event.png?impid=618979b72b194fb1ab172341fc92bf0a&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=8&ismms=46&isumms=46&isvelg=1&nvr=4&isgmmims=47&isgmv4mims=46&isbxdms=3078&b0=3309&b11=100&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3409&sftb=3409&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isgmpims=46&engalms=46&engscrlms=518&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&dvp_ltspl=8149&cbust=1616509234947880
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.computerweekly.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 3/22/2021 2:20:34 PM

POST
H/1.1 200
OK event.png
tps20234.doubleverify.com/ Frame 5885 67 B
472 B 32ms
32ms Other
image/png 213.254.244.17
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20234.doubleverify.com/event.png?impid=30f5afb7f2784e2e80a02974b3cb3a4d&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=8&ismms=24&isumms=24&isvelg=1&nvr=2&isgmmims=24&isgmv4mims=24&isbxdms=3060&b0=3504&adhgt=600&adwdth=300&norwdth=300&norhgt=600&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3504&sftb=3504&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=24&engscrlms=414&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&dvp_ltspl=8397&cbust=1616509235042194
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1146.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.17 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.computerweekly.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 3/22/2021 2:20:34 PM

GET
H2 200 report
ads-v2.spotible.com/creative/TKOn/ 43 B
98 B 120ms
119ms Image
image/gif 18.204.252.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-v2.spotible.com/creative/TKOn/report?,1616509231,693003;IN_VIEW_TIME!0,3,0!1,3,0!19,3,0!21,3,0!87,3,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.252.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-252-33.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:34 GMT
cache-control: no-store
content-length: 43
content-type: image/gif

GET
H2 200 report
ads-v2.spotible.com/creative/TKOn/ 43 B
98 B 119ms
118ms Image
image/gif 18.204.252.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-v2.spotible.com/creative/TKOn/report?,1616509231,693004;IN_VIEW_TIME!0,3,0!1,3,0!19,3,0!21,3,0!87,3,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.252.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-252-33.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:37 GMT
cache-control: no-store
content-length: 43
content-type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 122ms
121ms Image
image/gif 34.192.124.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=techtargetnetwork.com&p=%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&u=UQ-fFBuMEwcCq5AIY&d=computerweekly.com&g=41935&g0=CW%2C%20CW%20-%20IT%20security&g1=Alex%20Scroxton%2C%20NEWS%2C%20CW%20-%20NEWS&n=1&f=00001&c=0.25&x=0&m=0&y=6757&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3185&t=OQf26CDvGkXfJuN5Cfb7dfBZzIe&V=124&tz=-60&sn=2&sv=BWpjaKCqI56PCdP_xlDXyk9fzrWeK&sd=1&im=061b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.124.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-124-255.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 14:20:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
2 KB 124ms
119ms Script
text/javascript 34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?sw=252497918https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&q=xSeg&v=1.x&ep%5Bids%5D=21934503%2C21934500%2C21934498%2C19858027%2C2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C19407840%2C21302742%2C22000745%2C22000743%2C22000748%2C22000746%2C22000744%2C17275233%2C21728859%2C21728860%2C21756252%2C19087141%2C19000164%2C17946121%2C25062731%2C25147693%2C24554971%2C2433138%2C24323937%2C21855343%2C996243%2C1345723%2C1345710%2C1345724%2C1345719%2C1345727%2C1345716%2C1345717%2C1345711%2C5648811%2C565952%2C14793258%2C17369550%2C13610887%2C12013010&cl=68&pixelIndex=0&r=352850&tzOffset=-60&url=https%3A%2F%2Fwww.computerweekly.com%2Fnews%2F252497918%2FUnusual-DearCry-ransomware-uses-rare-approach-to-encryption&id=1113658277350730709&_=1616509224652
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_b4c96d80854dd27e76d8cc9e21960eebda52e962.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-142-95.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=21934503,21934500,21934498,19858027,2378844,7838491,7838492,7838563,7844583,7844585,7844587,8380284,2609968,2365326,19407840,21302742,22000745,...
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D21934503%2C21934500%2C21934498%2C19858027%2C2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C83802...

43 B
1 KB

46ms
45ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D21934503%2C21934500%2C21934498%2C19858027%2C2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C19407840%2C21302742%2C22000745%2C22000743%2C22000748%2C22000746

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:41 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid: 368b6bb6-8e4d-47b0-84a8-4d9edfab56ef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:41 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: 7f385e4d-416b-4adc-9d30-5f25011bd22f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D21934503%2C21934500%2C21934498%2C19858027%2C2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C19407840%2C21302742%2C22000745%2C22000743%2C22000748%2C22000746
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=22000744,17275233,21728859,21728860,21756252,19087141,19000164,17946121,25062731,25147693,24554971,2433138,24323937,21855343,996243,1345723,134...
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D22000744%2C17275233%2C21728859%2C21728860%2C21756252%2C19087141%2C19000164%2C17946121%2C25062731%2C25147693%2C24554971%...

43 B
1 KB

40ms
39ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D22000744%2C17275233%2C21728859%2C21728860%2C21756252%2C19087141%2C19000164%2C17946121%2C25062731%2C25147693%2C24554971%2C2433138%2C24323937%2C21855343%2C996243%2C1345723%2C1345710%2C1345724%2C1345719%2C1345727

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:41 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 6515d740-6f46-470b-bc71-9e060b0877e9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:41 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid: 1efd250c-1582-4792-9fa5-288df7f9425e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D22000744%2C17275233%2C21728859%2C21728860%2C21756252%2C19087141%2C19000164%2C17946121%2C25062731%2C25147693%2C24554971%2C2433138%2C24323937%2C21855343%2C996243%2C1345723%2C1345710%2C1345724%2C1345719%2C1345727
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=1345716,1345717,1345711,5648811,565952,14793258,17369550,13610887,12013010
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D1345716%2C1345717%2C1345711%2C5648811%2C565952%2C14793258%2C17369550%2C13610887%2C12013010

43 B
1 KB

61ms
61ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D1345716%2C1345717%2C1345711%2C5648811%2C565952%2C14793258%2C17369550%2C13610887%2C12013010

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:41 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid: 3e5459cc-79d9-4620-9326-65bd06b81c63
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 14:20:41 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid: 8cf8613f-e5fe-4ce5-8bf8-abf634cd09ab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D1345716%2C1345717%2C1345711%2C5648811%2C565952%2C14793258%2C17369550%2C13610887%2C12013010
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 report
ads-v2.spotible.com/creative/TKOn/ 43 B
98 B 120ms
120ms Image
image/gif 18.204.252.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-v2.spotible.com/creative/TKOn/report?,1616509231,693005;IN_VIEW_TIME!0,3,0!1,3,0!19,3,0!21,3,0!87,3,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.252.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-252-33.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:40 GMT
cache-control: no-store
content-length: 43
content-type: image/gif

POST
H/1.1 200
OK 1068cf12f6 Show response
bam-cell.nr-data.net/events/1/ 24 B
498 B 148ms
147ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/1068cf12f6?a=313780&v=1208.49599aa&to=ZQMAYxdYXUBSAkFbClxJLFgXVFJfWhtQVjBAD010ClRDRkcER2UAVw0OTkpXVkRATh8dMFwTEUIEVR53VgBHcRdLSxBWC0pcXkQAR1dIRxUHREhLUkFWTFRCFUAJA1QNFEdcHgRbURdLFhZeClc%3D&rst=21222&ck=0&ref=https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Requested by: Host: www.computerweekly.com
URL: https://www.computerweekly.com/news/252497918/Unusual-DearCry-ransomware-uses-rare-approach-to-encryption
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 23 Mar 2021 14:20:42 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.computerweekly.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 63484d4d1c39cc4a-ZRH
Content-Length: 24
cf-request-id: 09010ea42c0000cc4a08892000000001

GET
H2 200 report
ads-v2.spotible.com/creative/TKOn/ 43 B
98 B 120ms
120ms Image
image/gif 18.204.252.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-v2.spotible.com/creative/TKOn/report?,1616509231,693006;IN_VIEW_TIME!0,3,0!1,3,0!19,3,0!21,3,0!87,3,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.252.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-252-33.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.computerweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:20:43 GMT
cache-control: no-store
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.computerweekly.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 7.266

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/ccpa-config.min.js?v=7.99.1(Line 1) Message: ccpa_cta: -1
console-api	log	URL: https://cdn.ttgtmedia.com/cmp/ttCmpApi.min.js?v=7.99.1(Line 1) Message: Domain :computerweekly.com
console-api	log	URL: https://cdn.ttgtmedia.com/cmp/ttCmpApi.min.js?v=7.99.1(Line 1) Message: * domain match1013
console-api	log	URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive-ui.min.js?v=7.99.1(Line 42) Message: tweet sharing!
console-api	log	URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1(Line 3) Message: UX ERROR-CHECK STARTING
console-api	log	URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.99.1(Line 93) Message: UX ERROR-CHECK COMPLETE
console-api	log	URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.
console-api	log	URL: https://ccpa.sp-prod.net/ccpa.js(Line 1) Message: CCPA script successfully executed.
console-api	log	URL: https://ads-v2.spotible.com/creative/TKOn/delivery.js(Line 142) Message: ____ _ _ _ _ / ___\| _ __ ___ \| \|_(_) \|__ \| \| ___ \___ \\| '_ \ / _ \\| __\| \| '_ \\| \|/ _ \ ___) \| \|_) \| (_) \| \|_\| \| \|_) \| \| __/ \|____/\| .__/ \___/ \__\|_\|_.__/\|_\|\___\| \|_\|

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
a51eb4276ed3948d536800a37317c1ce.safeframe.googlesyndication.com
ads-v2.spotible.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.ipify.org
bam-cell.nr-data.net
ccpa-service.sp-prod.net
ccpa.sp-prod.net
cdn.doubleverify.com
cdn.flipboard.com
cdn.privacy-mgmt.com
cdn.spotible.com
cdn.ttgtmedia.com
cm.g.doubleclick.net
consent.computerweekly.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-tcfv2.sp-prod.net
go.techtarget.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tps20223.doubleverify.com
tps20225.doubleverify.com
tps20234.doubleverify.com
users.techtarget.com
vars.hotjar.com
www.computerweekly.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.226.159.24
13.226.159.54
13.226.159.56
13.226.159.64
13.226.159.67
13.226.159.70
13.226.159.75
142.250.185.226
151.101.114.110
162.247.243.147
163.171.129.149
18.158.31.168
18.204.252.33
185.33.221.90
206.19.49.153
206.19.49.186
206.19.49.191
213.254.244.17
213.254.244.20
216.58.212.162
2600:9000:211e:d800:e:5a70:ca47:86e1
2600:9000:2182:e400:18:1fcd:34e:d2a1
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:400c:c04::9d
2a00:1450:400c:c0c::9b
2a02:26f0:10c:49e::4469
34.192.124.255
34.192.142.95
35.244.174.68
54.225.165.85
54.88.207.148
99.86.3.47
040add1e810927db71db6258a80d44f34fda2a9bf0fae4970c4cd3d3cc9a1aea
089aca69c964aa0d24bd619f1182ff5a5f2dc40f5a5e19d738b1f00c8bee4177
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f6a4d354a385dc0617024b3165ecdf2fe2c1aa4838b41e345bfaeb28da5aee3
1140d97c0b185cecfd7e9e01c58e145ec054e76dc424154c4dbaf8da64a26d94
126c33ec7630a0ccef1fdc53fef83eaf5d5f1caefeaf8d8a3e9820c8e213c5cb
1873788fa9a46cc4288974ce5249744990b738144037a4185fb567f7033a4f93
1a9fbf4ae1b5c9df25fed08657ac7ddd4ee1c290f2f1c315eb8674319e9b8486
1b52a72fe4549d43712c264a844cc41bb9fe249a464a0cf6a94c4db6b547cb06
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fbed173066a5fdeb51a30ae6f2bb9c65f0a18bb139ac743a29f0909bfcc856d
214cd4ca43939f1ab3ccab342b3cd8877055f222954fc23429ec2fde4933f943
251c5049f3470e5f4ead6a8879063bdd19af9cade52fddbbc8c81e885e9ca950
25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38
286515bdd1da1e0b8c5dcbc703a409f855d8e9e45b129b0e4bab9a8140434ed2
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2b0532fec9236eaf59fd56b1b20a8dcf2f342c31225f31c4e5a54f8fe43fe535
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2c8440bb7a0efd0a0bee9bd947e141838df5fc6942a12d1c9eb88222d27d60ae
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34a3969231c5fc2ad974008685042d51164920ac724b8d3913d44a21e4286e19
35ef9ac2d40057982eda09d60724c474cd8c211a24e682d310b68cc47edd9f7d
39347412288fc58f738830a1f6eff50dfb843710642cba5816efc1c7e02fa090
3bd80347564ae9a2905825e6b85749c5ae1eff99fe412fa4392fc3c2596dbbd7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f19cfd2c1dd4fc58aeebf6c107122dabbe35bfbf4c1c6856a570263793e0bed
3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
42450abba6b5284596322dad13e649ce593895f0a5e6e33906c6918134f39563
474d7a7f07e193a147e6c362b2c37863aa8cefe3ad959f77f6a3272e75b1d01f
477f0079ec0aa59b3722d2bb69b3106cda057ac3b4adcb82777fb37f748cca0a
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170
561108b2206f37ad80815d65055d8e5d3de1567dce6562b90ac2d7d7c78b4c3c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c0a4d5734e04693e4c9d56189facce3992da3becb47cbceda1e2b3dfc44d969
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
64f9d7c82020bda2073772ac96cb8b57b3a529528b416625cec9803f555d8249
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
676e3fb7003df882f1014795906fdba5f5466310dd583eebebe9e80afaff8830
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68f4a6009b77ef6b5cc867f57d0095ff7db697d95821fc747e5dae6cecdf79b9
6a45b3bf56f7e146372d88e6f43c9e3ea619f9d5175c12339730bfc0eabe23f0
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
74840c6a90233c5dc5fa9794c943539ff476fb3246073ab31422110cda1ea072
78a26eba5abb0a6132d9cbc8812cb4f85ad048d95cc22435b9935ce6983dd212
7999e7aad61877bc328e95c5b1ae7419e4e53ec24151d3a6c2253f17467b3163
7f5125217d1ef16b021cc5c94724846ae2e0a9e899190172fb36160c03dbaf5a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
898fd503201ef7a34909191f7f8328387d15fab7937526d899e6ef9919403db9
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c4202ca2b0e7ca9d93e89d4da57a47f80316b719566579ae277eff7076f0809
8cf2eaed2dda34e5225e68b12ac4eab7c29af4c0d8428cc7c6cf84538c7b2002
8fb531da663fb8967dbc126518537b258a94cb75c761c0e1e354f826fd1f1bb7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93d8a756d6339db50455dcad7ee3b37226ca2e56bc3df52034f406dbd3d234cf
945993d20298c945717fc53264921fa5bbd6951d9ddc8e90eb5ecc287d1293d8
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
aae9276b9b714beeb56a74b322f00e1812fc3525b82211b6641b6eb2d971da6e
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715
ada2b7b8e97b28a0c397cf381249d2ba6b7bd3c6f028cb071ef548e6451d31e7
b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79
b07b04bb71a26f9ef037e3a1d6ea5b42bce2934d0a016a93a1e6d0fdda8a58c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3acce24017949185a1f304970dd14fc0ba4b48e9a179bf01b8bf030f4d98722
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b6bd0e2ebcb4e0a35e3b4c07f647976dc8a37088de6887bb1ac47fb46452f4e4
b6d3e156c7150e6ed781880ebe57c986b7828ec5af813ab91caac58e9c421a3f
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
bf0f02ba1e09f22ee7fa465076dd59cfe58f1f99b55b1866089e6c3ee2d7d217
bfd430db300f5f88282e09bff292af9926fb9a7771337b25ce0b1d3965ff437b
c05cfa33bd1c16cad0b9dbb60bbe03ebdb45f4c6c7bdb420f14020a7d88ebd5c
c0b18af7ffbea00e11e274d86c2c66b5c1b9e03590056625c43b4061f518f91b
c2475c81f947b477b9263a56d081e12ac4ee2e13ba9fbafca0e7f087b43fadf4
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c91c877732622b76a6d0e2b7e400b39bcde9c71eea14879a4ae8d369a940ad60
cb6afb5c51ce8c2999fce27c3ad1ff8be0f26bf71259fbffe8a76efe257eef51
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
ce38636bf68d0ff8f23cbdbb766880adde631cd0904e41433799b41a3c14199e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d13cca4c7ccd4611fcbd5d78128421864167e2505534cac1b3267ce0630fb8ab
dab54bcaadf48b495943a87d7aa2225f3f5eb02a15153b0e2f5b14ff6bd4e0bd
ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de622677e7b5ca44db0124b2224df98899a99884fe22d519a7645e77e51d2a96
e2a7c5b4b1ca9564a20d81f2a80b429c5614266a9688f7a9ef1e13e69a6479e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e571f6b08e75da1916180b9003e1dbeebaeb6bd7f757035e829cd0657a70496d
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba
f2447a6647c20cded4a81d2267acc3bdc71864f0da8a9999527fce36eeb5fc8c
fa57c3f9d183c672e35364859903c259235517855e530d6707404031c7b3db97
fb5e28fdd0de7a44d791caced2ba3ee08ff0935a1eb0cb0cd2e26cbfe9eaa385
fb5fda26787e80330f7329cd8ddf24eed2fb2d89757c347743cd0ad73d3a1877
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fd4afd174f3f587276ebcee91ab7e20924b0e91aecdb1f49d7c14a98f2208019
ffd2b8d763da217d1a1e46d625386c16d1e64fd4efa57d5ecc9d3ae6e6dfc837

www.computerweekly.com Open in urlscan Pro 206.19.49.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

169 Requests

100 %HTTPS

50 %IPv6

27 Domains

47 Subdomains

51 IPs

5 Countries

2613 kBTransfer

7350 kBSize

1 Cookies

46 Outgoing links

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.computerweekly.com Open in urlscan Pro
206.19.49.153 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

100 %
HTTPS

50 %
IPv6

27
Domains

47
Subdomains

51
IPs

5
Countries

2613 kB
Transfer

7350 kB
Size

1
Cookies

169 HTTP transactions
5 data transactions