urlscan.io logo urlscan.io
SecurityTrails logo

www.cshub.com Open in urlscan Pro
15.197.145.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go2.lenovo.com/MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs6O64ZlXA0aWN3QU=
Effective URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC...
Submission: On July 06 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 5 countries across 35 domains to perform 104 HTTP transactions. The main IP is 15.197.145.235, located in United States and belongs to AMAZON-02, US. The main domain is www.cshub.com.
TLS certificate: Issued by Amazon on November 19th 2021. Valid for: a year.
This is the only time www.cshub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.71.206 13335 (CLOUDFLAR...)
4 15.197.145.235 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 142.250.185.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
8 104.75.88.126 16625 (AKAMAI-AS)
1 13.224.189.122 16509 (AMAZON-02)
1 142.250.184.226 15169 (GOOGLE)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
5 52.217.12.28 16509 (AMAZON-02)
8 104.92.74.202 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.35.237.151 16625 (AKAMAI-AS)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 34.111.234.236 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.197.172.119 14618 (AMAZON-AES)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
5 54.175.196.26 14618 (AMAZON-AES)
1 18.66.122.23 16509 (AMAZON-02)
5 52.222.236.80 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 96.16.149.96 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 142.0.165.179 7160 (NETDYNAMICS)
2 185.33.220.244 29990 (ASN-APPNEX)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 151.101.2.137 54113 (FASTLY)
1 52.89.175.79 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
104 44
1    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go2.lenovo.com
4    15.197.145.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6944592cd18e7142.awsglobalaccelerator.com
www.cshub.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
8    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
1    13.224.189.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-122.fra2.r.cloudfront.net
assets.pcrl.co
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
9    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
5    52.217.12.28 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
plsadaptive.s3.amazonaws.com
8    104.92.74.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-202.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2606:4700:3037::6815:52a3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.feathr.co
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.197.172.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-172-119.compute-1.amazonaws.com
in.ml314.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    54.175.196.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-196-26.compute-1.amazonaws.com
polo.feathr.co
1    18.66.122.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-23.fra60.r.cloudfront.net
marco.feathr.co
5    52.222.236.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-80.fra56.r.cloudfront.net
system.picreel.com
1    2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    96.16.149.96 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-149-96.deploy.static.akamaitechnologies.com
img04.en25.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    142.0.165.179 (United States)

ASN7160 (NETDYNAMICS, US)
s893759278.t.eloqua.com
2    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    2a02:26f0:1700:1b1::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    52.89.175.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-175-79.us-west-2.compute.amazonaws.com
app.picreel.com
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
10 6sc.co
j.6sc.co — Cisco Umbrella Rank: 7170
c.6sc.co — Cisco Umbrella Rank: 10598
ipv6.6sc.co — Cisco Umbrella Rank: 7405
b.6sc.co — Cisco Umbrella Rank: 4734
15 KB
9 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 7221
geolocation.onetrust.com — Cisco Umbrella Rank: 766
119 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
392 KB
7 feathr.co
cdn.feathr.co — Cisco Umbrella Rank: 18897
polo.feathr.co — Cisco Umbrella Rank: 13930
marco.feathr.co — Cisco Umbrella Rank: 14357
55 KB
7 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1484
m.addthis.com — Cisco Umbrella Rank: 1421
api-public.addthis.com — Cisco Umbrella Rank: 4298
218 KB
6 picreel.com
system.picreel.com — Cisco Umbrella Rank: 112404
app.picreel.com — Cisco Umbrella Rank: 129178
33 KB
5 amazonaws.com
plsadaptive.s3.amazonaws.com — Cisco Umbrella Rank: 127636
117 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
158 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 8
23 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
www.linkedin.com — Cisco Umbrella Rank: 485
px4.ads.linkedin.com — Cisco Umbrella Rank: 5675
4 KB
4 cshub.com
www.cshub.com
3 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 2733
20 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1532
in.ml314.com — Cisco Umbrella Rank: 8141
32 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
ajax.googleapis.com — Cisco Umbrella Rank: 307
93 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 964
107 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
143 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 284
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 408
1 KB
2 eloqua.com
s893759278.t.eloqua.com — Cisco Umbrella Rank: 128821
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
315 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
4 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 412
18 KB
1 en25.com
img04.en25.com — Cisco Umbrella Rank: 14978
6 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1711
983 B
1 google.fr
www.google.fr — Cisco Umbrella Rank: 13250
548 B
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 5501
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 780
3 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 406
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
17 KB
1 pcrl.co
assets.pcrl.co — Cisco Umbrella Rank: 109899
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
5 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 630
24 KB
1 lenovo.com
go2.lenovo.com — Cisco Umbrella Rank: 956352
1 KB
0 adsrvr.org Failed
match.adsrvr.org Failed
104 35
Domain Requested by
8 cdn-ukwest.onetrust.com www.cshub.com
5 b.6sc.co
5 system.picreel.com assets.pcrl.co
www.cshub.com
app.picreel.com
5 polo.feathr.co www.cshub.com
5 plsadaptive.s3.amazonaws.com www.cshub.com
4 www.gstatic.com www.cshub.com
www.google.com
www.gstatic.com
4 www.google.com www.cshub.com
www.google.com
4 www.cshub.com go2.lenovo.com
www.cshub.com
3 api-public.addthis.com www.cshub.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 s7.addthis.com www.cshub.com
s7.addthis.com
3 use.fontawesome.com www.cshub.com
use.fontawesome.com
3 www.googletagmanager.com www.cshub.com
3 securepubads.g.doubleclick.net www.cshub.com
2 bam.nr-data.net www.cshub.com
2 ipv6.6sc.co www.cshub.com
2 c.6sc.co www.cshub.com
2 secure.adnxs.com www.cshub.com
2 s893759278.t.eloqua.com 1 redirects www.cshub.com
2 www.facebook.com www.cshub.com
2 px.ads.linkedin.com 2 redirects
2 www.google-analytics.com www.cshub.com
2 ml314.com www.cshub.com
2 connect.facebook.net www.cshub.com
2 fonts.googleapis.com www.cshub.com
1 cdnjs.cloudflare.com app.picreel.com
1 ajax.googleapis.com app.picreel.com
1 app.picreel.com www.cshub.com
1 js-agent.newrelic.com www.cshub.com
1 img04.en25.com www.cshub.com
1 m.addthis.com www.cshub.com
1 v1.addthisedge.com www.cshub.com
1 stats.g.doubleclick.net www.cshub.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.fr www.cshub.com
1 ws.zoominfo.com www.cshub.com
1 marco.feathr.co www.cshub.com
1 googleads.g.doubleclick.net www.cshub.com
1 geolocation.onetrust.com www.cshub.com
1 px4.ads.linkedin.com www.cshub.com
1 www.linkedin.com 1 redirects
1 in.ml314.com www.cshub.com
1 cdn.feathr.co www.cshub.com
1 snap.licdn.com www.cshub.com
1 z.moatads.com www.cshub.com
1 j.6sc.co www.cshub.com
1 www.googleadservices.com www.cshub.com
1 assets.pcrl.co www.cshub.com
1 cdn.jsdelivr.net www.cshub.com
1 code.jquery.com www.cshub.com
1 go2.lenovo.com
0 match.adsrvr.org Failed www.cshub.com
104 52
Subject Issuer Validity Valid
go2.lenovo.com
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
www.enterprisedigi.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
assets.pcrl.co
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2020-05-21 -
2022-07-27		 2 years crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-08 -
2023-03-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-16 -
2022-07-15		 3 months crt.sh
ml314.com
GTS CA 1D4		 2022-06-23 -
2022-09-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
polo.feathr.co
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
marco.feathr.co
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
system.picreel.com
Amazon		 2021-11-27 -
2022-12-25		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.en25.com
DigiCert SHA2 Secure Server CA		 2021-09-14 -
2022-09-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.picreel.com
Amazon		 2021-11-27 -
2022-12-25		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Frame ID: 8EA8713F663BB5BA3850961C63A81AC1
Requests: 92 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1F9CF6DEC8386EEA5A9F18A001D86B7E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 889F483134C61F4C3125260D144D7D93
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
Frame ID: C0473074BEE5D00E0CA5D6867BDA54DB
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6410317846A1ABC0752269E532C4C553
Requests: 1 HTTP requests in this frame

Frame: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.cshub.com%252Fattacks%252Farticles%252Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%253Fmkt_tok%253DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&source_host=https%253A%252F%252Fwww.cshub.com&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F103.0.5060.53%2520Safari%252F537.36&referrer=https%3A%2F%2Fgo2.lenovo.com%2F&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Frame ID: 9A80660FC6A6BAF50DE161512E7BBD17
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Five ransomware attacks in 2022 so far you should know about | Cyber Security HubFacebookTwitterLinkedInEmailPrintAddThisBack ButtonSearch IconFilter IconFacebookTwitterLinkedInEmailPrintAddThisFacebookTwitterLinkedInEmailPrintAddThis

Page URL History Show full URLs

  1. https://go2.lenovo.com/MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs... Page URL
  2. https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-abou... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

104
Requests

96 %
HTTPS

52 %
IPv6

35
Domains

52
Subdomains

44
IPs

5
Countries

5085 kB
Transfer

8042 kB
Size

39
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go2.lenovo.com/MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs6O64ZlXA0aWN3QU= Page URL
  2. https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D49766%26time%3D1657098693077%26url%3Dhttps%253A%252F%252Fwww.cshub.com%252Fattacks%252Farticles%252Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%253Fmkt_tok%253DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&liSync=true&e_ipv6=AQKKLlBhFuS4DgAAAYHSx2ytBB_qG7sGUMAROxtwotg6RfjyV9zxF01WhGGh7Yvw8L2nel8
Request Chain 65
  • https://s893759278.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&ref2=https%3A%2F%2Fgo2.lenovo.com%2F&tzo=0&ms=880&optin=disabled HTTP 302
  • https://s893759278.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&ref2=https%3A%2F%2Fgo2.lenovo.com%2F&tzo=0&ms=880&optin=disabled&elqCookie=1

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs6O64ZlXA0aWN3QU=
go2.lenovo.com/ 		593 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go2.lenovo.com/MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs6O64ZlXA0aWN3QU=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-JfqoONEyXbIZ0mLfSb/x/+PZYXYBcmf1VGtwG/xLQqQ=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
726736a41bf5ee23-CDG
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-JfqoONEyXbIZ0mLfSb/x/+PZYXYBcmf1VGtwG/xLQqQ=';object-src 'none';form-action:'none';frame-src:'none'
content-type
text/html;charset=UTF-8
date
Wed, 06 Jul 2022 09:11:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
strict-origin
server
cloudflare
x-frame-options
SAMEORIGIN
x-request-id
e9519df3647cab9c
Primary Request five-ransomware-attacks-in-2022-so-far-you-should-know-about
www.cshub.com/attacks/articles/ 		464 KB
97 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Requested by
Host: go2.lenovo.com
URL: https://go2.lenovo.com/MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs6O64ZlXA0aWN3QU=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.145.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6944592cd18e7142.awsglobalaccelerator.com
Software
nginx /
Resource Hash
922311ea397903e3ce2137c49bb1b69ee24bb548b9682196175f07cc8cb06b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://go2.lenovo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 09:11:32 GMT
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff nosniff
x-download-options
noopen
x-frame-options
sameorigin SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block 1; mode=block
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-10fdd"
vary
Accept-Encoding
x-hw
1657098692.dop222.pa1.t,1657098692.cds248.pa1.hn,1657098692.cds228.pa1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23856
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
46c73e79835ebdf63bb9f1f56816ea9a1f4a40e5b6b0111f4fb6ef2c3f834108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28010
x-xss-protection
0
server
sffe
etag
"1265 / 293 of 1000 / last-modified: 1657096850"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Jul 2022 09:11:32 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3734990-33
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e05b54c228be898dc69492b261a41402c5efb50fa38ac4d46c6614afab487453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40360
x-xss-protection
0
expires
Wed, 06 Jul 2022 09:11:32 GMT
app_web.css
www.cshub.com/css/ 		699 KB
701 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cshub.com/css/app_web.css?id=8351a6bb57eaa82fa916
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.145.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6944592cd18e7142.awsglobalaccelerator.com
Software
nginx /
Resource Hash
626c9c4f709bcaaddb082c039d026a475f0d469d470bf6c0931e4265b3c98843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 Jul 2022 13:51:24 GMT
server
nginx
etag
"62c441dc-aed37"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
716087
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 09:11:32 GMT
animate.min.css
cdn.jsdelivr.net/npm/animate.css@3.5.2/ 		52 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/animate.css@3.5.2/animate.min.css
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cshub.com/
Origin
https://www.cshub.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9244185
x-jsd-version
3.5.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19177-FRA, cache-cdg20730-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"ce35-l6+hUVafBGsuAfJ8GHFkbpzYfK8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5joQQRi7%2FH%2Fg798QyfqBHkazuOojc5Vu%2F4YCCA1zebBlsjtEHfqiXNX50p6aXm4wuuy2xVOBeKulqtQ2xcf%2BRIXPLFm%2FzDnYO4QUfYAQ0aCWEwo42FDBOodbQoLaMnUJSB2vgpMuM%2B%2FdcRjkdjc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
726736ac3fd10476-CDG
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.cshub.com/
Origin
https://www.cshub.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11921063
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GJZRQ1NSKME6MB6J
x-amz-id-2
a4dTPBHOdLCYXeEw6cgbfZiCJHdYZbmUmwbopb345qPUKoDrmoBpmBqRMnykV8m5prBXN3m1SWI=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJJ1NRNtFrerOzRrojGl4kShZUJRUxk1ta7zji1P%2B%2BwSVgm%2BIKYypmH5V%2ByH6fi6cZmyLr0o6Tqhj6Q6JMRXGE8l7V1GgbBmTQ5KTZmbgppM0Z9VjHwwtPKmxmmXY6t%2BAUdAs8R3ennuCrajvBK9d9DK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
726736ac585d40cf-CDG
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 06 Jul 2022 09:11:32 GMT
x-host
s7.addthis.com
content-length
116379
jstracker.min.js
assets.pcrl.co/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pcrl.co/js/jstracker.min.js?geo=1
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-122.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adf33148613cb07d00c1da3473cf3d7ce89a94c3e2075a065772bcb852f65b71

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
ILWpFNHKyzE1o_od3IQyxMI3qjjCp8cy
Content-Encoding
gzip
ETag
"3b9aad01eeeb35815f6d1641a4650d6c"
Age
5276
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1356
Last-Modified
Thu, 16 May 2019 15:18:55 GMT
Server
AmazonS3
Date
Wed, 06 Jul 2022 07:45:13 GMT
Content-Type
application/javascript
Via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
Cache-Control
max-age=21600, must-revalidate
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
nE8iexAIoblPYh-r9hPgjmTMIi47Fo-9DN-LF89rsOpNdiJ6PfwVAw==
conversion.js
www.googleadservices.com/pagead/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2e663c90d0791ce7c3c8e6f128f4235e27136aaedf47da80a37b30ea30a6f3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17004
x-xss-protection
0
server
cafe
etag
9991687517519860934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Jul 2022 09:11:33 GMT
OtAutoBlock.js
cdn-ukwest.onetrust.com/consent/f3087b92-acdd-4c38-8d44-dd965cf5e355/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/f3087b92-acdd-4c38-8d44-dd965cf5e355/OtAutoBlock.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117057216d5fd2c1556691fc2f45c0868e2a51c40cceed495b3ba4918a21dcbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
E0Q1Ptg04ArECa0GOr1/gg==
age
6482
content-length
1830
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 18:01:26 GMT
server
cloudflare
etag
0x8D9F62D581F441A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b9ee5af0-201e-0031-51cd-8c7f4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726736ac4ed899e5-CDG
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
jaQOgzI9+ZkWZRPB/GIusQ==
age
7086
content-length
6921
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jun 2022 20:20:00 GMT
server
cloudflare
etag
0x8DA548C9562B5AE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
847d33b1-e01e-002c-5ccd-8ca6a6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726736ac4edc99e5-CDG
expires
Wed, 06 Jul 2022 13:11:32 GMT
cshub-logo-lg_1.png
plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/cshub-logo-lg_1.png
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.12.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
26638ae0340d7728d6ce89bd9d70d323400d22363d021426c007f3e172a0d566

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:34 GMT
Last-Modified
Wed, 21 Nov 2018 19:59:50 GMT
Server
AmazonS3
x-amz-request-id
NRK08N3DMQWAK20G
ETag
"4c74827af08c1b02b8751c7700c34f59"
Content-Type
image/png
x-amz-version-id
qPE5jO6aLXhbGvBRl2dLAndhIlaMB99z
Accept-Ranges
bytes
Content-Length
13898
x-amz-id-2
HtkGjLsmXOM+ICh5pFJkWnRvRA6ONUxsqMy7NONycy476ox/Voso+JfNdoZWku8pugy98sstgKM=
app_web.js
www.cshub.com/js/ 		2 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cshub.com/js/app_web.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.145.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6944592cd18e7142.awsglobalaccelerator.com
Software
nginx /
Resource Hash
1413250a670f7082e8f76a5a848d1a24dd1d5f6029639b3dbf43bd35884da6ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 Jul 2022 13:51:24 GMT
server
nginx
etag
"62c441dc-27f85c"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2619484
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 09:11:32 GMT
gtm.js
www.googletagmanager.com/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBSLLHZ
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d2032ccb439f7c7d45a1730cca79e03165aac361ccf42146db7d3b3837061d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34763
x-xss-protection
0
expires
Wed, 06 Jul 2022 09:11:33 GMT
6si.min.js
j.6sc.co/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9715
Pragma
no-cache
Last-Modified
Thu, 05 May 2022 03:45:17 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6273484d-7b02"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 06 Jul 2022 09:11:33 GMT
pubads_impl_2022063001.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068311
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 07:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130816
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 06 Jul 2023 07:07:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		35 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cshub.com
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0cbfdf04b7ae1d0a0976be464492abc4f7552c4c6c46fb296289e7e55bf2da2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Jul 2022 09:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49
x-xss-protection
0
expires
Wed, 06 Jul 2022 09:11:32 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/css/app_web.css?id=8351a6bb57eaa82fa916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85a93a93f30f3ad5c2ffe2cb090c08173e725870f83a7af9c140659dcfe20293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 08:31:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 09:11:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 09:11:32 GMT
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:300,400,500,600,700,800,900
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/css/app_web.css?id=8351a6bb57eaa82fa916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=26463
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=58521
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
boomerang.min.js
cdn.feathr.co/js/ 		178 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.feathr.co/js/boomerang.min.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:52a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6847075a7d6c774a99989f77472cf635e12e7d005795d626480732b9f49e360

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7081
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5C4V13810TH2B5XC
x-amz-id-2
JwTBldokM0UA0mMo+8Qs4nBc84RMmuysfHlZY8QA9tpYbO4nsSaLBkBd6gAgp/prCxac69dyq4M=
last-modified
Mon, 23 May 2022 14:40:33 GMT
server
cloudflare
etag
W/"248dc70bdbd776d19e245e6a5bd0da7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bgwpyszrxh2q6VmB48DNteuUjneirggDuTmIKzxsu%2B1pzYJbUrML8BYxsJ%2F9JTCocBV2QIPCOy5mnBNIE5AVBU7M8zDegPiz4vEYhzJiFGhtyPgmrSziiW5yE8AgrEPKsi%2Fmg1QouC%2BwsWFt"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
726736af7e4732b2-CDG
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25939
x-xss-protection
0
pragma
public
x-fb-debug
NNKn3kQtKZnvWg1MKizgY0X8cE86xG+D0ADkPrZP6RQtEv6oHRVSPkHo7aa1c6jd9raUJnnxtjG+q01Y+cA4xQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 06 Jul 2022 09:11:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.aspx
ml314.com/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?662022
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:39:20 GMT
age
1933
x-guploader-uploadid
ADPycdvPpliWXp0cJt-qEU25vY0xT_CxGIXos6oumwzbkB-XDMcyOdKuty0TtNhZL3Ze_vt9ZPP4V984INs2X8iNqIMVPg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32025
last-modified
Mon, 04 Apr 2022 15:43:44 GMT
server
UploadServer
cache-control
public,max-age=3600
etag
"25b1f355dd487bdf5381a749056080c4"
x-goog-hash
crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation
1649087024620619
cache-id
PAR-31976c84
x-cache-hit
hit
x-goog-stored-content-length
32025
accept-ranges
bytes
content-type
application/javascript
f3087b92-acdd-4c38-8d44-dd965cf5e355.json
cdn-ukwest.onetrust.com/consent/f3087b92-acdd-4c38-8d44-dd965cf5e355/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/f3087b92-acdd-4c38-8d44-dd965cf5e355/f3087b92-acdd-4c38-8d44-dd965cf5e355.json
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
455cfba4ecbc088292018637ad2017491f16404d25858abf8e5a078f171ca476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
cvt1zlQnZZZxDObKj49Tlg==
content-length
1577
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 18:01:26 GMT
server
cloudflare
etag
0x8D9F62D5811FEC9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
850a1bcf-501e-0035-7bcd-8c8ace000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726736af5e1908a3-CDG
truncated
/ 		330 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
793d351cc866196d17887ea6ef5ff0ea5458cb2e88a7e73e92c43ec0dcdb6285

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cshub.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 19:26:32 GMT
x-content-type-options
nosniff
age
567901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:53:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:26:32 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.cshub.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4471257
cf-ray
726736af4dd799a2-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44068
x-amz-id-2
GSiwoNzkgrm5/BpIVqetJTebmCai++GykFhsoJAtjU0m0ArqWuCOZfg17kfarrAMyFukdF2jEnA=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I71UFiQIjc3S%2BPLnOIckiSt%2BXL7l2qjNXebzd0Cnjn6gPOeVZgNPGYu8nu8cmXgvH5i1mD4okK7ynk%2BUL6vXaVVsEKhYwdCy9K%2BjjN92Ea%2F8SA60HL8PNowBGP4TxOw%2B4Q%2FiC03kCgwVd32VmVPcDrXl"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
CN2VH72XBSCQSY6Z
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.cshub.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11150308
cf-ray
726736af7e3e99a2-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55144
x-amz-id-2
7sF1tJ1+W4g1qRTy4CxvTqgMQYxWkGg7wWURIpTOphJeFxcQBoSm47pmEtKV/ZZqvF05VmDJBs0=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFR9Y0YNuqpx5nv154WcNkTaJl8sTjk3BqMLdZqiNjjc4SVOMzHCP5icJanP%2BMpQAxFFwSzjsri3an9fXU8nh6OjC2BQRCyMoWN4EQBjz8ctd0MczzO%2FxHeVfTHdfZvwSYWSIboVKbiQkWroRBy4BsTm"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
9Y1NTABMQZQZ2EER
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
404
date
Wed, 06 Jul 2022 09:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 06 Jul 2022 11:04:49 GMT
utsync.ashx
ml314.com/ 		62 B
81 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=82660&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&pv=1657098693053_qatz81u1m&bl=en-us&cb=5658228&return=&ht=&d=&dc=&si=1657098693053_qatz81u1m&cid=Cyber%20Security%20Hub-%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about&s=1600x1200&rp=https%3A%2F%2Fgo2.lenovo.com%2F&v=2.5.1.2
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:32 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
expires
0
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=662022&v=2.5.1.2
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.172.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-172-119.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:32 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Thu, 07 Jul 2022 09:11:33 GMT
697992860269740
connect.facebook.net/signals/config/ 		291 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/697992860269740?v=2.9.64&r=stable
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e45bc36be23edeebd5e86f8edfbf5e80800784c4524b7b8cfac39770b05b84fd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
VoKsOwS0Ch5FzeY0qIVqkdPi+RMCth5Jh5D50lOWC6x3o2omp2HF6Oesc011216Gi6cRowi/SHofXQFBfe7J1A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 06 Jul 2022 09:11:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1657098693223
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D49766%26time%3D1657098693077%26url%3Dhttps%253A%252F%252Fwww.cshub.com%252Fattack...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmk...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&liSync=true&e_ipv6=AQKKLlBhFuS4DgAAAYHSx2ytBB_qG7sGUMAROxtwotg6RfjyV9zxF01WhGGh7Yvw8L2nel8
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 66E7B8C5DC0541E3BEAF4647E5E7094D Ref B: LON212050703053 Ref C: 2022-07-06T09:11:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjH1sDPd34L4Z25iocsw==
x-li-fabric
prod-lva1

Redirect headers

date
Wed, 06 Jul 2022 09:11:33 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8BC79EC27C43441AAF74BBC6234B1873 Ref B: AMSEDGE1012 Ref C: 2022-07-06T09:11:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=49766&time=1657098693077&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&liSync=true&e_ipv6=AQKKLlBhFuS4DgAAAYHSx2ytBB_qG7sGUMAROxtwotg6RfjyV9zxF01WhGGh7Yvw8L2nel8
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjH1sATgpXW3A0mSG0yQ==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		181 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8efdafb12c6472fe49ae4fb599ec177e4f083cb1f6e357c6afb1158a26c28e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.cshub.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
726736afdec908a3-CDG
access-control-allow-headers
Content-Type
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064507893/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064507893/?random=1657098693098&cv=9&fst=1657098693098&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&ref=https%3A%2F%2Fgo2.lenovo.com%2F&tiba=Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8b9abe4878dd0b411fad1099ba81e274f6c375942b1b3100bc77f1b99e5587c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1243
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrations
polo.feathr.co/v1/accounts/5850143e7c1fea34ebb31cca/ 		42 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5850143e7c1fea34ebb31cca/integrations
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.196.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-196-26.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
faa1444cbae74aad09a3bae4849dd1b0fead937d10b8b79321da628b461f59bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
42
refresh
marco.feathr.co/v1/ 		43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marco.feathr.co/v1/refresh
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-23.fra60.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
683dfc8a-ae11-4477-aa1e-12753900b38d
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62c551c5-448d264a5ccaadbe4ad33838;Sampled=0
x-cache
Miss from cloudfront
x-amz-apigw-id
U1m23HNnIAMFWvw=
content-length
43
x-amz-cf-id
V1Y_1rrEb8J16gXgGrnD9XdXp8urPxxmlPjVDaYPqE6kmdmjvnKhUg==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key
blocked_sites.js
system.picreel.com/js/ 		281 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/blocked_sites.js
Requested by
Host: assets.pcrl.co
URL: https://assets.pcrl.co/js/jstracker.min.js?geo=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c65aa2b99ceeb0595c8d26af4d026a062fbfae7402667ccd7fa626e43c4f5cbc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
tBnfWhrOfFymnPiDm.89fw0yzvTPUS4E
Via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 May 2019 05:28:18 GMT
Server
AmazonS3
Age
3943
ETag
"cfe5c6de5d18b2265cc2f986399af585"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 06 Jul 2022 08:06:15 GMT
X-Amz-Cf-Pop
FRA56-P4
Accept-Ranges
bytes
Content-Length
281
X-Amz-Cf-Id
V6HEXD_vnttzIpiXDNnuhxAimkkjeONildDzJqSUJkjWT5l8lXr3iQ==
js
www.googletagmanager.com/gtag/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-92LEFJD17H&l=dataLayer&cx=c
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1ebf28d92bfd1ca5e0125f8a6179abf451a742e531334dde50c61ce9b909d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71189
x-xss-protection
0
expires
Wed, 06 Jul 2022 09:11:33 GMT
62c2c4765c57d10090d6e345
ws.zoominfo.com/pixel/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/62c2c4765c57d10090d6e345
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7d1cf6a82d5551f0ec3e18098208f40a31dba7d94c865f5444a4dbed9445965a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
726736b0c9d040cf-CDG
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via
1.1 google
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.29.0/ 		326 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.29.0/otBannerSdk.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de85ba404ac743bd5b7119b9a5dcad583fc9868f530e009e6b281bc1182023b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
dyhe7y2enj8bR8NtKm1KVA==
age
6547
content-length
79402
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jan 2022 21:31:18 GMT
server
cloudflare
etag
0x8D9D549B4923C9F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3c0ed031-401e-0003-4bcd-8c279c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726736b0796c99e5-CDG
expires
Wed, 06 Jul 2022 13:11:33 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1057989136&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&dr=https%3A%2F%2Fgo2.lenovo.com%2F&ul=en-us&de=UTF-8&dt=Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1561368804&gjid=256836059&cid=603532503.1657098693&tid=UA-3734990-33&_gid=345788951.1657098693&_r=1&gtm=2ou6t0&z=1547752681
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cshub.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cshub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1064507893/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1064507893/?random=1657098693098&cv=9&fst=1657098000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&ref=https%3A%2F%2Fgo2.lenovo.com%2F&tiba=Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub&fmt=3&is_vtc=1&random=2199453987&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/1064507893/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/1064507893/?random=1657098693098&cv=9&fst=1657098000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&ref=https%3A%2F%2Fgo2.lenovo.com%2F&tiba=Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub&fmt=3&is_vtc=1&random=2199453987&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn-ukwest.onetrust.com/consent/f3087b92-acdd-4c38-8d44-dd965cf5e355/c31d6979-9fca-4221-8652-07dceb62f775/ 		53 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/f3087b92-acdd-4c38-8d44-dd965cf5e355/c31d6979-9fca-4221-8652-07dceb62f775/en.json
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af6648007fdbfed0c265918e8e86bfcae010029cca50ab22cc370c7c73979e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
koSjhoFJJUBJtHMXaYagZA==
content-length
10770
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 18:01:33 GMT
server
cloudflare
etag
0x8D9F62D5C5761B1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3424f26e-e01e-004a-76da-8c14fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726736b10ff508a3-CDG
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-92LEFJD17H&gtm=2oe6t0&_p=1057989136&_z=ccd.v9B&cid=603532503.1657098693&ul=en-us&sr=1600x1200&_s=1&sid=1657098693&sct=1&seg=0&dl=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&dr=https%3A%2F%2Fgo2.lenovo.com%2F&dt=Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-92LEFJD17H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cshub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		852 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8b0a3f2ce05a7a9b19c0e6dc3cb4d3aea3f67752e51655c14d7fcfaa3acd8f49
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 06 Jul 2022 09:11:33 GMT
comments
www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about/comments
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.145.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6944592cd18e7142.awsglobalaccelerator.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-NewRelic-ID
VgQCWFJTCBABUVdUDgYDVFMF
X-XSRF-TOKEN
eyJpdiI6ImVmdnNIVVlBaTdVSzYxM3ZweC9xQVE9PSIsInZhbHVlIjoiaHgzM1ZBSE94aWppOEZLNVU5R3pDR3dWamI4TUZKL1hva3J1MFJnRjNCcE9kbGlBQlRKMDJZWFJiK0V4dGdXSlpVamEvQ0JVUTEwWGM3am5pRG9FK1FFMEJtWkxKNTBzbVdBdTBYZHpwWVk0Y0RXY25SOXEvRE9kbnNaelY0VG8iLCJtYWMiOiIzN2RlNDM5Y2RiNGViMDIyYTI0MWE5NDNjMzNhNmZlNzA5ODI4Y2Y1NDFlZjY3OTJhYzMyYWJhMzIzZmQyYWI1IiwidGFnIjoiIn0=
tracestate
2259400@nr=0-1-2259400-1588686057-9e598f7166c12041----1657098693657
traceparent
00-d7b717aa8b931670271ae312a6687cf5-9e598f7166c12041-01
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIyNTk0MDAiLCJhcCI6IjE1ODg2ODYwNTciLCJpZCI6IjllNTk4ZjcxNjZjMTIwNDEiLCJ0ciI6ImQ3YjcxN2FhOGI5MzE2NzAyNzFhZTMxMmE2Njg3Y2Y1IiwidGkiOjE2NTcwOTg2OTM2NTd9fQ==
Accept
application/json, text/plain, */*
Referer
https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
sameorigin, SAMEORIGIN
content-type
application/json
x-permitted-cross-domain-policies
none
cache-control
no-cache, private
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block, 1; mode=block
x-content-type-options
nosniff, nosniff
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3734990-33&cid=603532503.1657098693&jid=1561368804&gjid=256836059&_gid=345788951.1657098693&_u=YEBAAUAAAAAAAC~&z=761797630
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cshub.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 06 Jul 2022 09:11:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.cshub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
jstracker.content.min.js
system.picreel.com/js/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/jstracker.content.min.js?geo=1
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9a0b443fd4e86d9f0178db08c1e3a65c791fa5ecbc26579fc0eb907f34b6250

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
la3grxHRz0BLQ5fUsE9oHErs9Vn8VhH7
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 21 Mar 2022 07:04:03 GMT
Server
AmazonS3
Age
16511
ETag
W/"5b2a94eca166dad85ec3550e822b973e"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Wed, 06 Jul 2022 04:36:22 GMT
X-Amz-Cf-Pop
FRA56-P4
X-Amz-Cf-Id
WfCfjn8KNTYddI6orCWV6iX9B7iTH4QpZzhsVpsDE2tBvO1V6womPw==
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=697992860269740&ev=PageView&dl=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&rl=https%3A%2F%2Fgo2.lenovo.com%2F&if=false&ts=1657098693755&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657098693753.1607750255&it=1657098693068&coo=false&rqm=GET
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 06 Jul 2022 09:11:33 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-58c98c10e9fe273b/ 		3 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-58c98c10e9fe273b/_ate.track.config_resp
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c329a7f550d3ad4da104c51683286040480bf8e8d1922c7e825df1cd03b8b90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
etag
1989098345--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=26, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
807
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=62c551c443c61d7c&bkl=0&bl=1&pdt=882&sid=62c551c443c61d7c&pub=ra-58c98c10e9fe273b&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.cshub.com&dr=go2.lenovo.com&fp=attacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&mk=Ransomware%2Cransomware%20attack%2CPuma%2CBridgestone%2CLapsus%24%2CKronos%2CEncryption%2Cdata&colc=1657098693780&jsl=1&uvs=62c551c4820cc845000&skipb=1&callback=addthis.cbs.jsonp__75774585877860630
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
edcc2177610e3a04918619aa2f73e96c2d0d491974a4223ccce0d11dd8d4fdc5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:33 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1F9C 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 889F 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.cshub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Wed, 06 Jul 2022 09:11:33 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
elqCfg.min.js
img04.en25.com/i/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img04.en25.com/i/elqCfg.min.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-149-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Type
application/x-javascript
Last-Modified
Wed, 22 Jun 2022 13:18:58 GMT
ETag
"7795cda13a86d81:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
Date
Wed, 06 Jul 2022 09:11:33 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
6080
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Jul 2022 09:11:33 GMT
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.29.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.29.0/assets/otFlat.json
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
y712byf6x8Sf9hnOqWH0Sg==
content-length
2960
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jan 2022 21:31:07 GMT
server
cloudflare
etag
0x8D9D549AE105F8A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b36ca826-b01e-003f-3acd-8c9347000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726736b45c9908a3-CDG
expires
Wed, 06 Jul 2022 13:11:33 GMT
otPcPanel.json
cdn-ukwest.onetrust.com/scripttemplates/6.29.0/assets/v2/ 		48 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.29.0/assets/v2/otPcPanel.json
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102fc165e1134e9b3e0f6cc776a94f4e2591d5aa6a44373a306aa96d1404855f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
i43LxoH0+TrmZxMj/OesLQ==
content-length
11464
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jan 2022 21:31:10 GMT
server
cloudflare
etag
0x8D9D549AFB33DDA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5a0c5166-d01e-0060-78da-8c61b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726736b45c9b08a3-CDG
expires
Wed, 06 Jul 2022 13:11:33 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/6.29.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.29.0/assets/otCommonStyles.css
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 09:11:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jan 2022 21:31:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7550e2bf-d01e-0049-56cd-8c17fb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
726736b45c9d08a3-CDG
expires
Wed, 06 Jul 2022 13:11:33 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		367 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__fr.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe701bcbc7162712ec93fa8b5007964098d60957ee42c0c25d5454ff35a31e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cshub.com/
Origin
https://www.cshub.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147852
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 08:10:30 GMT
script.js
polo.feathr.co/v1/analytics/match/ 		290 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1657098693808
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.196.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-196-26.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
e23d2195bceec70f370c4959842cc9a67017fc3d19ce0a46be41917fa435c1a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:34 GMT
content-encoding
gzip
server
nginx/1.17.8
etag
W/"62c551c586fbd10009ebb0d2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
pixel.js
polo.feathr.co/v1/accounts/5850143e7c1fea34ebb31cca/ 		32 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5850143e7c1fea34ebb31cca/pixel.js?pk=feathr
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.196.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-196-26.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:34 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=14400
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
32
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 06 Jul 2022 09:11:33 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
svrGP.aspx
s893759278.t.eloqua.com/visitor/v200/
Redirect Chain
  • https://s893759278.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_t...
  • https://s893759278.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3F...
49 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s893759278.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&ref2=https%3A%2F%2Fgo2.lenovo.com%2F&tzo=0&ms=880&optin=disabled&elqCookie=1
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Server
142.0.165.179 , United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Type
image/gif
Date
Wed, 06 Jul 2022 09:11:34 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
49
X-Xss-Protection
1; mode=block
Expires
-1

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Wed, 06 Jul 2022 09:11:34 GMT
X-Robots-Tag
noindex, nofollow
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location
https://s893759278.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&ref2=https%3A%2F%2Fgo2.lenovo.com%2F&tzo=0&ms=880&optin=disabled&elqCookie=1
Cache-Control
no-store
Content-Type
text/html; charset=utf-8
Content-Length
561
X-Xss-Protection
1; mode=block
Expires
-1
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.cshub.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about
last-modified
Wed, 06 Jul 2022 09:00:00 GMT
server
nginx/1.15.8
date
Wed, 06 Jul 2022 09:11:34 GMT
content-type
application/json
access-control-allow-origin
https://www.cshub.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/ 		34 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about&callback=_ate.cbs.rcb_9l0j0
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
734bb9a8eba211118b8e87f554bf19071d8692762038064a466bb50d3d15efa1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about
last-modified
Wed, 06 Jul 2022 09:11:34 GMT
server
nginx/1.15.8
date
Wed, 06 Jul 2022 09:11:34 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
54
shares.json
api-public.addthis.com/url/ 		34 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about&callback=_ate.cbs.rcb_6gd40
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ce33bbc71f7acfabe853a25fb665c138922b5ba77f88a655ee2ef7f7ca0b9a9a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about
last-modified
Wed, 06 Jul 2022 09:11:34 GMT
server
nginx/1.15.8
date
Wed, 06 Jul 2022 09:11:34 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
54
anchor
www.google.com/recaptcha/api2/ Frame C047 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
59a1c8c961f38f90aaf7651abdbd792ac4c08c30e45201f37fecba57b3fd1c87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZX7lcVJxt-M1TazLXsE_qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cshub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21999
content-security-policy
script-src 'report-sample' 'nonce-ZX7lcVJxt-M1TazLXsE_qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Jul 2022 09:11:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ 		0
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame C047 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Jul 2023 09:05:01 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame C047 		367 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe701bcbc7162712ec93fa8b5007964098d60957ee42c0c25d5454ff35a31e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147852
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 08:10:30 GMT
/
www.facebook.com/tr/ Frame 6410 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.cshub.com
Referer
https://www.cshub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.cshub.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 06 Jul 2022 09:11:34 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C047 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 19:40:09 GMT
x-content-type-options
nosniff
age
480685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 07 Jul 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C047 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 11:18:05 GMT
x-content-type-options
nosniff
age
78809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Jul 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C047 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
51106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Jul 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C047 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
77721638bbe1b10c95e415dcea9db0325d108345174f9b0a6aeb75405b46e9dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1-yIeAAAAAOht7n0QE91ZQwEw2o5s2P21Jsbp&co=aHR0cHM6Ly93d3cuY3NodWIuY29tOjQ0Mw..&hl=fr&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7oa5d12a3tmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Wed, 06 Jul 2022 09:11:34 GMT
getuidj
secure.adnxs.com/ 		11 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 09:11:35 GMT
X-Proxy-Origin
178.33.144.177; 178.33.144.177; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
de873f23-99c4-46f2-aaa2-28f6939b9d8d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cshub.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		47 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3c49f0d14032c4ef837e96a9ef8e2c48d99273d09a2e82981bb6983e38a04c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:35 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.cshub.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
47
/
ipv6.6sc.co/ 		19 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1b1::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ccb68422a1e82aa776b318fa67c247f51dd6e4df655def91479bd6d7ebd67a28

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:35 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.cshub.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2001:41d0:d:364d::7
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
19
expires
Wed, 06 Jul 2022 09:11:35 GMT
getuidj
secure.adnxs.com/ 		11 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 09:11:35 GMT
X-Proxy-Origin
178.33.144.177; 178.33.144.177; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f2e61320-3022-4f67-92f1-722c056178ab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cshub.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		47 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3c49f0d14032c4ef837e96a9ef8e2c48d99273d09a2e82981bb6983e38a04c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:35 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.cshub.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
47
/
ipv6.6sc.co/ 		19 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1b1::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ccb68422a1e82aa776b318fa67c247f51dd6e4df655def91479bd6d7ebd67a28

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 09:11:35 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.cshub.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2001:41d0:d:364d::7
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
19
expires
Wed, 06 Jul 2022 09:11:35 GMT
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
etag
"63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id
DVZKJKT9VP6NDZB2
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
5lHwkYS3hCOFnVAfuSCVTZdLpPNEP34fG1a5I2b5gu/1sgkZZnzGCrEVRykB27yIf4OPzQpZ3xs=
x-served-by
cache-cdg20759-CDG
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1657098695.475169,VS0,VE0
date
Wed, 06 Jul 2022 09:11:35 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
7668
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
crystel_profile_picture2ZbByHD4bu1sW5UWZom6uVnfzhD1UBetlA9E2f1K.jpg
plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/crystel_profile_picture2ZbByHD4bu1sW5UWZom6uVnfzhD1UBetlA9E2f1K.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.12.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f54856e8508e92d3acbf997238745525d4b06c69b485aea50710cac890049c8d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 06 Jul 2022 09:11:36 GMT
Last-Modified
Thu, 07 Apr 2022 16:58:47 GMT
Server
AmazonS3
x-amz-request-id
67KRMQ4RD69C0QZW
ETag
"21ae425dc3635210b92f123179fbe1e8"
x-amz-version-id
Zw48fQHHs4e0jIfPrbYeTRSKGuWP2Zci
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
30003
x-amz-id-2
Uih9smeUbAddLQqdRU3xgKFUM5VTAc4keDMS8SrJMWlDYWFmyPiicvfhC+FxhPPO7Q+rZ0f4MnM=
ransomare_attack_logoTgMWljyUbJdEl0yYWF95PCODh2zZmEIbg7dUbm3t.jpg
plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/ransomare_attack_logoTgMWljyUbJdEl0yYWF95PCODh2zZmEIbg7dUbm3t.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.12.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7a359db93480a3e8983db5dd4b437c7a2632a6d09ea4c26ba8f568aea9ca3dec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 06 Jul 2022 09:11:36 GMT
Last-Modified
Wed, 20 Apr 2022 11:44:56 GMT
Server
AmazonS3
x-amz-request-id
67KNZY285V8R5VFR
ETag
"cd5b49dbd5ebb1239979bbc22810cea4"
x-amz-version-id
wGsejnyc_RghLwUTMKqMdpVG1JHEaSOf
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
21791
x-amz-id-2
VZ75tz4u0DX791swnss+75Zh/G+TBsdGauIzJWb5817WKNlly4H27L6J3vNUwuB0Ls5aphPDPiM=
pixel.js
polo.feathr.co/v1/accounts/5850143e7c1fea34ebb31cca/integrations/facebook/ 		0
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5850143e7c1fea34ebb31cca/integrations/facebook/pixel.js?pk=feathr
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.196.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-196-26.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:35 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
0
cd.min.js
system.picreel.com/js/ 		947 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/cd.min.js
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19307946d5d21a01e4fe16453f2e51b9d7d6226458d5f7de2af9a8bfb127f05d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
n_c1cIpGEJcZhJ9hIDMWj._AdYJJJMpt
Content-Encoding
gzip
ETag
"6db0367a3eaf0edafdc6fd27eeb4cc14"
Age
2087
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
447
Last-Modified
Tue, 14 May 2019 05:30:06 GMT
Server
AmazonS3
Date
Wed, 06 Jul 2022 08:36:49 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
Cache-Control
max-age=21600, must-revalidate
X-Amz-Cf-Pop
FRA56-P4
Accept-Ranges
bytes
X-Amz-Cf-Id
2sewULyEUAuuTTz-tmyMkCIRbOGKYLWD39sy3Bo1PsD4XsWg0DHatg==
get_template
app.picreel.com/api/ Frame 9A80 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.cshub.com%252Fattacks%252Farticles%252Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%253Fmkt_tok%253DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&source_host=https%253A%252F%252Fwww.cshub.com&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F103.0.5060.53%2520Safari%252F537.36&referrer=https%3A%2F%2Fgo2.lenovo.com%2F&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.175.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-175-79.us-west-2.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash
4589610f3eb06f1154e157b64246a1800b02914250499288dd7c0992c3e985d4

Request headers

Referer
https://www.cshub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2303
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 09:13:36 GMT
Server
nginx/1.4.6 (Ubuntu)
X-Powered-By
PHP/5.5.9-1ubuntu4.21
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7bc85f9e154663454b5cb279cc5649c5&svisitor=null&session=9ca5702d-b76d-4a33-85df-e70765cb2fcc&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2006%20Jul%202022%2009%3A11%3A33%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20about%20some%20of%20the%20biggest%20ransomware%20attacks%20that%20have%20happened%20in%202022%20and%20how%20your%20organization%20can%20stay%20protected%20against%20such%20attacks%22%2C%22keywords%22%3A%22Ransomware%2C%20ransomware%20attack%2C%20Puma%2C%20Bridgestone%2C%20Lapsus%24%2C%20Kronos%2C%20Encryption%2C%20data%22%2C%22title%22%3A%22Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub%22%7D&cb=&r=https%3A%2F%2Fgo2.lenovo.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&pageViewId=cc95eaf0-c7ff-4cf4-8264-e4fe52cb320b&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:35 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
02890c57eb
bam.nr-data.net/1/ 		49 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/02890c57eb?a=1566974274&v=1216.487a282&to=ZwBTMhYDWREHU0cKXl5KcAUQC1gMSUBcEEVvAVQSBQtb&rst=3925&ck=1&ref=https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about&ap=436&be=900&fe=3842&dc=2189&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1657098691576,%22n%22:0,%22f%22:2,%22dn%22:3,%22dne%22:46,%22c%22:46,%22s%22:65,%22ce%22:232,%22rq%22:232,%22rp%22:775,%22rpe%22:857,%22dl%22:874,%22di%22:2188,%22ds%22:2188,%22de%22:2210,%22dc%22:3836,%22l%22:3841,%22le%22:3855%7D,%22navigation%22:%7B%7D%7D&fp=1438&fcp=1438&at=S0dQRF4ZSh8%3D&jsonp=NREUM.setToken
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:35 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
726736bf39273b61-CDG
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7bc85f9e154663454b5cb279cc5649c5&svisitor=null&session=9ca5702d-b76d-4a33-85df-e70765cb2fcc&event=ipv6&q=%7B%22address%22%3A%222001%3A41d0%3Ad%3A364d%3A%3A7%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20about%20some%20of%20the%20biggest%20ransomware%20attacks%20that%20have%20happened%20in%202022%20and%20how%20your%20organization%20can%20stay%20protected%20against%20such%20attacks%22%2C%22keywords%22%3A%22Ransomware%2C%20ransomware%20attack%2C%20Puma%2C%20Bridgestone%2C%20Lapsus%24%2C%20Kronos%2C%20Encryption%2C%20data%22%2C%22title%22%3A%22Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub%22%7D&cb=&r=https%3A%2F%2Fgo2.lenovo.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&pageViewId=cc95eaf0-c7ff-4cf4-8264-e4fe52cb320b&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:35 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
crystel_profile_picture2ZbByHD4bu1sW5UWZom6uVnfzhD1UBetlA9E2f1K.jpg
plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/crystel_profile_picture2ZbByHD4bu1sW5UWZom6uVnfzhD1UBetlA9E2f1K.jpg
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/js/app_web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.12.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f54856e8508e92d3acbf997238745525d4b06c69b485aea50710cac890049c8d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 06 Jul 2022 09:11:36 GMT
Last-Modified
Thu, 07 Apr 2022 16:58:47 GMT
Server
AmazonS3
x-amz-request-id
67KXA2Q915DJWVY9
ETag
"21ae425dc3635210b92f123179fbe1e8"
x-amz-version-id
Zw48fQHHs4e0jIfPrbYeTRSKGuWP2Zci
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
30003
x-amz-id-2
vLr+1cJ0sYr7rlg8dS+A8dpKAHokiBO7++T3OPcC3N1L41GBCDZ04Tcfo+I6HfiUgfM/Uzdesfk=
ransomare_attack_logoTgMWljyUbJdEl0yYWF95PCODh2zZmEIbg7dUbm3t.jpg
plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plsadaptive.s3.amazonaws.com/eco/images/channel_content/images/ransomare_attack_logoTgMWljyUbJdEl0yYWF95PCODh2zZmEIbg7dUbm3t.jpg
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/js/app_web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.12.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7a359db93480a3e8983db5dd4b437c7a2632a6d09ea4c26ba8f568aea9ca3dec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 06 Jul 2022 09:11:36 GMT
Last-Modified
Wed, 20 Apr 2022 11:44:56 GMT
Server
AmazonS3
x-amz-request-id
67KQCECS9THWFS9Y
ETag
"cd5b49dbd5ebb1239979bbc22810cea4"
x-amz-version-id
wGsejnyc_RghLwUTMKqMdpVG1JHEaSOf
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
21791
x-amz-id-2
9ZcvgWDyk0FN3GANEZHmKxkm/Qvlc1HOwNN9FJp9V3UDbqe7ZUkH9ep9MuflR8npIeWFADgCGnk=
02890c57eb
bam.nr-data.net/events/1/ 		24 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/02890c57eb?a=1566974274&v=1216.487a282&to=ZwBTMhYDWREHU0cKXl5KcAUQC1gMSUBcEEVvAVQSBQtb&rst=4270&ck=1&ref=https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about
Requested by
Host: www.cshub.com
URL: https://www.cshub.com/attacks/articles/five-ransomware-attacks-in-2022-so-far-you-should-know-about?mkt_tok=MTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.cshub.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 06 Jul 2022 09:11:36 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.cshub.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
726736c11d4c3b61-CDG
Content-Length
24
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7bc85f9e154663454b5cb279cc5649c5&svisitor=2d58655f7f1e0000c551c5622f000000e9bc1100&session=9ca5702d-b76d-4a33-85df-e70765cb2fcc&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Jul%202022%2009%3A11%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Jul%202022%2009%3A11%3A33%20GMT%22%2C%22timeSpent%22%3A%223327%22%2C%22totalTimeSpent%22%3A%223327%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20about%20some%20of%20the%20biggest%20ransomware%20attacks%20that%20have%20happened%20in%202022%20and%20how%20your%20organization%20can%20stay%20protected%20against%20such%20attacks%22%2C%22keywords%22%3A%22Ransomware%2C%20ransomware%20attack%2C%20Puma%2C%20Bridgestone%2C%20Lapsus%24%2C%20Kronos%2C%20Encryption%2C%20data%22%2C%22title%22%3A%22Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub%22%7D&cb=&r=https%3A%2F%2Fgo2.lenovo.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&pageViewId=cc95eaf0-c7ff-4cf4-8264-e4fe52cb320b&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:36 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 9A80 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: app.picreel.com
URL: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.cshub.com%252Fattacks%252Farticles%252Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%253Fmkt_tok%253DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&source_host=https%253A%252F%252Fwww.cshub.com&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F103.0.5060.53%2520Safari%252F537.36&referrer=https%3A%2F%2Fgo2.lenovo.com%2F&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.picreel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 04:16:13 GMT
x-content-type-options
nosniff
age
17723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93100
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 04:16:13 GMT
json3.min.js
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ Frame 9A80 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js
Requested by
Host: app.picreel.com
URL: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.cshub.com%252Fattacks%252Farticles%252Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%253Fmkt_tok%253DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&source_host=https%253A%252F%252Fwww.cshub.com&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F103.0.5060.53%2520Safari%252F537.36&referrer=https%3A%2F%2Fgo2.lenovo.com%2F&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.picreel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2277202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3209
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec9-1fd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7ClqRMr%2FDVbNrjnlbS7D%2FE7Iq5pYMU0Sc4TOyDpI0VTQcP8%2F0oECzy4GHbDY1M9w%2BSZRahi2IX3ZVCxNO5ePG7IxfrZOO3C7%2Fj%2FLv7cb4k4ebRY2yNuskmu5T8pJFcDDpzrClz6Ze9nyYVIJFlCe0rW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
726736c7ed0a0814-CDG
expires
Mon, 26 Jun 2023 09:11:36 GMT
cd.min.js
system.picreel.com/js/ Frame 9A80 		947 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/cd.min.js
Requested by
Host: app.picreel.com
URL: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.cshub.com%252Fattacks%252Farticles%252Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%253Fmkt_tok%253DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&source_host=https%253A%252F%252Fwww.cshub.com&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F103.0.5060.53%2520Safari%252F537.36&referrer=https%3A%2F%2Fgo2.lenovo.com%2F&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19307946d5d21a01e4fe16453f2e51b9d7d6226458d5f7de2af9a8bfb127f05d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.picreel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
n_c1cIpGEJcZhJ9hIDMWj._AdYJJJMpt
Content-Encoding
gzip
ETag
"6db0367a3eaf0edafdc6fd27eeb4cc14"
Age
2088
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
447
Last-Modified
Tue, 14 May 2019 05:30:06 GMT
Server
AmazonS3
Date
Wed, 06 Jul 2022 08:36:49 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
Cache-Control
max-age=21600, must-revalidate
X-Amz-Cf-Pop
FRA56-P4
Accept-Ranges
bytes
X-Amz-Cf-Id
kEMluXJtafYvtbY9PS__e-rlJjxcWxqb7miNzROL8zIZyG_3smX9lw==
api.min.js
system.picreel.com/js/ Frame 9A80 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/api.min.js
Requested by
Host: app.picreel.com
URL: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.cshub.com%252Fattacks%252Farticles%252Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%253Fmkt_tok%253DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&source_host=https%253A%252F%252Fwww.cshub.com&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F103.0.5060.53%2520Safari%252F537.36&referrer=https%3A%2F%2Fgo2.lenovo.com%2F&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91b97bf39d59ed0cf4a7016a7acfd0a75a56d74f29238aebf272710ca4683aaf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.picreel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
oHQtU7D4N.Fa57349iQIbcMMpIBCcBrT
Content-Encoding
gzip
ETag
"a8ce200ae7b4d05f7ef0b1fc9576c787"
Age
15101
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4208
Last-Modified
Wed, 16 Sep 2020 12:18:36 GMT
Server
AmazonS3
Date
Wed, 06 Jul 2022 05:00:53 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
Cache-Control
max-age=21600, must-revalidate
X-Amz-Cf-Pop
FRA56-P4
Accept-Ranges
bytes
X-Amz-Cf-Id
B_u7FswvE1v7RJiYEnMEawcLkbQzi04o6g4oMfAX1NeXFZAeoDamxg==
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7bc85f9e154663454b5cb279cc5649c5&svisitor=2d58655f7f1e0000c551c5622f000000e9bc1100&session=9ca5702d-b76d-4a33-85df-e70765cb2fcc&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Jul%202022%2009%3A11%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Jul%202022%2009%3A11%3A36%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224329%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20about%20some%20of%20the%20biggest%20ransomware%20attacks%20that%20have%20happened%20in%202022%20and%20how%20your%20organization%20can%20stay%20protected%20against%20such%20attacks%22%2C%22keywords%22%3A%22Ransomware%2C%20ransomware%20attack%2C%20Puma%2C%20Bridgestone%2C%20Lapsus%24%2C%20Kronos%2C%20Encryption%2C%20data%22%2C%22title%22%3A%22Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub%22%7D&cb=&r=https%3A%2F%2Fgo2.lenovo.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&pageViewId=cc95eaf0-c7ff-4cf4-8264-e4fe52cb320b&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:37 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
crumb
polo.feathr.co/v1/analytics/ 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polo.feathr.co/v1/analytics/crumb?cb=1657098698160&a_id=5850143e7c1fea34ebb31cca&f_id=62c551c586fbd10009ebb0d2&ses_id=62c551c58636de789b448d35&rfr=https%3A%2F%2Fgo2.lenovo.com%2F&flvr=page_view&loc_url=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.196.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-196-26.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:11:38 GMT
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0,no-cache,no-store
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
43
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7bc85f9e154663454b5cb279cc5649c5&svisitor=2d58655f7f1e0000c551c5622f000000e9bc1100&session=9ca5702d-b76d-4a33-85df-e70765cb2fcc&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Jul%202022%2009%3A11%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Jul%202022%2009%3A11%3A37%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225330%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20about%20some%20of%20the%20biggest%20ransomware%20attacks%20that%20have%20happened%20in%202022%20and%20how%20your%20organization%20can%20stay%20protected%20against%20such%20attacks%22%2C%22keywords%22%3A%22Ransomware%2C%20ransomware%20attack%2C%20Puma%2C%20Bridgestone%2C%20Lapsus%24%2C%20Kronos%2C%20Encryption%2C%20data%22%2C%22title%22%3A%22Five%20ransomware%20attacks%20in%202022%20so%20far%20you%20should%20know%20about%20%7C%20Cyber%20Security%20Hub%22%7D&cb=&r=https%3A%2F%2Fgo2.lenovo.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&pageViewId=cc95eaf0-c7ff-4cf4-8264-e4fe52cb320b&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-202.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.cshub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:11:38 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=62c551c586fbd10009ebb0d2&gdpr=0

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require object| googletag function| gtag string| gaTrackingId object| dataLayer object| _elqQ object| _6si function| $ function| jQuery object| ggeac object| google_tag_data object| google_js_reporting_queue function| playDemo function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| feathr function| FeathrBoomerang object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq object| _ml object| OneTrustStub function| OptanonWrapper object| google_tag_manager string| GoogleAnalyticsObject function| ga boolean| __@@##MUH boolean| _already_called_lintrk function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments undefined| feathr_account_id object| __feathrs function| isBlockedDomain function| loadScripts function| getParams function| getGetParameters function| getCookie object| linksArray string| link object| get_params boolean| script_loaded boolean| block_loading string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData undefined| google_measure_js_timing boolean| initialized object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| setImmediate function| clearImmediate function| Vue function| _ object| summerNote function| emitter function| Pusher object| core function| Hammer boolean| ga-disable-UA-3734990-33 object| blocked_sites object| addthis_share object| addthis_config object| Optanon object| OneTrust object| ziws object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| jQueryLazyLoad object| picreel object| _elq object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len object| recaptcha object| closure_lm_536522 object| PCD

39 Cookies

Domain/Path Name / Value
.go2.lenovo.com/ Name: __cf_bm
Value: taqJZEZdSviNkuyZP2uwDg.R7LoPIUL9gEfP6KMq0tc-1657098691-0-AWynHnFU3G69SFSYPUR2cp6hHBQKB7iTywQxBUc5Bnd1O3mfmOqThLPc9CqNlUYlONqaJVuLNo9OAmLr6msOwIk=
.6sc.co/ Name: 6suuid
Value: 2d58655f7f1e0000c551c5622f000000e9bc1100
.www.cshub.com/ Name: feathr_session_id
Value: 62c551c58636de789b448d35
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cshub.com/ Name: _gid
Value: GA1.2.345788951.1657098693
.cshub.com/ Name: _gat_gtag_UA_3734990_33
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQJvwfXt2fp2wgAAAYHSx2pc124y-zNFwWjKnlTCA9DtLn1rP1XiaD-IwihRtC6vEG237kiBhfJvmw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIfiCqhwtkNvAAAAYHSx2pchjh-z7qH3KWt55Vf-Tb1gyHNxPz9K6pNm3kFzcvcoFzADsbbso35lulJ_bx23w
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&85d3b91f-fd17-4214-8dc0-916962a3008d"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2626:u=1:x=1:i=1657098693:t=1657185093:v=2:sig=AQHCBYr9726H7suiK7H-XkTZ_auRHKXb"
.cshub.com/ Name: _ga_92LEFJD17H
Value: GS1.1.1657098693.1.0.1657098693.0
.feathr.co/ Name: f_id
Value: 62c551c586fbd10009ebb0d2
.linkedin.com/ Name: lang
Value: v=2&lang=fr-fr
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220706091133f5ed5e87-267c-4ff2-8bf3-3a7326d41ceaAQHmmk60yAy6iPHpqP6CpoxVgO6b-xrV"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTcwOTg2OTM7MjswMjFipLpVMyaRhGCIxxRE570wM6qdw/SLa53TAkZ03Og8Hw==
.ws.zoominfo.com/ Name: visitorId
Value: c5138df617b245004d596914c3d5447c701b82fc09d6d8bcd4b863acc41926b1
.cshub.com/ Name: _ga
Value: GA1.2.603532503.1657098693
.cshub.com/ Name: _fbp
Value: fb.1.1657098693753.1607750255
www.cshub.com/ Name: __atuvc
Value: 1%7C27
www.cshub.com/ Name: __atuvs
Value: 62c551c4820cc845000
.addthis.com/ Name: uvc
Value: 1%7C27
.cshub.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jul+06+2022+09%3A11%3A33+GMT%2B0000+(GMT)&version=6.29.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.cshub.com%2Fattacks%2Farticles%2Ffive-ransomware-attacks-in-2022-so-far-you-should-know-about%3Fmkt_tok%3DMTgzLVdDVC02MjAAAAGFU_MrRfZu-2EE2M9ez3zsDb26lXWxCxKU5C-WZTA_x7tWX9ZbSww_xeKX3-DEY1SqAYbQ5_DsUS9VSQv8DtEYkwQ66P06Xb0cBaUUX7QJZCd53PZU&groups=C0001%3A1%2CC0004%3A0
www.cshub.com/ Name: AWSALB
Value: 4Ihvi/qYLeg+TkgDwMA6+Me/1xE5UpYUywHhttfl1ZkpQdEX7pf5Dde3JF8n2ZqAH7zTIsx1W1kbDV5Evej+pRkYqzro5c39+MTaehGbw0NbFF5B0QcgxKet2U0N
www.cshub.com/ Name: AWSALBCORS
Value: 4Ihvi/qYLeg+TkgDwMA6+Me/1xE5UpYUywHhttfl1ZkpQdEX7pf5Dde3JF8n2ZqAH7zTIsx1W1kbDV5Evej+pRkYqzro5c39+MTaehGbw0NbFF5B0QcgxKet2U0N
www.cshub.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImgyV1RSRThwSHI2VERwMEl0NklUQ3c9PSIsInZhbHVlIjoiUDZtNHg5dXJIaHJGU25lZ1dJbWZYb3hwME0yaU1aOS9lVzBLNDRLK2txU1ZJZU4rZ1hUVjdYSVFNdnRvSEgvYW9YRjFUTEYybnljWXZRVUk0cVpTRjBhcFAvcWlKTWVVUHhqeEFvdFNPdDZMNkx5bys3RkVvTUpUQTVpaXZ4eHEiLCJtYWMiOiI4OGNmNTU4NDZjNDJhNWFmZTc1YWQwZDI2NDliZDZhMTZhN2E5NjVhYjUzNWI1ZDliMWM1MmUzNTg5NThiYjgwIiwidGFnIjoiIn0%3D
www.cshub.com/ Name: ecochannels_eco_app_session
Value: eyJpdiI6IjVoMi9KaTNkcHpGRzRFcFVwTnRSY3c9PSIsInZhbHVlIjoidkFHWGtub0QrWDNlY2dLWXY2YUFxNTdTT2ZvNUZRck1BTFgxdktDSWpjQ0RJdVAxcFdJMGtiM21INXpBWFFFcXJjVHA2NFp2elBZVjhGT0ZPOXl3dDh6ZFlmaW00bWJGbTYwMkJPT0E4dXdBL0VHSGpNS1h4SHVRMlJqM25ZbFEiLCJtYWMiOiIyMWVjOTQxMzE3NjVmOTdiNTBiZDdlNjVhZGY1YTI4ZDg1Mjc0N2NmZTE0MGQ4NmEzN2ZhNDk3ZWFkYzZiY2QxIiwidGFnIjoiIn0%3D
www.cshub.com/ Name: channel_id
Value: eyJpdiI6IjNnSFh0Q04rK2VESFFmYXdGbThQNmc9PSIsInZhbHVlIjoiNFBFbGFJRVpRaHdkRlREcmoweFZRd21iL3RUbUphSTFaRUxUb3RWVWhnRDFtSjRoZTViZm5Pd0ozQUJGbW1BYk9zRUZYdnY5cmlGSXZvUXJBbGx4ZXZqWGNaZGg5RlRsWmVJeCtlSmZoUnM9IiwibWFjIjoiN2EyZGVjYTRmODk1NzBiYTg2ZjhlMzE0ODVlNzljOGRlYTY0MjUxZjNlYTk3ZmVmOGJhNDQ1MGFiOGU4ZDdjYyIsInRhZyI6IiJ9
.addthis.com/ Name: loc
Value: MDAwMDBFVUZSMDAyMzA3MTgzMjA1OTAwMDBDSA==
.eloqua.com/ Name: ELOQUA
Value: GUID=AC12A2CCA95F4359BD9B108E9DC703A7
.eloqua.com/ Name: ELQSTATUS
Value: OK
www.cshub.com/ Name: picreel_tracker__page_views
Value: 1
www.cshub.com/ Name: picreel_tracker__first_visit
Value: Wed%20Jul%2006%202022%2009%3A11%3A35%20GMT%2B0000%20(GMT)
www.cshub.com/ Name: picreel_tracker__visited
Value: 1
www.cshub.com/ Name: _an_uid
Value: 0
www.cshub.com/ Name: _gd_visitor
Value: 325cf131-af79-48db-86dd-ca4b4ff165d6
www.cshub.com/ Name: _gd_session
Value: 9ca5702d-b76d-4a33-85df-e70765cb2fcc
www.cshub.com/ Name: _gd_svisitor
Value: 2d58655f7f1e0000c551c5622f000000e9bc1100
.nr-data.net/ Name: JSESSIONID
Value: 4e0045f6854c8d3b

10 Console Messages

Source Level URL
Text
security error URL: https://go2.lenovo.com/MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs6O64ZlXA0aWN3QU=
Message:
The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://go2.lenovo.com/MTgzLVdDVC02MjAAAAGFU_MrRfRZNAaQTmDURUosMneYKIveWoHuCLDp97zzGdy8DEJ_YwEg6oSs6O64ZlXA0aWN3QU=
Message:
The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://fonts.googleapis.com/css2?family=Lato:300,400,500,600,700,800,900
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://www.googleadservices.com/pagead/conversion.js(Line 26)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-JfqoONEyXbIZ0mLfSb/x/+PZYXYBcmf1VGtwG/xLQqQ=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-public.addthis.com
app.picreel.com
assets.pcrl.co
b.6sc.co
bam.nr-data.net
c.6sc.co
cdn-ukwest.onetrust.com
cdn.feathr.co
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
go2.lenovo.com
googleads.g.doubleclick.net
img04.en25.com
in.ml314.com
ipv6.6sc.co
j.6sc.co
js-agent.newrelic.com
m.addthis.com
marco.feathr.co
match.adsrvr.org
ml314.com
plsadaptive.s3.amazonaws.com
polo.feathr.co
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s7.addthis.com
s893759278.t.eloqua.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
stats.g.doubleclick.net
system.picreel.com
use.fontawesome.com
v1.addthisedge.com
ws.zoominfo.com
www.cshub.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
z.moatads.com
match.adsrvr.org
s7.addthis.com
104.17.71.206
104.75.88.126
104.92.74.202
13.107.43.14
13.224.189.122
142.0.165.179
142.250.184.226
142.250.185.194
15.197.145.235
151.101.2.137
162.247.241.14
18.66.122.23
185.33.220.244
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
23.35.237.151
2606:4700:10::6814:b944
2606:4700:3032::ac43:a9f7
2606:4700:3037::6815:52a3
2606:4700::6810:5514
2606:4700::6810:a852
2606:4700::6811:180e
2620:1ec:21::14
2a00:1450:4001:800::2008
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9d
2a02:26f0:1700:1b1::1c91
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.111.234.236
52.217.12.28
52.222.236.80
52.89.175.79
54.175.196.26
54.197.172.119
96.16.149.96
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cbfdf04b7ae1d0a0976be464492abc4f7552c4c6c46fb296289e7e55bf2da2c
0d2032ccb439f7c7d45a1730cca79e03165aac361ccf42146db7d3b3837061d9
102fc165e1134e9b3e0f6cc776a94f4e2591d5aa6a44373a306aa96d1404855f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
117057216d5fd2c1556691fc2f45c0868e2a51c40cceed495b3ba4918a21dcbf
1413250a670f7082e8f76a5a848d1a24dd1d5f6029639b3dbf43bd35884da6ea
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
19307946d5d21a01e4fe16453f2e51b9d7d6226458d5f7de2af9a8bfb127f05d
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
26638ae0340d7728d6ce89bd9d70d323400d22363d021426c007f3e172a0d566
2e663c90d0791ce7c3c8e6f128f4235e27136aaedf47da80a37b30ea30a6f3b7
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455cfba4ecbc088292018637ad2017491f16404d25858abf8e5a078f171ca476
4589610f3eb06f1154e157b64246a1800b02914250499288dd7c0992c3e985d4
46c73e79835ebdf63bb9f1f56816ea9a1f4a40e5b6b0111f4fb6ef2c3f834108
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
59a1c8c961f38f90aaf7651abdbd792ac4c08c30e45201f37fecba57b3fd1c87
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c329a7f550d3ad4da104c51683286040480bf8e8d1922c7e825df1cd03b8b90
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
626c9c4f709bcaaddb082c039d026a475f0d469d470bf6c0931e4265b3c98843
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
734bb9a8eba211118b8e87f554bf19071d8692762038064a466bb50d3d15efa1
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
77721638bbe1b10c95e415dcea9db0325d108345174f9b0a6aeb75405b46e9dc
793d351cc866196d17887ea6ef5ff0ea5458cb2e88a7e73e92c43ec0dcdb6285
7a359db93480a3e8983db5dd4b437c7a2632a6d09ea4c26ba8f568aea9ca3dec
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
7d1cf6a82d5551f0ec3e18098208f40a31dba7d94c865f5444a4dbed9445965a
85a93a93f30f3ad5c2ffe2cb090c08173e725870f83a7af9c140659dcfe20293
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8af6648007fdbfed0c265918e8e86bfcae010029cca50ab22cc370c7c73979e0
8b0a3f2ce05a7a9b19c0e6dc3cb4d3aea3f67752e51655c14d7fcfaa3acd8f49
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
8efdafb12c6472fe49ae4fb599ec177e4f083cb1f6e357c6afb1158a26c28e8a
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
91b97bf39d59ed0cf4a7016a7acfd0a75a56d74f29238aebf272710ca4683aaf
922311ea397903e3ce2137c49bb1b69ee24bb548b9682196175f07cc8cb06b97
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c49f0d14032c4ef837e96a9ef8e2c48d99273d09a2e82981bb6983e38a04c1
a8b9abe4878dd0b411fad1099ba81e274f6c375942b1b3100bc77f1b99e5587c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adf33148613cb07d00c1da3473cf3d7ce89a94c3e2075a065772bcb852f65b71
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6847075a7d6c774a99989f77472cf635e12e7d005795d626480732b9f49e360
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
b9a0b443fd4e86d9f0178db08c1e3a65c791fa5ecbc26579fc0eb907f34b6250
c65aa2b99ceeb0595c8d26af4d026a062fbfae7402667ccd7fa626e43c4f5cbc
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
ccb68422a1e82aa776b318fa67c247f51dd6e4df655def91479bd6d7ebd67a28
ce33bbc71f7acfabe853a25fb665c138922b5ba77f88a655ee2ef7f7ca0b9a9a
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de85ba404ac743bd5b7119b9a5dcad583fc9868f530e009e6b281bc1182023b5
e05b54c228be898dc69492b261a41402c5efb50fa38ac4d46c6614afab487453
e1ebf28d92bfd1ca5e0125f8a6179abf451a742e531334dde50c61ce9b909d74
e23d2195bceec70f370c4959842cc9a67017fc3d19ce0a46be41917fa435c1a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45bc36be23edeebd5e86f8edfbf5e80800784c4524b7b8cfac39770b05b84fd
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
edcc2177610e3a04918619aa2f73e96c2d0d491974a4223ccce0d11dd8d4fdc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f54856e8508e92d3acbf997238745525d4b06c69b485aea50710cac890049c8d
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
faa1444cbae74aad09a3bae4849dd1b0fead937d10b8b79321da628b461f59bd
fe701bcbc7162712ec93fa8b5007964098d60957ee42c0c25d5454ff35a31e53