www.scmagazine.com Open in urlscan Pro
54.86.31.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-...
Submission: On March 22 via manual (March 22nd 2019, 8:44:26 pm UTC) from US

Summary HTTP 198 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 26 domains to perform 198 HTTP transactions. The main IP is 54.86.31.50, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.scmagazine.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on September 6th 2018. Valid for: a year.

This is the only time www.scmagazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	54.86.31.50 54.86.31.50	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
20	94.31.29.64 94.31.29.64	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:204... 2600:9000:2043:b400:1b:fadc:b780:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.216.81.19 52.216.81.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
11	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.120.134 151.101.120.134	54113 (FASTLY) (FASTLY - Fastly)
2 5	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2600:1f14:e96... 2600:1f14:e96:5800:5571:ae82:1dfd:9bde	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:204... 2600:9000:2043:5200:18:1fcd:348:2461	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 3	204.2.197.202 204.2.197.202	1422 (MEDIA6-ASN) (MEDIA6-ASN - Media6degrees)
3	38.126.130.202 38.126.130.202	1422 (MEDIA6-ASN) (MEDIA6-ASN - Media6degrees)
1	2606:4700:20:... 2606:4700:20::6819:f763	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
63	2606:4700:20:... 2606:4700:20::6819:5465	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	18.235.176.117 18.235.176.117	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.35.253.54 13.35.253.54	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2606:4700::68... 2606:4700::6810:4fa6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY - Fastly)
2	35.227.192.113 35.227.192.113	15169 (GOOGLE) (GOOGLE - Google LLC)
2 7	2600:1f14:e96... 2600:1f14:e96:5802:1639:b44c:1d24:e6d5	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	18.213.92.219 18.213.92.219	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 3	2620:109:c00c... 2620:109:c00c:104::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	54.87.95.71 54.87.95.71	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	54.149.45.227 54.149.45.227	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.48.132.12 52.48.132.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	2600:1f14:e96... 2600:1f14:e96:5802:37f7:83d2:84d:39a7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	2600:1f14:e96... 2600:1f14:e96:5800:7c5b:c788:a470:3ccb	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.203.218.248 54.203.218.248	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.219.6.126 34.219.6.126	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
198	38

31 54.86.31.50 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-86-31-50.compute-1.amazonaws.com

www.scmagazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 94.31.29.64 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.64.IPYX-077437-ZYO.above.net

3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2043:b400:1b:fadc:b780:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

content.maropost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.81.19 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.120.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

scmagazineus.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::200e (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:e96:5800:5571:ae82:1dfd:9bde (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (European Union)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2043:5200:18:1fcd:348:2461 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.2.197.202 (Englewood, United States) 3 redirects

ASN1422 (MEDIA6-ASN - Media6degrees, US)
PTR: action-e.pipelane.net

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 38.126.130.202 (United States)

ASN1422 (MEDIA6-ASN - Media6degrees, US)
PTR: action-s.pipelane.net

action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:f763 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2606:4700:20::6819:5465 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.176.117 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-235-176-117.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.54 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-54.fra6.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:4fa6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.192.113 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 113.192.227.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f14:e96:5802:1639:b44c:1d24:e6d5 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api-54-149-45-227.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.213.92.219 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-213-92-219.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
polo-v1.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:109:c00c:104::b93f:9005 (United States) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.95.71 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-87-95-71.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.45.227 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-149-45-227.us-west-2.compute.amazonaws.com

api-54-149-45-227.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.132.12 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-132-12.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:e96:5802:37f7:83d2:84d:39a7 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api-54-203-218-248.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:e96:5800:7c5b:c788:a470:3ccb (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api-34-219-6-126.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.218.248 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-203-218-248.us-west-2.compute.amazonaws.com

api-54-203-218-248.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.219.6.126 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-219-6-126.us-west-2.compute.amazonaws.com

api-34-219-6-126.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	lytics.io c.lytics.io api.lytics.io	57 KB
31	scmagazine.com www.scmagazine.com	5 MB
23	b2c.com 4 redirects api.b2c.com api-54-149-45-227.b2c.com api-54-203-218-248.b2c.com api-34-219-6-126.b2c.com	26 KB
20	netdna-ssl.com 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com	338 KB
13	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	98 KB
9	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	189 KB
7	feathr.co cdn.feathr.co polo.feathr.co marco.feathr.co polo-v1.feathr.co	29 KB
5	google-analytics.com 2 redirects www.google-analytics.com	35 KB
5	googletagservices.com www.googletagservices.com	68 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	disquscdn.com c.disquscdn.com	202 KB
3	media6degrees.com action.media6degrees.com	1012 B
3	dstillery.com 3 redirects action.dstillery.com	1 KB
3	disqus.com scmagazineus.disqus.com disqus.com	26 KB
3	gstatic.com fonts.gstatic.com	42 KB
3	google.com 2 redirects adservice.google.com www.google.com	530 B
3	google.de adservice.google.de www.google.de	389 B
3	amazonaws.com s3.amazonaws.com	856 KB
2	adsrvr.org 2 redirects match.adsrvr.org	885 B
2	googleapis.com fonts.googleapis.com	998 B
1	chartbeat.net ping.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	licdn.com snap.licdn.com	5 KB
1	crazyegg.com script.crazyegg.com	28 KB
1	maropost.com content.maropost.com	3 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
198	26

	Domain	Requested by
63	c.lytics.io	3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com c.lytics.io www.scmagazine.com
31	www.scmagazine.com	www.scmagazine.com 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
20	3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com	www.scmagazine.com 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.scmagazine.com
9	api-54-149-45-227.b2c.com	2 redirects www.scmagazine.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.scmagazine.com
5	api-34-219-6-126.b2c.com	1 redirects www.scmagazine.com
5	api-54-203-218-248.b2c.com	1 redirects www.scmagazine.com
5	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com
5	www.googletagservices.com	www.scmagazine.com securepubads.g.doubleclick.net
4	polo.feathr.co	cdn.feathr.co www.scmagazine.com
4	api.b2c.com	www.googletagmanager.com securepubads.g.doubleclick.net
3	px.ads.linkedin.com	2 redirects www.scmagazine.com
3	c.disquscdn.com	scmagazineus.disqus.com
3	action.media6degrees.com	www.scmagazine.com
3	action.dstillery.com	3 redirects
3	fonts.gstatic.com	www.scmagazine.com 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
3	s3.amazonaws.com	www.scmagazine.com
2	pagead2.googlesyndication.com	www.scmagazine.com
2	match.adsrvr.org	2 redirects
2	api.lytics.io	c.lytics.io 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
2	www.google.de	www.scmagazine.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	scmagazineus.disqus.com	3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
2	fonts.googleapis.com	www.scmagazine.com
1	polo-v1.feathr.co	www.scmagazine.com
1	ping.chartbeat.net	www.scmagazine.com
1	www.linkedin.com	1 redirects
1	disqus.com	scmagazineus.disqus.com
1	marco.feathr.co	www.scmagazine.com
1	cdn.feathr.co	3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
1	static.chartbeat.com	www.scmagazine.com
1	snap.licdn.com	www.scmagazine.com
1	script.crazyegg.com	www.googletagmanager.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	content.maropost.com	www.scmagazine.com
1	www.googletagmanager.com	www.scmagazine.com
198	39

This site contains links to these domains. Also see Links.

Domain
risksecconference.com
scawardsus.com
www.sharpeningyourdefenses.com
resourcelibrary.scmagazine.com
www.scmagazineuk.com
twitter.com
www.facebook.com
www.linkedin.com
reddit.com
www.wsj.com
www.youtube.com
media.scmagazine.com
subscribe.haymarketmedia.com

Subject Issuer	Validity	Valid
*.scmagazine.com Trusted Secure Certificate Authority 5	`2018-09-06` - `2019-09-06`	a year	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-18` - `2020-02-27`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
content.maropost.com Amazon	`2018-10-25` - `2019-11-25`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-20` - `2019-09-18`	9 months	crt.sh
*.b2c.com Go Daddy Secure Certificate Authority - G2	`2016-03-24` - `2019-03-24`	3 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2016-02-16` - `2019-04-17`	3 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2018-04-02` - `2019-04-18`	a year	crt.sh
dstillery.com COMODO RSA Domain Validation Secure Server CA	`2018-01-18` - `2021-04-17`	3 years	crt.sh
ssl379779.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-09` - `2019-07-18`	6 months	crt.sh
ssl379818.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-15` - `2019-08-24`	6 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.feathr.co Amazon	`2018-06-25` - `2019-07-25`	a year	crt.sh
marco.feathr.co Amazon	`2018-10-18` - `2019-11-18`	a year	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-17` - `2019-09-23`	6 months	crt.sh
*.lytics.io RapidSSL TLS RSA CA G1	`2018-01-26` - `2020-01-06`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2017-06-06` - `2019-06-11`	2 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Frame ID: 76DDD2D70D9893D0DABF4D39201BC5FD
Requests: 169 HTTP requests in this frame

Frame: https://api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/804f8f4c8839cb5905d006fb0040d53b?segments=true&mergestate=true&ts=1553287447740
Frame ID: EAEF6710A66456D96334B456EFEA4E14
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 1B030533D31D93F46B3108690C680D92
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 178117B466056A489E35569277AB4C8A
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 32E4035907B8E69A8758016C39CCD7D6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i
env /^_sf_(?:endpt|async_config)$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^CE2$/i

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

env /^DISQUS/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^googletag$/i
env /^google_tag_manager$/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^optimizely$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

198
Requests

100 %
HTTPS

60 %
IPv6

26
Domains

39
Subdomains

38
IPs

4
Countries

7608 kB
Transfer

9692 kB
Size

2
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://risksecconference.com/
Title: RiskSec 2019

Search URL Search Domain Scan URL

URL: https://scawardsus.com/
Title: SC Awards 2019

Search URL Search Domain Scan URL

URL: https://www.sharpeningyourdefenses.com/
Title: TechScape

Search URL Search Domain Scan URL

URL: https://resourcelibrary.scmagazine.com/
Title: Resource Library

Search URL Search Domain Scan URL

URL: https://www.scmagazineuk.com/
Title: SC UK

Search URL Search Domain Scan URL

URL: https://twitter.com/RobertJAAbel
Title: Follow @RobertJAAbel

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/&text=Ransomware%20attack%20targets%20college%20admissions%20data
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/&title=Ransomware%20attack%20targets%20college%20admissions%20data
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/hackers-breach-college-applicant-databases-seek-ransom-11552003816?mod=hp_listb_pos3
Title: Wall Street Journal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SCMag/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/scmagazine
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/scmediaus/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SCMagazineUS
Title:

Search URL Search Domain Scan URL

URL: https://media.scmagazine.com/documents/356/edit_calendar_2018-2019_(1)_88909.pdf
Title: Editorial Calendar

Search URL Search Domain Scan URL

URL: https://subscribe.haymarketmedia.com/sub/?p=SCM&f=new
Title: Subscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://action.dstillery.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 43

https://action.dstillery.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 44

https://action.dstillery.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 55

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1289435048&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&ul=en-us&de=UTF-8&dt=Ransomware%20attack%20targets%20college%20admissions%20data%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=6GDAAAADQ~&jid=1363939079&gjid=974319979&cid=553670133.1553287447&tid=UA-1290429-10&_gid=965761810.1553287447&_r=1&gtm=2wg3b2W475TQW&cd1=94297%3A0&cd2=&cd3=&cd4=70&cd5=post&cd6=&cd7=home&cd8=security%20news&cd9=ransomware%20attack%20targets%20college%20admissions%20data&cd11=omn&cd12=76&cd14=false&cd15=false&cd16=false&cd17=&cd18=0&cd19=&cd31=&cd32=&cd33=&cd34=Robert%20Abel&cd35=News&cd36=&cd37=undefined&cd38=undefined&cd39=undefined&cd40=&cd41=&cd42=&cd43=&cd46=&cd48=&cd50=&cd55=&cd56=11&cd57=&cd58=&cd61=false&cd62=03%2F11%2F2019&cd63=165&cd67=undef&cd70=false&cd77=GA1.2.553670133.1553287447&z=229217122 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_gid=965761810.1553287447&gjid=974319979&_v=j73&z=229217122 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_v=j73&z=229217122 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_v=j73&z=229217122&slf_rd=1&random=288496988

Request Chain 69

https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1553287448225%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity-news%252Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%252F%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&fmt=js&s=1&cookiesTest=true&liSync=true

Request Chain 71

https://api-54-149-45-227.b2c.com/api/x?4J6pIwWU4I0s4R5K$ZnJhbWVyYXRlJDMxOCQxMCIsImludGVyc2VjdGlvbi1zaXplJDM0MyQxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24tZW50ZXIkMzQzJDB4MCAxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24kMzQzJDUw HTTP 302
https://api-54-149-45-227.b2c.com:444/api/4?4J6pIwWU4I0s4R5K

Request Chain 134

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5c954917d322a50001e0f4e6&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5c954917d322a50001e0f4e6&gdpr=0 HTTP 302
https://polo-v1.feathr.co/v1/analytics/match?f_id=5c954917d322a50001e0f4e6&ttd_id=e02c415e-219a-4260-8798-c701a906e29d

Request Chain 187

https://api-54-149-45-227.b2c.com/api/x?qSCLT0Ctu5j4vFqY$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3RocmVhdC1hY3RvcnMtbGF1bmNoZWQtcmFuc29td2FyZS1hdHRhY2tzLWFnYWluc3QtdGhyZWUtdS1zLWNvbGxlZ2VzLXNlaXppbmctdGhlLWRhdGEtb24tc3R1ZGVudHMtYXBwbHlpbmctZm9yLWFkbWlzc2lvbi8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJGh0dHBzOi8vd3d3LnNjbWFnYXppbmUuY29tIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDEiLCJoaWRkZW4kMCQwIiwidmlzaWJpbGl0eVN0YXRlJDAkdmlzaWJsZSIsImhhc0ZvY3VzJDAkMCIsIndpbmRvdyQwJDcyOHg5MCIsImlubmVyJDAkNzI4eDkwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDgiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQxJDEiLCJ3ZWJnbCQyJG4vYSIsInRpbWUkMiQxNTUzMjg3NDQ5NDA4IiwidGltZXpvbmUkMiQwIiwicGx1Z2lucyQyJE5vbmUiLCJtZW0tdG90YWxKU0hlYXBTaXplJDIkMjUuNjM4NDI0IiwibWVtLXVzZWRKU0hlYXBTaXplJDIkMTcuOTA3NzkyIiwibWVtLWpzSGVhcFNpemVMaW1pdCQyJDIxODEuMDM4MDgiLCJ0aW1lLXJlc3BvbnNlRW5kJDIkMSIsInRpbWUtZG9tTG9hZGluZyQyJDEiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDIkMSIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkMiQxIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkMiQxIiwidGltZS1kb21Db21wbGV0ZSQyJDEiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkMiQwIiwibmF2aWdhdGlvbi10eXBlJDIkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkNSQwLjI5NSIsImdsb2JhbHMkNiRiMzllNjg5YiIsImRvY3VtZW50LXRpbWUkOSQwLjM1NSIsImRvY3VtZW50JDkkNDAzZGI1YzYiLCJjb25uZWN0aW9uJDkkIiwiZG93bmxpbmtNYXgkOSQiLCJnZXRVc2VyTWVkaWEkOSQyIiwiY2xvY2skMTQkNTMwNCIsImludGVyc2VjdGlvbi1zaXplJDE4JDE1ODV4MTIwMCIsImludGVyc2VjdGlvbi1lbnRlciQxOCQwLjV4MCA3Mjh4OTAiLCJpbnRlcnNlY3Rpb24kMTgkMTAwIiwiYmF0dGVyeSQxOCQxIDEgMCBJbmZpbml0eSIsImFkYmxvY2skMTgkMCIsImF1ZGlvY29udGV4dCQyMyQ5NmUxNGJlZiIsInNvcnQkNTEkMTUuMzgiLCJmcmFtZXJhdGUkMTE5JDcw HTTP 302
https://api-54-149-45-227.b2c.com:444/api/4?qSCLT0Ctu5j4vFqY

Request Chain 188

https://api-54-203-218-248.b2c.com/api/x?AmUegcyuaHFW11T1$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3RocmVhdC1hY3RvcnMtbGF1bmNoZWQtcmFuc29td2FyZS1hdHRhY2tzLWFnYWluc3QtdGhyZWUtdS1zLWNvbGxlZ2VzLXNlaXppbmctdGhlLWRhdGEtb24tc3R1ZGVudHMtYXBwbHlpbmctZm9yLWFkbWlzc2lvbi8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJGh0dHBzOi8vd3d3LnNjbWFnYXppbmUuY29tIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDEiLCJoaWRkZW4kMCQwIiwidmlzaWJpbGl0eVN0YXRlJDAkdmlzaWJsZSIsImhhc0ZvY3VzJDAkMCIsIndpbmRvdyQwJDMwMHgyNTAiLCJpbm5lciQwJDMwMHgyNTAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkMSQxIiwiYXBwQ29kZU5hbWUkMSRNb3ppbGxhIiwiYXBwTmFtZSQxJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQxJDUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDQkdHJ1ZSIsImRvTm90VHJhY2skNCQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDQkOCIsImxhbmd1YWdlJDQkZW4tVVMiLCJwbGF0Zm9ybSQ0JExpbnV4IHg4Nl82NCIsInByb2R1Y3QkNCRHZWNrbyIsInByb2R1Y3RTdWIkNCQyMDAzMDEwNyIsInNlbmRCZWFjb24kNCQxIiwidXNlckFnZW50JDQkTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDQkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkNCQiLCJmb250cmVuZGVyJDQkMSIsIndlYmdsJDUkbi9hIiwidGltZSQ1JDE1NTMyODc0NDk1MTEiLCJ0aW1lem9uZSQ1JDAiLCJwbHVnaW5zJDUkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkNSQyOS4yMTczMTIiLCJtZW0tdXNlZEpTSGVhcFNpemUkNSQyMC4wMTQ2MDgiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDUkMjE4MS4wMzgwOCIsInRpbWUtZG9tTG9hZGluZyQ1JDEiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDUkMSIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkNSQxIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkNSQxIiwidGltZS1kb21Db21wbGV0ZSQ1JDEiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkNSQwIiwibmF2aWdhdGlvbi10eXBlJDUkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkOSQwLjI3IiwiZ2xvYmFscyQ5JGIzOWU2ODliIiwiZG9jdW1lbnQtdGltZSQxMiQwLjM2NSIsImRvY3VtZW50JDEyJDQwM2RiNWM2IiwiY29ubmVjdGlvbiQxMyQiLCJkb3dubGlua01heCQxMyQiLCJnZXRVc2VyTWVkaWEkMTMkMiIsImNsb2NrJDE3JDI4MzgiLCJpbnRlcnNlY3Rpb24tc2l6ZSQyMiQxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24tZW50ZXIkMjIkMC41eDAgMzAweDI1MCIsImludGVyc2VjdGlvbiQyMiQxMDAiLCJiYXR0ZXJ5JDIyJDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDI3JDk2ZTE0YmVmIiwic29ydCQ2MSQyMS4zNiIsImZyYW1lcmF0ZSQxNTgkOTA HTTP 302
https://api-54-203-218-248.b2c.com:444/api/4?AmUegcyuaHFW11T1

Request Chain 191

https://api-34-219-6-126.b2c.com/api/x?NTR2HGzaDKJh7yQE$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3RocmVhdC1hY3RvcnMtbGF1bmNoZWQtcmFuc29td2FyZS1hdHRhY2tzLWFnYWluc3QtdGhyZWUtdS1zLWNvbGxlZ2VzLXNlaXppbmctdGhlLWRhdGEtb24tc3R1ZGVudHMtYXBwbHlpbmctZm9yLWFkbWlzc2lvbi8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJGh0dHBzOi8vd3d3LnNjbWFnYXppbmUuY29tIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDEiLCJoaWRkZW4kMCQwIiwidmlzaWJpbGl0eVN0YXRlJDAkdmlzaWJsZSIsImhhc0ZvY3VzJDAkMCIsIndpbmRvdyQwJDMwMHgyNTAiLCJpbm5lciQwJDMwMHgyNTAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMSRNb3ppbGxhIiwiYXBwTmFtZSQxJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQxJDUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDEkdHJ1ZSIsImRvTm90VHJhY2skMSQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkOCIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJExpbnV4IHg4Nl82NCIsInByb2R1Y3QkMSRHZWNrbyIsInByb2R1Y3RTdWIkMSQyMDAzMDEwNyIsInNlbmRCZWFjb24kMSQxIiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDEkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMSQiLCJmb250cmVuZGVyJDEkMSIsIndlYmdsJDIkbi9hIiwidGltZSQyJDE1NTMyODc0NDk5NjciLCJ0aW1lem9uZSQyJDAiLCJwbHVnaW5zJDIkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkMiQ0MC42MDE2OTYiLCJtZW0tdXNlZEpTSGVhcFNpemUkMiQyMy4wODA1ODQiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDIkMjE4MS4wMzgwOCIsInRpbWUtZG9tSW50ZXJhY3RpdmUkMiQxIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQyJDEiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQyJDEiLCJ0aW1lLWRvbUNvbXBsZXRlJDIkMSIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQzJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMyRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ3JDAuMzIiLCJnbG9iYWxzJDgkYjM5ZTY4OWIiLCJkb2N1bWVudC10aW1lJDExJDAuNDU1IiwiZG9jdW1lbnQkMTIkNDAzZGI1YzYiLCJjb25uZWN0aW9uJDEyJCIsImRvd25saW5rTWF4JDEyJCIsImdldFVzZXJNZWRpYSQxMiQyIiwiY2xvY2skMTckMzg1NyIsImludGVyc2VjdGlvbi1zaXplJDIxJDE1ODV4MTIwMCIsImJhdHRlcnkkMjIkMSAxIDAgSW5maW5pdHkiLCJhdWRpb2NvbnRleHQkMjUkOTZlMTRiZWYiLCJzb3J0JDY1JDI0LjU2IiwiZnJhbWVyYXRlJDEyOCQ5MA HTTP 302
https://api-34-219-6-126.b2c.com:444/api/4?NTR2HGzaDKJh7yQE

Request Chain 195

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1289435048&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&ul=en-us&de=UTF-8&dt=Ransomware%20attack%20targets%20college%20admissions%20data%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=lytics_refresh&ea=undefined&_u=6GjAAAADQ~&jid=1069147250&gjid=1769866783&cid=553670133.1553287447&tid=UA-1290429-10&_gid=1430259283.1553287451&_r=1&gtm=2wg3b2W475TQW&cd20=all&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=Normal%20(23%20segments%20found)&z=715240304 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_gid=1430259283.1553287451&gjid=1769866783&_v=j73&z=715240304 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_v=j73&z=715240304 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_v=j73&z=715240304&slf_rd=1&random=4054345936

198 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/ 79 KB
21 KB 1145ms
904ms Document
text/html 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f88c0bc0ddfdece9c93b11d632c0ba270fb3350aaa6b9c86e42e715592fe664f

Request headers

:method: GET
:authority: www.scmagazine.com
:scheme: https
:path: /home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 22 Mar 2019 20:44:06 GMT
content-type: text/html; charset=UTF-8
link: <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/" <https://www.scmagazine.com/?p=94297>; rel=shortlink
wpe-backend: apache
x-wpe-loopback-upstream-addr: 127.0.0.1:6783
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
vary: Accept-Encoding,Cookie,X-WPENGINE-SEGMENT
x-cache: MISS
x-pass-why
x-cache-group: normal
x-type: default
x-wpengine-segment: NONHT
content-encoding: gzip

GET
H2 200 style.css
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/gutenberg/build/block-library/ 25 KB
5 KB 57ms
7ms Stylesheet
text/css 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=1552920018
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2b63a484e50b0887ede8571126709a164efc6d3647d5982fb520098be0b6a888

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:18 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd2-65ac"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=2592000

GET
H2 200 shared-style.min.css
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/ 48 KB
8 KB 63ms
14ms Stylesheet
text/css 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/shared-style.min.css?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 33fe4fe8214760f15a5fdd753b5c396ee5b916e5d6f66f79d4765ed260706723

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-c05a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=2592000

GET
H2 200 style.min.css
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/ 237 KB
41 KB 63ms
15ms Stylesheet
text/css 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4de535e21fcc7ed59a24376caec397ec98bb8a170656f40034811e0ed9bbf738

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-3b417"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=2592000

GET
H2 200 css
fonts.googleapis.com/ 3 KB
578 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

9e01cd9d5c99f2550fff5002f1b7fcc1402aa88b84f471214b032a7cde0f42b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 22 Mar 2019 20:44:06 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 22 Mar 2019 20:44:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 825 B
420 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bree+Serif&ver=0.1.1

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

cfe0a4e83927b1dbabba7682082338520b9a150ce2c51ae2298638bc52ed3deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 22 Mar 2019 20:44:06 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 22 Mar 2019 20:44:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:06 GMT

GET
H2 200 jquery.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 95 KB
39 KB 72ms
24ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2016 09:00:29 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5742c6ad-17ba0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 jquery-migrate.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 10 KB
4 KB 74ms
32ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"573eaa90-2748"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 cookie.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/mu-plugins/cookie-controller/js/ 2 KB
1 KB 75ms
34ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/mu-plugins/cookie-controller/js/cookie.min.js?ver=1.2
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/backed
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:18 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd2-834"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 UtilityMove-custom.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/ 2 KB
1 KB 79ms
39ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-751"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 polyfill.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/js/frontend/ 102 KB
39 KB 71ms
32ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/js/frontend/polyfill.min.js?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-19873"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 32 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

67b99ed0a00a9980728c48dfaa3e36f69a76f2966c3ecb4afc57878aa79d8e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "114 / 390 of 1000 / last-modified: 1553212644"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10765
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:06 GMT

GET
H2 200 ads.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/ 18 KB
7 KB 66ms
28ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/ads.min.js?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c20cbbda8d0876c0ec5743020ebe05acb7d207b517768e2d102742ffe1bda4e2

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-47cd"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 SC-MAGAZINE30ANNYnotag.jpg
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/02/ 43 KB
44 KB 34ms
33ms Image
image/jpeg 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/02/SC-MAGAZINE30ANNYnotag.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8cad642d5009d9f538c20ce327532bea1a130c019fae995d6d37da325626347d

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:06 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "574a3100-ad48"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=2592000, public, max-age=2592000
accept-ranges: bytes
content-length: 44360
expires: Fri, 19 Apr 2019 15:55:04 GMT

GET
H2 200 school_1209392.jpg
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/ 91 KB
91 KB 8ms
7ms Image
image/jpeg 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/school_1209392.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b8ae3c6e8675e65c233a1426914f58a96bc3a5900f36b85689d9a0155942cf16

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:07 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "574a3100-16bf7"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=2592000, public, max-age=2592000
accept-ranges: bytes
content-length: 93175
expires: Sun, 21 Apr 2019 11:38:58 GMT

GET
H2 200 spinner.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/ 694 B
916 B 99ms
99ms Image
image/svg+xml 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/spinner.svg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7

Request headers

:path: /wp-content/themes/haymarket/assets/svg/src/spinner.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: nginx
status: 200
etag: "5c8fadd3-2b6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 694

GET
H2 200 appleiphone1041165_1165798-1-150x150.jpg
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/ 5 KB
6 KB 189ms
187ms Image
image/jpeg 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/appleiphone1041165_1165798-1-150x150.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5bcc0598befecb299a8bec3e126e2772290d056fcf68e7e192b7d610247cd0a3

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:07 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "574a3100-154b"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
status: 200
cache-control: max-age=2592000, public, max-age=2592000
accept-ranges: bytes
content-length: 5451
expires: Sun, 21 Apr 2019 20:44:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
27 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

411b7cab5d697d74a54049a75a737b641bb26d9379f2715b8fa6fbc2eb0fa317

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: br
last-modified: Thu, 21 Mar 2019 18:08:06 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27049
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:07 GMT

GET
H2 200 2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js Show response
content.maropost.com/uploads/1325/websites/1/ 3 KB
3 KB 54ms
7ms Script
text/plain 2600:9000:2043:b400:1b:fadc:b780:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://content.maropost.com/uploads/1325/websites/1/2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js?ver=1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:b400:1b:fadc:b780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c7e4012cb73f8c0836fa8aee34bb0da2250b5af84d0c4a1959d60764597f05a

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:31:45 GMT
via: 1.1 1d32f672764a20290d04a16248d04c57.cloudfront.net (CloudFront)
last-modified: Thu, 13 Dec 2018 20:46:06 GMT
server: AmazonS3
age: 13614
etag: "33bca5680760348835deea8e5dcbdb62"
x-cache: Hit from cloudfront
status: 200
accept-ranges: bytes
content-length: 2565
x-amz-cf-id: VmwN7-PNsiGtbEUNL8rkLzfeTDeBVDT3l4Iam-7-aJJmLGkjHM6mSQ==

GET
H2 200 comment_count.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
706 B 34ms
33ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:18 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd2-379"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 blocks.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/ 7 KB
3 KB 14ms
14ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/blocks.min.js?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 64c0f386e23546b11ab28e437684f0ea24cd9e538978c492d8afcb6af9444bc4

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-1b01"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 feather-tool.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/ 550 B
632 B 12ms
10ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.0
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 94308b25a82c6c94b07808115e379e4f4151bde0c44100015cda9cb1c5cdb0e7

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:18 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd2-226"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H/1.1 200
OK hmi-registration-ui.manifest.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 798 B
1 KB 425ms
116ms Script
application/javascript 52.216.81.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.manifest.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.81.19 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1d90939dba16916ae487a09245dfb95ea74654b16d67d90e2621e3ac0be0cef0

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Last-Modified: Tue, 12 Mar 2019 19:44:28 GMT
Server: AmazonS3
x-amz-request-id: 90D35DF56748AC08
ETag: "4676462bfbf5747529591ea2816a9e0c"
Content-Type: application/javascript
Content-Length: 798
Accept-Ranges: bytes
x-amz-version-id: sun_Ltd0adXHs9.ZW_FRguOR6Nb2JbCS
x-amz-id-2: 8wzTK7Uo1yJIu9C7Z54X10ak7tgBWCBnjkbCaQGvRoBtDQ5eGpG9GRsHBBRLZZP5kSWXzBD8boY=

GET
H/1.1 200
OK hmi-registration-ui.vendor.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 337 KB
338 KB 444ms
121ms Script
application/javascript 52.216.81.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.vendor.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.81.19 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e43e078b242c478fb2a0d2e8d1b21dabc9cf8ab15a33d82a8b18a81570ecde26

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Last-Modified: Tue, 12 Mar 2019 19:44:28 GMT
Server: AmazonS3
x-amz-request-id: EF61CC336F6944FE
ETag: "3f49c3de8bde352b9a2d43cbe9a80f38"
Content-Type: application/javascript
Content-Length: 345181
Accept-Ranges: bytes
x-amz-version-id: hYFb142UuKYZqOX8DZ55a8EQw7LBygEf
x-amz-id-2: thnssYWb058J4UDwj9Qsn8JLrV6fDLq3ntGKiLZLysN+WodjHjFbMSo1QqaB0q/ZTRqKFRb1i5Y=

GET
H/1.1 200
OK hmi-registration-ui.bundle.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 517 KB
517 KB 436ms
113ms Script
application/javascript 52.216.81.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.bundle.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.81.19 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4456ccbba2c0f4a6db157881abc08815c353e64d10ea43ccc26bd8ee8cf24d8a

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Last-Modified: Tue, 12 Mar 2019 19:44:28 GMT
Server: AmazonS3
x-amz-request-id: 1E500D321FA5D89D
ETag: "b63d8d9c7a7c2a9b26bd58d7b5cad032"
Content-Type: application/javascript
Content-Length: 529055
Accept-Ranges: bytes
x-amz-version-id: 1Vwb_GHrAk0JqV9LHKsEl9nO8.ECj_LJ
x-amz-id-2: Isi/6q8UhU00lTr5CDwd+kXDOz9WMdqOG7ikRU2vFAdoNaUR+bXtfDOk5HxX+7OkzuuDoKrPTYQ=

GET
H2 200 frontend.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/ 132 KB
42 KB 13ms
12ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c3e9274b133413c69a306619ae2cbd78c137d82017ccb0f72b4e64653b689a04

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-210bf"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 iab.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/ 8 KB
2 KB 10ms
9ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e38c283cf693ccc86f81942e7cae20849f0cfd639bfd5e7362677d91e8f0d4b5

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-1ecd"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 comment_embed.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/ 1 KB
772 B 9ms
9ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=4.9.10
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:18 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd2-47e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 wp-embed.min.js Show response
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
1017 B 12ms
11ms Script
application/x-javascript 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=4.9.10
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Fri, 31 Aug 2018 06:29:28 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5b88e048-57b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=2592000

GET
H2 200 src.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/ 33 KB
11 KB 99ms
98ms Other
image/svg+xml 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1552920019
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811

Request headers

:path: /wp-content/themes/haymarket/assets/svg/src.svg?ver=1552920019
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: nginx
status: 200
etag: W/"5c8fadd3-8317"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 20ms
17ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_319.js Show response
securepubads.g.doubleclick.net/gpt/ 160 KB
57 KB 44ms
41ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 58724
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:07 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin: https://www.scmagazine.com

Response headers

date: Fri, 08 Mar 2019 23:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:20 GMT
server: sffe
age: 1198807
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13944
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:44:00 GMT

GET
H2 200 chevron-right-white.svg
3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/ 190 B
416 B 7ms
7ms Image
image/svg+xml 94.31.29.64
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/chevron-right-white.svg
Requested by: Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1552920019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.64.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8e0da2e2d764c1a202d33dd39287784df8ac6bc20c7401ea14f2d62001292856

Request headers

Referer: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1552920019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:40:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c8fadd3-be"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1552920019

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin: https://www.scmagazine.com

Response headers

date: Fri, 08 Mar 2019 23:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:00 GMT
server: sffe
age: 1200214
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14076
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:20:33 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

155ef7601d4af029d8b6f3efa4ed4984748ea0a36c85f038f129ffdc6fb83b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin: https://www.scmagazine.com

Response headers

date: Sat, 09 Mar 2019 05:17:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:01 GMT
server: sffe
age: 1178771
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14824
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 05:17:56 GMT

GET
H/1.1 200
OK count.js Show response
scmagazineus.disqus.com/ 1 KB
1 KB 718ms
426ms Script
application/javascript 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://scmagazineus.disqus.com/count.js

Requested by

Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 879370
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 11 Mar 2019 17:49:30 GMT
Server: nginx
ETag: "5c869faa-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 3431
date: Fri, 22 Mar 2019 19:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Fri, 22 Mar 2019 21:46:56 GMT

GET
H2 200 7341.js Show response
script.crazyegg.com/pages/scripts/0034/ 86 KB
28 KB 17ms
16ms Script
application/x-javascript 2606:4700::6813:9308
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0034/7341.js?431468
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e60e3b9a4b291934fd0d909ae83a03364c5d514255934ea060211b2d11b949f1

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-polished: origSize=88345
x-cache: RefreshHit from cloudfront
status: 200
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 17:34:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private, max-age=300
cf-ray: 4bbb0071bc7b97f8-FRA
x-amz-cf-id: qtgmp0KROO_OgwrofGcJ94iAxhm4ph1L_kZzHPFT4NbcwO5hAX0ghQ==
cf-bgj: minify

GET
H2 200 init-131xlxqjsfx7lh82dpc.js Show response
api.b2c.com/api/ 13 KB
5 KB 520ms
171ms Script
text/javascript 2600:1f14:e96:5800:5571:ae82:1dfd:9bde
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-131xlxqjsfx7lh82dpc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:5571:ae82:1dfd:9bde , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 3631acd19af105b058f0de1448fff182c213d91cd8b805c7f03a2f780516c463

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 15 KB
5 KB 58ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61176
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 81ms
9ms Script
application/x-javascript 2600:9000:2043:5200:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:5200:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ca5327697815bc7ac6c0073c5b4fbf2f260954bd1a9d5d48d13d5839e918c4bb

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 13:06:17 GMT
content-encoding: gzip
last-modified: Fri, 11 Jan 2019 03:58:12 GMT
server: nginx
age: 27470
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: W4L6BLn2ash7FL6M9dQYRea0gU2yTimaDKKZ_uOeJGWOhNCklH2G4w==
via: 1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront)
expires: Sat, 23 Mar 2019 13:06:17 GMT

GET
H/1.1

200
OK

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
396 B

371ms
89ms

Script
text/html

38.126.130.202
Media6degrees

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.126.130.202 , United States, ASN1422 (MEDIA6-ASN - Media6degrees, US),
Reverse DNS: action-s.pipelane.net
Software: Apache-Coyote/1.1 /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Content-Language: en-US
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5

Redirect headers

Access-Control-Allow-Origin: *
Date: Fri, 22 Mar 2019 20:44:07 GMT
Server: Apache/2.4.6 (CentOS)
Connection: close
Content-Length: 343
Location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1025533&ns=3354&nc=SCUSReaders&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

nspix
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

43 B
308 B

372ms
89ms

Image
image/gif

38.126.130.202
Media6degrees

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.126.130.202 , United States, ASN1422 (MEDIA6-ASN - Media6degrees, US),
Reverse DNS: action-s.pipelane.net
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43

Redirect headers

Access-Control-Allow-Origin: *
Date: Fri, 22 Mar 2019 20:44:07 GMT
Server: Apache/2.4.6 (CentOS)
Connection: close
Content-Length: 359
Location: https://action.media6degrees.com/orbserv/nspix?adv=cl1024098&ns=2939&nc=CA_Technologies_SC_Readers&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

nspix
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

43 B
308 B

377ms
91ms

Image
image/gif

38.126.130.202
Media6degrees

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.126.130.202 , United States, ASN1422 (MEDIA6-ASN - Media6degrees, US),
Reverse DNS: action-s.pipelane.net
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43

Redirect headers

Access-Control-Allow-Origin: *
Date: Fri, 22 Mar 2019 20:44:07 GMT
Server: Apache/2.4.6 (CentOS)
Connection: close
Content-Length: 371
Location: https://action.media6degrees.com/orbserv/nspix?adv=cl1023384&ns=2890&nc=ForcePoint_SC_Readers_Extended_Network&ncv=50&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 84 KB
26 KB 86ms
16ms Script
application/javascript 2606:4700:20::6819:f763
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:f763 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed2c77a12d6be1eb2ca8462376dc9bc53fb4fae1585b1c83aa039c430c7db55

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Mar 2019 12:47:14 GMT
server: cloudflare
x-amz-request-id: 54207C51B1130A6C
etag: W/"7ada2ce9a8c84c157b49a7c077a78d55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4bbb0072ac3d6433-FRA
x-amz-id-2: iK+C7kqvkztLe+sCpm8j1P33xcTe95WwV7R9LANV4Mo56pwYbae/f+t0OasjPBcyEaqeQGGmpyo=
expires: Sat, 23 Mar 2019 00:44:07 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 46 KB
17 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TCMLVLP&t=gtm1&cid=553670133.1553287447

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

01230d34c001264b5b6d801d5578914778cc81637fa76a77fd4fe76b0b7c2841

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 17368
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:07 GMT

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/ 44 KB
11 KB 78ms
13ms Script
application/javascript 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Requested by: Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1552920019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29524d2058638455c86eeb2e1e99102f41a9b80aea82e8399d9827600242b825

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4bbb0072e842c2a1-FRA
expires: Sat, 23 Mar 2019 00:44:07 GMT

GET
H2 200 most-widget Show response
www.scmagazine.com/wp-json/haymarket/v1/ 5 KB
2 KB 99ms
98ms XHR
application/json 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-json/haymarket/v1/most-widget?id=most-5

Requested by

Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1552920019

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-86-31-50.compute-1.amazonaws.com

Software

nginx /

Resource Hash

56b5a5d8fe5b54d0dae838fa7c6c97def4e23787cbbadea45cab15c94ae3264a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /wp-json/haymarket/v1/most-widget?id=most-5
pragma: no-cache
cookie: _ga=GA1.2.553670133.1553287447; _gid=GA1.2.965761810.1553287447
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: default
date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: SHORT
x-cache: HIT: 3
status: 200
x-wpengine-segment: NONHT
vary: Accept-Encoding,Cookie
x-cache-group: normal
access-control-allow-headers: Authorization, Content-Type
wpe-backend: apache
server: nginx
allow: GET
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=600, must-revalidate
x-robots-tag: noindex
link: <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
x-pass-why

GET
H2 200 sso Show response
www.scmagazine.com/wp-json/haymarket/v1/ 22 B
324 B 245ms
244ms XHR
application/json 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-json/haymarket/v1/sso

Requested by

Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1552920019

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-86-31-50.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e57f5d34086e3fd304b9e9303033020d7d2e0965e1ef36e5659bb96a20fdfbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /wp-json/haymarket/v1/sso
pragma: no-cache
cookie: _ga=GA1.2.553670133.1553287447; _gid=GA1.2.965761810.1553287447
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: nocachepath
date: Fri, 22 Mar 2019 20:44:07 GMT
x-content-type-options: nosniff
wpe-backend: apache
server: nginx
link: <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
allow: GET
content-type: application/json; charset=UTF-8
status: 200
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type
content-length: 22

GET
H/1.1 200
OK embed.js Show response
scmagazineus.disqus.com/ 65 KB
22 KB 157ms
26ms Script
application/javascript 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://scmagazineus.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

47016194347d0caaca6424c88c5d12d1e33ac99c4c20f1f906a24520ea387429

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:07 GMT
Content-Encoding: gzip
Server: openresty
Age: 31
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21723

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 490 B
513 B 49ms
48ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

015b30df447be6dc8721d1339757d63d5d3ea9c319b35e04f08cec289eca6d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 322
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_319.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 42ms
42ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25393
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:07 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 496 B
492 B 56ms
55ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7864dec00a861bce0d6aacaebc427306f00047270cbcb7a7cadb10e6b43eb444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 328
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1289435048&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-thr...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_gid=965761810.1553287447&gjid=974319979&_v=j73&z=229217122
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_v=j73&z=229217122
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_v=j73&z=229217122&slf_rd=1&random=288496988

42 B
109 B

20ms
19ms

Image
image/gif

2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_v=j73&z=229217122&slf_rd=1&random=288496988

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1363939079&_v=j73&z=229217122&slf_rd=1&random=288496988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK integrations Show response
polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/ 54 B
432 B 493ms
108ms Fetch
application/json 18.235.176.117
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/integrations
Requested by: Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.176.117 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-235-176-117.compute-1.amazonaws.com
Software: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

Date: Fri, 22 Mar 2019 20:44:07 GMT
Server: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 54

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
548 B 172ms
116ms Image
image/gif 13.35.253.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-54.fra6.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-apigw-id: W9hbsFzyIAMFxrQ=
x-amzn-requestid: 3d078168-4ce3-11e9-b9c3-91b4d7295e8e
access-control-allow-methods: *
content-type: image/gif
status: 200
x-amzn-trace-id: Root=1-5c954917-7cf6595bc0978c4947f1801d;Sampled=0
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key
content-length: 43
x-amz-cf-id: Tdk_unWcz-1GOD1jGCJAc1yRy-mdbl0wgnG2U2rr8GwU8TqDa5YKVg==

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 11ms
11ms Script
application/javascript 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2019 20:43:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4bbb00732934c2a1-FRA
expires: Sat, 23 Mar 2019 00:44:07 GMT

GET
H2 200 8 Show response
c.lytics.io/cid/ 77 B
333 B 160ms
160ms Script
text/javascript 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/cid/8?callback=jQuery112409740808255766813_1553287447044&_=1553287447045
Requested by: Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2edf73736dcca6150ee1aadfa652a5e7287baf8a6ad4b3a0b9443ea3bfe11680

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:07 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: text/javascript
status: 200
content-encoding: br
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007349b9c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 lounge.9974049bf7b0591e5d4f055cb67f3ee3.css
c.disquscdn.com/next/embed/styles/ 103 KB
20 KB 78ms
12ms Stylesheet
text/css 2606:4700::6810:4fa6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.9974049bf7b0591e5d4f055cb67f3ee3.css

Requested by

Host: scmagazineus.disqus.com
URL: https://scmagazineus.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da8673eca8689c04c0f2d5415ec08b7f877d2b06311512f25692e75ff24d1fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4bbb007469fd232a-FRA
status: 200
vary: Accept-Encoding
content-length: 19658
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Mar 2019 21:17:43 GMT
server: cloudflare
cache-control: max-age=31536000, public, immutable, no-transform
etag: "5c7ee777-4cca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
fastly-debug-digest: a803a59379be753079fdb5bf3ee8a04fff6894ff0bb2ed60b8f8b384d1e47c74
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Mar 2020 23:01:11 GMT

GET
H2 200 common.bundle.880980e048a2432334f13013030456ac.js Show response
c.disquscdn.com/next/embed/ 243 KB
81 KB 78ms
13ms Script
application/javascript 2606:4700::6810:4fa6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.880980e048a2432334f13013030456ac.js

Requested by

Host: scmagazineus.disqus.com
URL: https://scmagazineus.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e0dc39f19e2f5c035766778759fd1d349c90208c66607b506aad592fbebac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4bbb007469ff232a-FRA
status: 200
vary: Accept-Encoding
content-length: 82966
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2019 20:05:06 GMT
server: cloudflare
cache-control: max-age=31536000, public, immutable, no-transform
etag: "5c8027f2-14416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
fastly-debug-digest: 9f0f94a9a6d4fa3232045c3cdd41cb592a1cd147b02c9c277c0ab251cd4d2db3
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Mar 2020 21:34:00 GMT

GET
H2 200 lounge.bundle.f71d98f9cdcad4e3f81837ce2794326b.js Show response
c.disquscdn.com/next/embed/ 392 KB
101 KB 83ms
18ms Script
application/javascript 2606:4700::6810:4fa6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.f71d98f9cdcad4e3f81837ce2794326b.js

Requested by

Host: scmagazineus.disqus.com
URL: https://scmagazineus.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8caa1e0c819366876622260f35894f2e893f1ab406ab801d59ff07bd09cc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4bbb007469fe232a-FRA
status: 200
vary: Accept-Encoding
content-length: 103187
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2019 01:08:17 GMT
server: cloudflare
etag: "5c92e401-19313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Mar 2020 19:32:09 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ 6 KB
3 KB 56ms
9ms Script
application/javascript 151.101.128.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: scmagazineus.disqus.com
URL: https://scmagazineus.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

65061cb72b3ac17a45d013375cc3a562f58a9359e322f0fc6e0314d1458b6be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 2693
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

GET
H2 200 804f8f4c8839cb5905d006fb0040d53b
api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/ Frame EAEF 0
0 181ms
119ms Document
text/html 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/804f8f4c8839cb5905d006fb0040d53b?segments=true&mergestate=true&ts=1553287447740
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.192.113 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io ed86abed38 /
Resource Hash

Request headers

:method: GET
:authority: api.lytics.io
:scheme: https
:path: /api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/804f8f4c8839cb5905d006fb0040d53b?segments=true&mergestate=true&ts=1553287447740
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d70d4df02a753fb4ccd321043491245e71553287447; seerid=804f8f4c8839cb5905d006fb0040d53b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/

Response headers

status: 200
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods: GET
access-control-allow-origin
content-encoding: gzip
content-type: text/html
server: lytics.io ed86abed38
date: Fri, 22 Mar 2019 20:44:07 GMT
content-length: 294
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ad.gif
api-54-149-45-227.b2c.com/api/ 43 B
233 B 551ms
172ms Image
image/gif 2600:1f14:e96:5802:1639:b44c:1d24:e6d5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-54-149-45-227.b2c.com/api/ad.gif
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:1639:b44c:1d24:e6d5 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 200
OK x Show response
api-54-149-45-227.b2c.com/api/ 0
363 B 492ms
166ms XHR
text/plain 2600:1f14:e96:5802:1639:b44c:1d24:e6d5
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-149-45-227.b2c.com/api/x?4J6pIwWU4I0s4R5K$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3RocmVhdC1hY3RvcnMtbGF1bmNoZWQtcmFuc29td2FyZS1hdHRhY2tzLWFnYWluc3QtdGhyZWUtdS1zLWNvbGxlZ2VzLXNlaXppbmctdGhlLWRhdGEtb24tc3R1ZGVudHMtYXBwbHlpbmctZm9yLWFkbWlzc2lvbi8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNTg1eDEyMDAiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQxJDEiLCJhcHBDb2RlTmFtZSQxJE1vemlsbGEiLCJhcHBOYW1lJDEkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDEkNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMiR0cnVlIiwiZG9Ob3RUcmFjayQyJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMiQ4IiwibGFuZ3VhZ2UkMiRlbi1VUyIsInBsYXRmb3JtJDIkTGludXggeDg2XzY0IiwicHJvZHVjdCQyJEdlY2tvIiwicHJvZHVjdFN1YiQyJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQyJDEiLCJ1c2VyQWdlbnQkMiRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMiRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQyJCIsImZvbnRyZW5kZXIkNiQxIiwid2ViZ2wkNyRuL2EiLCJ0aW1lJDckMTU1MzI4NzQ0Nzg0OSIsInRpbWV6b25lJDckMCIsInBsdWdpbnMkNyROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQ4JDE1LjQwNDM4NCIsIm1lbS11c2VkSlNIZWFwU2l6ZSQ4JDEyLjcyMzA3MiIsIm1lbS1qc0hlYXBTaXplTGltaXQkOCQyMTgxLjAzODA4IiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ4JDEiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ4JDQ4IiwidGltZS1jb25uZWN0U3RhcnQkOCQ0OCIsInRpbWUtY29ubmVjdEVuZCQ4JDI0MiIsInRpbWUtc2VjdXJlQ29ubmVjdGlvblN0YXJ0JDgkMTQzIiwidGltZS1yZXF1ZXN0U3RhcnQkOCQyNDIiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkOCQxMTQ2IiwidGltZS1yZXNwb25zZUVuZCQ4JDExNDciLCJ0aW1lLWRvbUxvYWRpbmckOCQxMTUxIiwidGltZS1kb21JbnRlcmFjdGl2ZSQ4JDE3MzQiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkOCQwIiwibmF2aWdhdGlvbi10eXBlJDgkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMTUkMC41NDUiLCJnbG9iYWxzJDE2JGIzOWU2ODliIiwiZG9jdW1lbnQtdGltZSQyNSQwLjg5NSIsImRvY3VtZW50JDI3JDQwM2RiNWM2IiwiY29ubmVjdGlvbiQyNyQiLCJkb3dubGlua01heCQyNyQiLCJnZXRVc2VyTWVkaWEkMjckMiIsImNsb2NrJDM0JDI4MzciLCJiYXR0ZXJ5JDM2JDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDUyJDk2ZTE0YmVmIiwic29ydCQ4NSQyOC4zNDU
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:1639:b44c:1d24:e6d5 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:08 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
H/1.1 200
OK script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
641 B 463ms
106ms Script
text/javascript 18.213.92.219
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr
Requested by: Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.92.219 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-213-92-219.compute-1.amazonaws.com
Software: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 471ab3b374a8298423c5826ad9fc8f85d6cd2c4b32adf75a6c8c7ec8334ccf26

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Content-Encoding: gzip
Server: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5
ETag: "5c954917d322a50001e0f4e6-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 148

GET
H/1.1 200
OK pixel.js Show response
polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/ 32 B
456 B 467ms
109ms Script
text/javascript 18.213.92.219
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/pixel.js?pk=feathr
Requested by: Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.92.219 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-213-92-219.compute-1.amazonaws.com
Software: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Server: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=14400
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 32

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-...
https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1553287448225%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity...
https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-...

0
87 B

170ms
169ms

Script
application/javascript

2620:109:c00c:104::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:109:c00c:104::b93f:9005 , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: OT6Jf7RijhWAw64OmisAAA==

Redirect headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-efr5
content-length: 20
x-li-uuid: 0Mu5tKpijhWgG4kPnCsAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect/?time=1553287448225&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 342ms
107ms Image
image/gif 54.87.95.71
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=scmagazine.com&p=%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&u=ChISLfCfYR6qB6nMbE&d=scmagazine.com&g=56851&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2379&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2486&t=B9NpG9D8L8vlgyosIGfMxkD-BTa6&V=111&i=Ransomware%20attack%20targets%20college%20admissions%20data%20%7C%20SC%20Media&tz=0&sn=1&sv=tdkCzy2QoFDgpOtkDEHsDZDTZZx4&sd=1&im=067b2fff&_
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.95.71 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-87-95-71.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

4
api-54-149-45-227.b2c.com/api/
Redirect Chain

https://api-54-149-45-227.b2c.com/api/x?4J6pIwWU4I0s4R5K$ZnJhbWVyYXRlJDMxOCQxMCIsImludGVyc2VjdGlvbi1zaXplJDM0MyQxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24tZW50ZXIkMzQzJDB4MCAxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24k...
https://api-54-149-45-227.b2c.com:444/api/4?4J6pIwWU4I0s4R5K

43 B
438 B

710ms
183ms

Other
image/gif

54.149.45.227
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-149-45-227.b2c.com:444/api/4?4J6pIwWU4I0s4R5K
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.45.227 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-149-45-227.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:09 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

Redirect headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://api-54-149-45-227.b2c.com:444/api/4?4J6pIwWU4I0s4R5K
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 98 KB
20 KB 13ms
11ms Script
application/javascript 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2904791a3d21ac418c20883cb50a3f5923f1600fe9793cf7662a98f0cc9a2e00

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2019 20:43:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4bbb00791ba2c2a1-FRA
expires: Sat, 23 Mar 2019 00:44:08 GMT

GET
H2 200 8514ca3b54284ee6e75983f95ff7262a
c.lytics.io/c/ 35 B
95 B 150ms
148ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a?login=false&publicationId=76&channel=home&email=&user_id=&pagetype=post&tags=cyberscurity%2Ccybersecurity%2Cdata%20breaches%2Cnetwork%20security%2Cransomware&categories=security%20news&userstate=&pagename=Ransomware%20attack%20targets%20college%20admissions%20data&author=Robert%20Abel&cpn=&userspecialty=&userprofession=&section=home%3Asecurity%20news%3Aransomware%20attack%20targets%20college%20admissions%20data&_ts=1553287448472&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00791ba6c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 8514ca3b54284ee6e75983f95ff7262a
c.lytics.io/c/ 35 B
106 B 133ms
131ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a?_ts=1553287448474&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00791baac2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
95 B 133ms
132ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?gtm.start=1553287446946&event=gtm.js&gtm.uniqueEventId=0&_ts=1553287448474&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00791badc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
94 B 119ms
118ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.AdBlocking=&_ts=1553287448474&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00792c04c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
94 B 127ms
127ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.ArticleId=94297%3A0&_ts=1553287448474&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb0079cdcac2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 124ms
122ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.ArticleType=News&_ts=1553287448475&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb0079ee4ec2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 120ms
118ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.LoggedIn=false&_ts=1553287448475&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb0079ee50c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 124ms
122ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Login=false&_ts=1553287448475&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb0079ee52c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 119ms
118ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.MetaData=&_ts=1553287448475&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb0079ee54c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
92 B 124ms
123ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.NHTFlag=false&_ts=1553287448475&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007a0e91c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 138ms
138ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Type=post&_ts=1553287448476&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007a9857c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
92 B 156ms
155ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.ScrollDepth=&_ts=1553287448476&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007aa8a1c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 120ms
119ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.cmeActivityId=&_ts=1553287448476&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007aa8a5c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 117ms
116ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.PrintSource=&_ts=1553287448476&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ab8bec2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 119ms
118ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.SEOScore=70&_ts=1553287448477&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ab8c1c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 133ms
131ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Site.Prefix=omn&_ts=1553287448478&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ad91cc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 130ms
126ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SocSSN=&_ts=1553287448478&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007b7b5cc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
116 B 160ms
156ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SSO=0&_ts=1553287448478&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007b7b61c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 124ms
121ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubscriberId=&_ts=1553287448478&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007b7b64c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 167ms
165ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Source=haymarket&_ts=1553287448478&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007b7b67c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 150ms
149ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Site.PublicationId=76&_ts=1553287448479&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007bac19c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
92 B 129ms
129ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Author=Robert%20Abel&_ts=1553287448479&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007bac1ec2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
92 B 128ms
127ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Profession=&_ts=1553287448479&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007c3e1ec2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 124ms
124ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Specialty=&_ts=1553287448479&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007c4e29c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 115ms
115ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubProfession=&_ts=1553287448479&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007c7f03c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 132ms
131ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubSpecialty=&_ts=1553287448480&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007c7f15c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 119ms
117ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.JobTitle=&_ts=1553287448480&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007c8f60c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 120ms
119ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.PremiumMonograph=&_ts=1553287448480&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007c9f78c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 125ms
124ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.Geolocation=&_ts=1553287448480&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007d08b9c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 125ms
124ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.CampaignCodes=&_ts=1553287448480&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007d08bbc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 119ms
118ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Country=&_ts=1553287448481&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007d2914c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 122ms
120ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Activity.Name=&_ts=1553287448481&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007d498ac2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 126ms
125ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.GenericEvents=&_ts=1553287448481&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007d4992c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 120ms
119ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.CurrencyCode=&_ts=1553287448481&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007d59b9c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 145ms
143ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.OrderId=&_ts=1553287448481&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ddb31c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 125ms
124ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Drug.CompanyName=&_ts=1553287448482&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ddb33c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 119ms
118ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.IsPremiumMonograph=false&_ts=1553287448482&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007deb8bc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 168ms
165ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.GatingType=post%3Anone&_ts=1553287448482&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007e0bf9c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
100 B 119ms
117ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Company=&_ts=1553287448482&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007e1c19c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
92 B 120ms
119ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Discipline=&_ts=1553287448482&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007e1c1bc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
165 B 117ms
117ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Asset=&_ts=1553287448483&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007e9d9ec2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
92 B 138ms
137ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.PublishDate=03%2F11%2F2019&_ts=1553287448483&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007eadcac2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
101 B 127ms
126ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Curation=false&_ts=1553287448483&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ebdf4c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 133ms
133ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.WordCount=165&_ts=1553287448483&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ede39c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 126ms
126ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Company=&_ts=1553287448483&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007ede43c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 121ms
120ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.CompanySize=&_ts=1553287448484&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007f1f12c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
231 B 116ms
116ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?MyCME.CreditType=&_ts=1553287448484&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007f5ffac2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 140ms
138ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?MyCME.ActivityResult=&_ts=1553287448484&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007f98fbc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 128ms
127ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.NumberofAdCalls=11&_ts=1553287448484&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007f98fdc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 123ms
122ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.ProductsInCart=&_ts=1553287448484&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007fa926c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 121ms
120ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section1=home&_ts=1553287448485&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007fb961c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
92 B 120ms
119ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section2=home%3Asecurity%20news&_ts=1553287448485&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb007fea1ec2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
103 B 134ms
133ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section3=home%3Asecurity%20news%3Aransomware%20attack%20targets%20college%20admissions%20data&_ts=1553287448485&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00801a82c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 122ms
121ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section4=&_ts=1553287448485&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00805b3fc2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 130ms
129ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Tags=cyberscurity%2Ccybersecurity%2Cdata%20breaches%2Cnetwork%20security%2Cransomware&_ts=1553287448486&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00806b84c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 192ms
191ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Categories=security%20news&_ts=1553287448486&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00806b87c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/ 35 B
93 B 116ms
116ms Image
image/gif 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?gtm.start=1553287447407&event=gtm.js&gtm.uniqueEventId=2&_ts=1553287448486&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&_uid=804f8f4c8839cb5905d006fb0040d53b&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4bbb00806b93c2a1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 804f8f4c8839cb5905d006fb0040d53b Show response
api.lytics.io/api/content/recommend/8514ca3b54284ee6e75983f95ff7262a/user/_uid/ 84 KB
11 KB 722ms
682ms XHR
application/json 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/content/recommend/8514ca3b54284ee6e75983f95ff7262a/user/_uid/804f8f4c8839cb5905d006fb0040d53b?limit=30&contentsegment=scm_collection&shuffle=true
Requested by: Host: 3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1552920019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.192.113 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io ed86abed38 /
Resource Hash: d325a923a16286d29f35ded6d128f822899f617cf400601956b8f9d5edcda413

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

date: Fri, 22 Mar 2019 20:44:09 GMT
content-encoding: gzip
server: lytics.io ed86abed38
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
status: 200
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.scmagazine.com
alt-svc: clear
via: 1.1 google

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
3 KB 12ms
12ms Stylesheet
text/css 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2019 20:43:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4bbb00793c2ac2a1-FRA
expires: Sat, 23 Mar 2019 00:44:08 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/8514ca3b54284ee6e75983f95ff7262a/ 376 B
356 B 9ms
9ms Script
application/javascript 2606:4700:20::6819:5465
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/8514ca3b54284ee6e75983f95ff7262a/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4967d03fb66f41ab7a7bef6265dbc532e549d91805ff654f1656bc790b6dcff2

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:09 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4bbb0080ac63c2a1-FRA
expires: Sat, 23 Mar 2019 00:44:09 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 177ms
176ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3854314125481638&correlator=1097992784332304&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21062452%2C21062456%2C21063065%2C21063348&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fleaderboard_top&sz=728x90%7C970x250&scp=pos%3Dleaderboard_top&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3DRobert%2520Abel%26postID%3D94297%26env%3Dlive%26sid%3DSecurity_News%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3Dcyberscurity%252CCybersecurity%252CData_Breaches%252CNetwork_Security%252CRansomware%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_072017_priority_2_81_secureworks_15%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D24b2b0020593f14a%3AT%3D1553287447%3AS%3DALNI_MaWjI4UAs6G36aDhcuH5xxdSaXuzA&cookie_enabled=1&bc=15&abxe=1&lmt=1553287448&dt=1553287448528&dlt=1553287446918&idt=433&frm=20&biw=1585&bih=1200&oid=3&adx=193&ady=194&adk=3419787810&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&dssz=67&icsg=738871813865472&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=553670133.1553287447&ga_sid=1553287447&ga_hid=1289435048&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9b918da624a9f1ac4937338123b488a87f744194a17d9bb5bffa039a2b3fbe2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4592
x-xss-protection: 1; mode=block
google-lineitem-id: 133590745
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138265148264
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
polo-v1.feathr.co/v1/analytics/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5c954917d322a50001e0f4e6&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5c954917d322a50001e0f4e6&gdpr=0
https://polo-v1.feathr.co/v1/analytics/match?f_id=5c954917d322a50001e0f4e6&ttd_id=e02c415e-219a-4260-8798-c701a906e29d

43 B
458 B

489ms
107ms

Image
image/gif

18.213.92.219
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polo-v1.feathr.co/v1/analytics/match?f_id=5c954917d322a50001e0f4e6&ttd_id=e02c415e-219a-4260-8798-c701a906e29d
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.92.219 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-213-92-219.compute-1.amazonaws.com
Software: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:09 GMT
Server: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,no-cache,no-store
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 43

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:08 GMT
x-aspnet-version: 4.0.30319
location: https://polo-v1.feathr.co/v1/analytics/match?f_id=5c954917d322a50001e0f4e6&ttd_id=e02c415e-219a-4260-8798-c701a906e29d
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1 200
OK crumb
polo.feathr.co/v1/analytics/ 43 B
458 B 194ms
194ms Image
image/gif 18.213.92.219
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polo.feathr.co/v1/analytics/crumb?cb=1553287448624&a_id=5c2d2a2366bba411c7d26e37&f_id=5c954917d322a50001e0f4e6&ses_id=5c9549171df2376cf4eac64a&flvr=page_view&loc_url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.92.219 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-213-92-219.compute-1.amazonaws.com
Software: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:09 GMT
Server: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,no-cache,no-store
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 43

POST
H/1.1 200
OK x
api-54-149-45-227.b2c.com/api/ 0
363 B 173ms
172ms Other
text/plain 2600:1f14:e96:5802:1639:b44c:1d24:e6d5
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-149-45-227.b2c.com/api/x?4J6pIwWU4I0s4R5K$YWRibG9jayQ1ODkkMA
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:1639:b44c:1d24:e6d5 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:09 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame 1B03 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B03 79 KB
29 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

60fdb35f6ad4bb9182219967e37128a310ac24a1ce67bc8cadb11ad956de8aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553253327984164"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29871
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:08 GMT

GET
H2 200 init-140r6opg3f7b3b5fypx.js Show response
api.b2c.com/api/ Frame 1B03 12 KB
5 KB 169ms
167ms Script
text/javascript 2600:1f14:e96:5800:5571:ae82:1dfd:9bde
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21776212704&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138265148264&sid=Security_News
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:5571:ae82:1dfd:9bde , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 4e77140b8c972fbef43ae7e06485040f0a70246532739e98a8277bc2373f7146

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
H2 200 9114999926211450122
tpc.googlesyndication.com/simgad/ Frame 1B03 45 KB
45 KB 11ms
11ms Image
image/gif 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9114999926211450122

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f1d70809c8ac5942aa10f19fac6c7e9df3fc62629e99243659f9f851204da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 16:06:24 GMT
x-content-type-options: nosniff
age: 16664
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 45864
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2019 15:59:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Mar 2020 16:06:24 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
486 B 60ms
59ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3854314125481638&correlator=1097992784332304&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21062452%2C21062456%2C21063065%2C21063348&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fleaderboard_bottom&sz=728x90%7C970x250&scp=pos%3Dleaderboard_bottom%26lid%3D133590745&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3DRobert%2520Abel%26postID%3D94297%26env%3Dlive%26sid%3DSecurity_News%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3Dcyberscurity%252CCybersecurity%252CData_Breaches%252CNetwork_Security%252CRansomware%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_072017_priority_2_81_secureworks_15%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D24b2b0020593f14a%3AT%3D1553287447%3AS%3DALNI_MaWjI4UAs6G36aDhcuH5xxdSaXuzA&cookie_enabled=1&bc=15&abxe=1&lmt=1553287448&dt=1553287448728&dlt=1553287446918&idt=433&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2144&adk=61858915&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&dssz=66&icsg=738871813865472&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&psts=CjcI2d3ZP-gB6Pb6iYMEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYAC4MXaj1HRAjxnlpjeeh7S&ga_vid=553670133.1553287447&ga_sid=1553287447&ga_hid=1289435048&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a7fcb8d67ebde90b461152d3446e816f072202a816394cac5bcd768e745ef0e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 207
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3da096eadec42f2ee70ba0d51e8a54704543b5b67a957732d8c244cd90b731ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553253327984164"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29012
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:09 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B03 0
52 B 20ms
20ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKDDDhUvNo2evZHQk9eVrTkwMssJJBDkCQw5pjlZHFa-aNnkrEck0FQnhCtPXjGH8m-HKg3Kvm6jFXJDk20YxNHoLBq6CYPQAtGqwdVLKqPgLxbKdvVSgO9IHYgatLUzN6kl2wgdWpNiZ5_V-k2CU_6LSsxO6o6zoeg56mTbhHYfHQZkGJoMZyGCnPdrjlBTHE_8R3N_NQblwGD0WwZD1PZturmVEFfwnr_nh-NVLasoBtsdp1U9mKHA-loukHIAm2dAX43chfZlY_YT_GAW3GYjKw4nd0cLVx&sai=AMfl-YRg24pn0W5KrFwO0FWTU9tfe0AysDpFV2snQ50r2nRiqWKcfLbyfbCpB7Puras_8xcYMFLlRXjDBtK-qXhw-hFSE6MP0HgOW_nbV9Tt&sig=Cg0ArKJSzJH6s1wSTDnuEAE&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 1B03 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 481185a77675bddcb1ad4717ef0f12794355fb7001ca30896bc76bed3e7900d7

Request headers

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 149ms
148ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3854314125481638&correlator=1097992784332304&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21062452%2C21062456%2C21063065%2C21063348&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fbox_1&sz=300x250%7C300x600%7C300x1050&scp=pos%3Dbox_1%26lid%3D133590745%2Cnull&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3DRobert%2520Abel%26postID%3D94297%26env%3Dlive%26sid%3DSecurity_News%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3Dcyberscurity%252CCybersecurity%252CData_Breaches%252CNetwork_Security%252CRansomware%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_072017_priority_2_81_secureworks_15%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D24b2b0020593f14a%3AT%3D1553287447%3AS%3DALNI_MaWjI4UAs6G36aDhcuH5xxdSaXuzA&cookie_enabled=1&bc=15&abxe=1&lmt=1553287448&dt=1553287448803&dlt=1553287446918&idt=433&frm=20&biw=1585&bih=1200&oid=3&adx=1053&ady=359&adk=571377879&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&dssz=67&icsg=738871813865472&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&psts=CjcI2d3ZP-gB6Pb6iYMEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYAC4MXaj1HRAjxnlpjeeh7S&ga_vid=553670133.1553287447&ga_sid=1553287447&ga_hid=1289435048&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

2a2662269dcff61677f3cff8aca472a6b6969e6e749200c77b123373f15491af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4664
x-xss-protection: 1; mode=block
google-lineitem-id: 133590745
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138256839584
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame 1781 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1781 79 KB
0 42ms
41ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

60fdb35f6ad4bb9182219967e37128a310ac24a1ce67bc8cadb11ad956de8aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553253327984164"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29871
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:08 GMT

GET
H2 200 init-140r6opg3f7b3b5fypx.js Show response
api.b2c.com/api/ Frame 1781 12 KB
5 KB 167ms
167ms Script
text/javascript 2600:1f14:e96:5800:5571:ae82:1dfd:9bde
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21776033306&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138256839584&sid=Security_News
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:5571:ae82:1dfd:9bde , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: c3de201eaab78b314512dcb695b7dde49e6e0938387331f56109449795a66f06

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
DATA 200
OK truncated
/ Frame 1781 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b364e06239be7ab49c269bb58c15cee38deeaf5b4c032f3bae5b652c4aa497bc

Request headers

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
5 KB 242ms
241ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3854314125481638&correlator=1097992784332304&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21062452%2C21062456%2C21063065%2C21063348&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fbox_2&sz=300x250%7C300x600&scp=pos%3Dbox_2%26lid%3D133590745%2Cnull&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3DRobert%2520Abel%26postID%3D94297%26env%3Dlive%26sid%3DSecurity_News%26search%3Dfalse%26log%3D0%26styleid%3D%26cat%3Dcyberscurity%252CCybersecurity%252CData_Breaches%252CNetwork_Security%252CRansomware%26browser%3DChrome%252067%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_072017_priority_2_81_secureworks_15%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D24b2b0020593f14a%3AT%3D1553287447%3AS%3DALNI_MaWjI4UAs6G36aDhcuH5xxdSaXuzA&cookie_enabled=1&bc=15&abxe=1&lmt=1553287448&dt=1553287448984&dlt=1553287446918&idt=433&frm=20&biw=1585&bih=1200&oid=3&adx=1053&ady=1229&adk=3523753414&uci=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&dssz=67&icsg=738871813865472&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&psts=CjcI2d3ZP-gBoOf_hYMEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYACmszPj1HRAlb-zmDQHTat%2CCjcI2d3ZP-gB6Pb6iYMEgAKxuYAPgAKB3_ohgAL53_ohgALaxdqPUYAC4MXaj1HRAjxnlpjeeh7S&ga_vid=553670133.1553287447&ga_sid=1553287447&ga_hid=1289435048&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

679c120eb9d79cdeff370642128f691808c340d75f240c63a45313a2711aa71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com

Response headers

date: Fri, 22 Mar 2019 20:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4771
x-xss-protection: 1; mode=block
google-lineitem-id: 133590745
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138265445734
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1781 0
61 B 19ms
18ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwFLXsC9NBvohTZ2egIDWZDUQV5UwrSwdjThMmsrjxhorIAOoFJHIty0G1EYYZszL4hcsjqyq7lbx0h0G_1S3TWuiPykgh9OPZ2uqx6YSOy85Dq0Z9teuqzuGzpvgM_Zn8UjxY9t39zTVwj9beVGMJBW2w-EyFqt_2Ki9k6wNq2MV8anjywGmKGjfOXeggGE8nXQ3s7hb-aP1CkAJbo9v-b8l6B1sTu8QM8nTsKVHzgBVmAtYfIysG7a3GhWMT0whMrtWa_mleWPcuEGf27Oo&sai=AMfl-YSn3iEXQITT8HZfg1EhLiwdOKbii9Jirb3GFfiBTVyHNqLTmeaxO6y3YbBNtSuPY3jZkhBbSeVYHI1bfZfMCo2M2h-116eDFoWnxjLsxPzigNPAsuYTWUmxP2E&sig=Cg0ArKJSzOiRiiKW_NcIEAE&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 1965222455588632000
tpc.googlesyndication.com/simgad/ Frame 1781 104 KB
104 KB 9ms
8ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1965222455588632000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f006d9bc740395b50e860b9b0233e701b7ef3567168e41b6e592046b9e326b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:44:08 GMT
x-content-type-options: nosniff
age: 1184401
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 106537
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Jan 2019 18:13:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 03:44:08 GMT

GET
H2 200 phishingemail57027286_726359.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 114 KB
114 KB 99ms
98ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/phishingemail57027286_726359.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8277046b4728151496f534a8ff54ea92aacacafe874e71ff403d4c698c4bfb1a

Request headers

:path: /wp-content/uploads/sites/4/2018/07/phishingemail57027286_726359.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-1c7d6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 116694
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 productlogoheader_1369545-1.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/08/ 160 KB
160 KB 275ms
274ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/08/productlogoheader_1369545-1.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e01a44849121561b1849048879e056fbe612132e104edbabef256aaa926c6dde

Request headers

:path: /wp-content/uploads/sites/4/2018/08/productlogoheader_1369545-1.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-27ffe"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 163838
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 ciscotransresized_1354938.png
www.scmagazine.com/wp-content/uploads/sites/4/2018/08/ 3 KB
3 KB 272ms
271ms Image
image/png 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/08/ciscotransresized_1354938.png
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fd220ed35b72aa7713de3e7ba9cf988681531888e86d4a4d0b585def878cab32

Request headers

:path: /wp-content/uploads/sites/4/2018/08/ciscotransresized_1354938.png
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-c19"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 3097
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 PRIVACY-Predictions-banner.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/12/ 440 KB
441 KB 98ms
98ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/12/PRIVACY-Predictions-banner.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8eee3a6be61979cc46f626f7d79a0ee490a025dbef0d923da6a946ed27e231b2

Request headers

:path: /wp-content/uploads/sites/4/2018/12/PRIVACY-Predictions-banner.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-6e1bf"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 451007
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 ransomware2_1308382-2.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/08/ 144 KB
144 KB 157ms
157ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/08/ransomware2_1308382-2.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 32ca65dd304efa5241cd5eefcc2ed9be6f897a390934a232bcfffcbf0f108c02

Request headers

:path: /wp-content/uploads/sites/4/2018/08/ransomware2_1308382-2.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-24009"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 147465
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 0408-retail-intro_14671.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 611 KB
612 KB 132ms
131ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/0408-retail-intro_14671.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f2e39668a20d08f09afdc26d253f407b640ef7456a89cfd163015066d871fcc8

Request headers

:path: /wp-content/uploads/sites/4/2018/07/0408-retail-intro_14671.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-98aa3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 625315
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 Arkansas.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/11/ 254 KB
254 KB 197ms
196ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/11/Arkansas.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4946bb242473afbd7b41036315cd3c04c26425a28d15b81fcb6aecc4e6752395

Request headers

:path: /wp-content/uploads/sites/4/2018/11/Arkansas.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-3f7a0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 260000
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 supply-and-demand-small.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/12/ 1023 KB
1 MB 201ms
200ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/12/supply-and-demand-small.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 055c9988ca77473a45a5ec6c5eae495120bcb612b32359a1faafa0c772dc1a95

Request headers

:path: /wp-content/uploads/sites/4/2018/12/supply-and-demand-small.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-ffa82"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 1047170
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 oct-is-ncsam-twitter-v1.png
www.scmagazine.com/wp-content/uploads/sites/4/2018/10/ 761 KB
762 KB 287ms
286ms Image
image/png 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/10/oct-is-ncsam-twitter-v1.png
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca8396fc329ad8381d48ca97e0d132e89928b56c18bc0ecd670657c4d63501e4

Request headers

:path: /wp-content/uploads/sites/4/2018/10/oct-is-ncsam-twitter-v1.png
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-be3b5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 779189
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 telegrammessageapp875461_1028794-2.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 8 KB
9 KB 212ms
212ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/telegrammessageapp875461_1028794-2.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 07ceab98ce05a7204150adb5f25a841f6732ef283907d746a8e4f416daeb53b0

Request headers

:path: /wp-content/uploads/sites/4/2018/07/telegrammessageapp875461_1028794-2.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-2124"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 8484
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 stu1-1.png
www.scmagazine.com/wp-content/uploads/sites/4/2018/10/ 33 KB
33 KB 210ms
209ms Image
image/png 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/10/stu1-1.png
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4400ba12fc49a86640974d46d2476c8ffc2ebff620b8b1d2cf72d49bc69bc6aa

Request headers

:path: /wp-content/uploads/sites/4/2018/10/stu1-1.png
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:09 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-838d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 33677
expires: Sun, 21 Apr 2019 20:44:09 GMT

GET
H2 200 Maine.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/10/ 346 KB
347 KB 114ms
113ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/10/Maine.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d0e369c8ddf204cd59396e1f15945d6f892d43091bf559a5df8a724756e6c50e

Request headers

:path: /wp-content/uploads/sites/4/2018/10/Maine.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-5680b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 354315
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 puush1_751914-9.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 112 KB
112 KB 118ms
117ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/puush1_751914-9.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5defe440039097d869dcc438d41487a045c28b9695c9220caa16a2e7009902fb

Request headers

:path: /wp-content/uploads/sites/4/2018/07/puush1_751914-9.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-1beff"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 114431
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 Ryuk.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2019/01/ 168 KB
168 KB 102ms
101ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2019/01/Ryuk.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9ef5ebba3888de791beb4d7ac5614664381af2b8f75570b125c16d6d622ef5d8

Request headers

:path: /wp-content/uploads/sites/4/2019/01/Ryuk.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-29e79"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 171641
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 DarthMiner.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/12/ 202 KB
203 KB 102ms
99ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/12/DarthMiner.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1c8b0c7d14c16cdcc09362272ab07ca73a0e2cbafd5f3c6611dae16b5299f1d8

Request headers

:path: /wp-content/uploads/sites/4/2018/12/DarthMiner.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-329ea"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 207338
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 bitcoinwallet2_1353503.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 92 KB
92 KB 107ms
105ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/bitcoinwallet2_1353503.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 407348148e099c694fe66b76e2bb1db76f99be8bdcd2cb4b24f8ec8e0fa2b3c7

Request headers

:path: /wp-content/uploads/sites/4/2018/07/bitcoinwallet2_1353503.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-16fda"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 94170
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 Opinion_TomLe.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/10/ 128 KB
129 KB 103ms
102ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/10/Opinion_TomLe.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 597e196bad54cb188ed7745af600a1ebdc56667f4757ddab2f2efa0bbab7b55d

Request headers

:path: /wp-content/uploads/sites/4/2018/10/Opinion_TomLe.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-201a2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 131490
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 executivesconcerned2_713674.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 21 KB
21 KB 102ms
101ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/executivesconcerned2_713674.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 535edbf8f46eb2a14ff21a4806bdc5e7c34b94e4986fb1b9d2e34a91c5c80827

Request headers

:path: /wp-content/uploads/sites/4/2018/07/executivesconcerned2_713674.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-539b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 21403
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 413pxandroidupdatescreen_846374-11.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 20 KB
20 KB 99ms
99ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/413pxandroidupdatescreen_846374-11.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 323b5839559581754a7eec71a8041919b64b1edad7f5c8b81a87499a37f15080

Request headers

:path: /wp-content/uploads/sites/4/2018/07/413pxandroidupdatescreen_846374-11.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-4f1b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 20251
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 iotskyline1246105_1425159.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 31 KB
31 KB 104ms
100ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/iotskyline1246105_1425159.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 93cb16ef79a563db85c96612f655f1068af4791a2cfbd7775532037d38e72e2d

Request headers

:path: /wp-content/uploads/sites/4/2018/07/iotskyline1246105_1425159.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-7b6b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 31595
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 phishingemail5_702728.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 114 KB
114 KB 105ms
102ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/phishingemail5_702728.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8277046b4728151496f534a8ff54ea92aacacafe874e71ff403d4c698c4bfb1a

Request headers

:path: /wp-content/uploads/sites/4/2018/07/phishingemail5_702728.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-1c7d6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 116694
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 malicious5_754976-26.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 60 KB
60 KB 106ms
105ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/malicious5_754976-26.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fad32328a0e104c32e5f61eafb03e0518eded7af80a321ff9eae78250cabf83a

Request headers

:path: /wp-content/uploads/sites/4/2018/07/malicious5_754976-26.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-f022"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 61474
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 cc0008254_693831.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 123 KB
123 KB 104ms
104ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/cc0008254_693831.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41a1b87a4754b4b1ac551edf5c52c6f4b67fac2bb2f06fbe9000b4355eb20a90

Request headers

:path: /wp-content/uploads/sites/4/2018/07/cc0008254_693831.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-1eabf"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 125631
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 paypal1_640986.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 48 KB
48 KB 107ms
107ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/paypal1_640986.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 049d45f8c718790a6a447170a8856d704cb933a412669360465b1593ede4d359

Request headers

:path: /wp-content/uploads/sites/4/2018/07/paypal1_640986.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-c084"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 49284
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 sunglasses303327960720_990244-1.png
www.scmagazine.com/wp-content/uploads/sites/4/2018/07/ 41 KB
41 KB 104ms
102ms Image
image/png 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/07/sunglasses303327960720_990244-1.png
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 75328623300d84bcb66d60f7458cd10cba5f07122e9b1c24a4c1dc8466af0851

Request headers

:path: /wp-content/uploads/sites/4/2018/07/sunglasses303327960720_990244-1.png
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-a38e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 41870
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 Algosec-1.jpg
www.scmagazine.com/wp-content/uploads/sites/4/2018/10/ 459 KB
460 KB 99ms
99ms Image
image/jpeg 54.86.31.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scmagazine.com/wp-content/uploads/sites/4/2018/10/Algosec-1.jpg
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.86.31.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-31-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2e42416a784ea322e462ecc0085a86013315dce1f3a7808c8ada6f5b1656682c

Request headers

:path: /wp-content/uploads/sites/4/2018/10/Algosec-1.jpg
pragma: no-cache
cookie: ly_segs=%7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D; PathforaPageView=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.scmagazine.com
referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
:scheme: https
:method: GET
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: largefs
date: Fri, 22 Mar 2019 20:44:10 GMT
last-modified: Sun, 29 May 2016 00:00:00 GMT
server: nginx
status: 200
etag: "574a3100-72ddd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=2592000
accept-ranges: bytes
content-length: 470493
expires: Sun, 21 Apr 2019 20:44:10 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame 32E4 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32E4 79 KB
0 42ms
41ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

60fdb35f6ad4bb9182219967e37128a310ac24a1ce67bc8cadb11ad956de8aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 22 Mar 2019 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553253327984164"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29871
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 20:44:08 GMT

GET
H2 200 init-140r6opg3f7b3b5fypx.js Show response
api.b2c.com/api/ Frame 32E4 12 KB
5 KB 170ms
170ms Script
text/javascript 2600:1f14:e96:5800:5571:ae82:1dfd:9bde
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21776212701&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138265445734&sid=Security_News
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:5571:ae82:1dfd:9bde , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 578cfa2653e37fa6d738bf5fb6154b629597df0aac751646473e4fbc3f7ca744

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:09 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
DATA 200
OK truncated
/ Frame 32E4 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68382e178940abb38a2292d45ab9353520429bdee730070cf01c31341f206dcf

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 32E4 0
61 B 21ms
21ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcUTnGnBdoU3Z6lYm_h5g-KV4_kyViQ6vjzCtRMOK35FljE9Y8TafBJLhRTg6Yq1nyx6t6YufOWYKuTguEgpCrlfG4QGgFeYqGbhIOBdmIC4ClDt4CrgkiRvDP0wpfzcKgnPm3GL9cd5QDEAy3XUww5VKnEHG0j70ufto46HrZFLhw2zeViB8naz-k5-9d4OkbrXt8-4N4AUQ5tA8OOYZDq4Rwto1ltF8SOuCiwMQr7QPO-ekwhoWJKfI9GvxbjS-1ae7_D7CVowuLDEEBXwI&sai=AMfl-YR_ki5XeZEkerPnQvLFX3qhzz6XfJR20l4CUCz2RDCA_Z32-Od2yKUL6LJVDorHihwaIEYOJGRjuht3nYoEVpv_teFIgmDhDyVmO1zdMYyXTgs2O4Mw3psVtD4&sig=Cg0ArKJSzPIaVrRXJockEAE&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 20:44:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 8790994904754568457
tpc.googlesyndication.com/simgad/ Frame 32E4 36 KB
36 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8790994904754568457

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f78a10cfffe095c1c649948bdc73c4fcb44f54d7648c592b814090a9ce8afce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 16:06:26 GMT
x-content-type-options: nosniff
age: 16663
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 37120
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2019 15:59:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Mar 2020 16:06:26 GMT

GET
H/1.1 200
OK ad.gif
api-54-149-45-227.b2c.com/api/ Frame 1B03 43 B
0 551ms
172ms Image
image/gif 2600:1f14:e96:5802:1639:b44c:1d24:e6d5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-54-149-45-227.b2c.com/api/ad.gif
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:1639:b44c:1d24:e6d5 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Response headers

Date: Fri, 22 Mar 2019 20:44:08 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ad.gif
api-54-203-218-248.b2c.com/api/ Frame 1781 43 B
233 B 488ms
162ms Image
image/gif 2600:1f14:e96:5802:37f7:83d2:84d:39a7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-54-203-218-248.b2c.com/api/ad.gif
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:37f7:83d2:84d:39a7 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

302
Moved Temporarily

4 Show response
api-54-149-45-227.b2c.com/api/ Frame 1B03
Redirect Chain

https://api-54-149-45-227.b2c.com/api/x?qSCLT0Ctu5j4vFqY$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3RocmVhdC1hY3RvcnMtbGF1bmNoZWQtcmFuc29td2FyZS1hdHRhY2tzLWFnYWluc3QtdGhy...
https://api-54-149-45-227.b2c.com:444/api/4?qSCLT0Ctu5j4vFqY

0
-1 B

166ms
165ms

XHR
text/html

2600:1f14:e96:5802:1639:b44c:1d24:e6d5
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-149-45-227.b2c.com:444/api/4?qSCLT0Ctu5j4vFqY
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:1639:b44c:1d24:e6d5 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:09 GMT
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://api-54-149-45-227.b2c.com:444/api/4?qSCLT0Ctu5j4vFqY
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

Redirect headers

Date: Fri, 22 Mar 2019 20:44:09 GMT
Server: openresty
Location: https://api-54-149-45-227.b2c.com:444/api/4?qSCLT0Ctu5j4vFqY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

GET
H/1.1

302
Moved Temporarily

4 Show response
api-54-203-218-248.b2c.com/api/ Frame 1781
Redirect Chain

https://api-54-203-218-248.b2c.com/api/x?AmUegcyuaHFW11T1$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3RocmVhdC1hY3RvcnMtbGF1bmNoZWQtcmFuc29td2FyZS1hdHRhY2tzLWFnYWluc3QtdGh...
https://api-54-203-218-248.b2c.com:444/api/4?AmUegcyuaHFW11T1

0
-1 B

513ms
165ms

XHR
text/html

2600:1f14:e96:5802:37f7:83d2:84d:39a7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-203-218-248.b2c.com:444/api/4?AmUegcyuaHFW11T1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:37f7:83d2:84d:39a7 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:10 GMT
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://api-54-203-218-248.b2c.com:444/api/4?AmUegcyuaHFW11T1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

Redirect headers

Date: Fri, 22 Mar 2019 20:44:10 GMT
Server: openresty
Location: https://api-54-203-218-248.b2c.com:444/api/4?AmUegcyuaHFW11T1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

GET
H/1.1 200
OK 4 Show response
api-54-149-45-227.b2c.com/api/ Frame 1B03 43 B
438 B 715ms
178ms XHR
image/gif 54.149.45.227
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-149-45-227.b2c.com:444/api/4?qSCLT0Ctu5j4vFqY
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.45.227 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-149-45-227.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: null

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK ad.gif
api-34-219-6-126.b2c.com/api/ Frame 32E4 43 B
233 B 546ms
170ms Image
image/gif 2600:1f14:e96:5800:7c5b:c788:a470:3ccb
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-219-6-126.b2c.com/api/ad.gif
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:7c5b:c788:a470:3ccb , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

302
Moved Temporarily

4 Show response
api-34-219-6-126.b2c.com/api/ Frame 32E4
Redirect Chain

https://api-34-219-6-126.b2c.com/api/x?NTR2HGzaDKJh7yQE$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3RocmVhdC1hY3RvcnMtbGF1bmNoZWQtcmFuc29td2FyZS1hdHRhY2tzLWFnYWluc3QtdGhyZ...
https://api-34-219-6-126.b2c.com:444/api/4?NTR2HGzaDKJh7yQE

0
-1 B

508ms
174ms

XHR
text/html

2600:1f14:e96:5800:7c5b:c788:a470:3ccb
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-219-6-126.b2c.com:444/api/4?NTR2HGzaDKJh7yQE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:7c5b:c788:a470:3ccb , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 20:44:10 GMT
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://api-34-219-6-126.b2c.com:444/api/4?NTR2HGzaDKJh7yQE
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

Redirect headers

Date: Fri, 22 Mar 2019 20:44:10 GMT
Server: openresty
Location: https://api-34-219-6-126.b2c.com:444/api/4?NTR2HGzaDKJh7yQE
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

GET
H/1.1 200
OK 4 Show response
api-54-203-218-248.b2c.com/api/ Frame 1781 43 B
438 B 669ms
167ms XHR
image/gif 54.203.218.248
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-203-218-248.b2c.com:444/api/4?AmUegcyuaHFW11T1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.218.248 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-203-218-248.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: null

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1781 42 B
122 B 26ms
25ms Image
image/gif 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTVxQlOcRux71Ioxn6VfH33tx2A2j2n_jcRk0HnShf6GQdXb6TX1kyaCmNY0D0FBWDLxvfrPpaosrltYXbDAfiW7O3NfJXXxbM3wE&sig=Cg0ArKJSzIWa3WMmpwNqEAE&adk=571377879&tt=-1&bs=1585%2C1200&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&p=359,1053,609,1353&cm=1&mcvt=1051&rs=0&ht=0&tfs=417&tls=1468&mc=1&lte=1&bas=0&bac=0&avms=geo&lm=2&xdi=0&ps=1585%2C2837&ss=1600%2C1200&pt=-1&deb=1-0-0-4-11-6-10-10&tvt=1463&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=6&clc=1&cac=0&cd=300x250&v=20190322

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK x
api-54-203-218-248.b2c.com/api/ Frame 1781 0
363 B 163ms
162ms Other
text/plain 2600:1f14:e96:5802:37f7:83d2:84d:39a7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-203-218-248.b2c.com/api/x?AmUegcyuaHFW11T1$YWRibG9jayQ3OTYkMA
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5802:37f7:83d2:84d:39a7 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:10 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1289435048&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-t...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_gid=1430259283.1553287451&gjid=1769866783&_v=j73&z=715240304
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_v=j73&z=715240304
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_v=j73&z=715240304&slf_rd=1&random=4054345936

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_v=j73&z=715240304&slf_rd=1&random=4054345936

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=553670133.1553287447&jid=1069147250&_v=j73&z=715240304&slf_rd=1&random=4054345936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
104 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=1289435048&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&ul=en-us&de=UTF-8&dt=Ransomware%20attack%20targets%20college%20admissions%20data%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=%2Fhome%2Fsecurity-news%2Fthreat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission%2F&el=25%25&ev=25&_u=6GjAAAADQ~&jid=&gjid=&cid=553670133.1553287447&tid=UA-1290429-10&_gid=1430259283.1553287451&gtm=2wg3b2W475TQW&z=223707955

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2019 02:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1100959
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1B03 42 B
122 B 26ms
25ms Image
image/gif 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6slDlEy047O9KjJQwa0tHH-R6Wzrd3JQlaF-lj2U_ohv1Ee286jKFP5tm4D9qEtEJmqDNsL3AGlh7r2ZAkTs6OH41EqISeahYrcM&sig=Cg0ArKJSzCMEBCM7WzN7EAE&adk=3419787810&tt=-1&bs=1585%2C1200&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&p=194,429,284,1157&mcvt=1074&rs=3&ht=0&tfs=116&tls=1190&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1553287448731&rpt=654&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C2837&ss=1600%2C1200&pt=-1&deb=1-3-3-10-13-17-41-11&tvt=1180&r=v&id=osdim&vs=4&uc=13&upc=11&tgt=DIV&cl=1&cec=6&clc=1&cac=0&cd=728x90&v=20190322

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 20:44:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK x
api-34-219-6-126.b2c.com/api/ Frame 32E4 0
363 B 172ms
171ms Other
text/plain 2600:1f14:e96:5800:7c5b:c788:a470:3ccb
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-219-6-126.b2c.com/api/x?NTR2HGzaDKJh7yQE$YWRibG9jayQ1NjUkMA
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:7c5b:c788:a470:3ccb , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:10 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
H/1.1 200
OK 4 Show response
api-34-219-6-126.b2c.com/api/ Frame 32E4 43 B
438 B 699ms
177ms XHR
image/gif 34.219.6.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-219-6-126.b2c.com:444/api/4?NTR2HGzaDKJh7yQE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.219.6.126 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-219-6-126.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.scmagazine.com/home/security-news/threat-actors-launched-ransomware-attacks-against-three-u-s-colleges-seizing-the-data-on-students-applying-for-admission/
Origin: null

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 20:44:11 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.scmagazine.com/	1970-01-19 08:13:43	Name: PathforaPageView Value: 1
			www.scmagazine.com/	1970-01-18 23:28:08	Name: ly_segs Value: %7B%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%3A%22sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%22%2C%22sc_module_74_103017_priority_2_threat_management_eb%22%3A%22sc_module_74_103017_priority_2_threat_management_eb%22%2C%22sc_module_56_092717_priority_3_threat_management_eb%22%3A%22sc_module_56_092717_priority_3_threat_management_eb%22%2C%22sc_module_090717_priority_2_surviving_ransomware_41%22%3A%22sc_module_090717_priority_2_surviving_ransomware_41%22%2C%22sc_module_081717_priority_3_surviving_ransomware_28%22%3A%22sc_module_081717_priority_3_surviving_ransomware_28%22%2C%22sc_module_21_073117_priority_2_817_thycotic%22%3A%22sc_module_21_073117_priority_2_817_thycotic%22%2C%22sc_module_072017_priority_2_81_secureworks_15%22%3A%22sc_module_072017_priority_2_81_secureworks_15%22%2C%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%3A%22sc_module_063017_priority_3_sc_reboot_17_industry_innovators%22%2C%22ce_unknown_1000plus%22%3A%22ce_unknown_1000plus%22%2C%22ly_uses_desktop%22%3A%22ly_uses_desktop%22%2C%22ly_international_visitor%22%3A%22ly_international_visitor%22%2C%22ly_repeat_visitor%22%3A%22ly_repeat_visitor%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_reporting_last_visit_within_3_months%22%3A%22ly_reporting_last_visit_within_3_months%22%2C%22ly_reporting_last_visit_within_month%22%3A%22ly_reporting_last_visit_within_month%22%2C%22ly_reporting_last_visit_within_week%22%3A%22ly_reporting_last_visit_within_week%22%2C%22ly_reporting_last_visit_within_day%22%3A%22ly_reporting_last_visit_within_day%22%2C%22ly_reporting_multi_session_visitor%22%3A%22ly_reporting_multi_session_visitor%22%2C%22ly_reporting_has_visited_web%22%3A%22ly_reporting_has_visited_web%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%2C%22ce_no_usa%22%3A%22ce_no_usa%22%2C%22module_115_022818_priority_2_sc_paid_subscription%22%3A%22module_115_022818_priority_2_sc_paid_subscription%22%7D

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1552920019(Line 1) Message: [ABD] start beginTest
console-api	log	URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1552920019(Line 1) Message: [ABD] adding bait node to DOM
console-api	log	URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1552920019(Line 1) Message: [ABD] start beginTest
console-api	log	URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1552920019(Line 1) Message: [ABD] adding bait node to DOM
console-api	log	(Line 6) Message: checkForCPNSegments(module_115_022818_priority_2_sc_paid_subscription)
console-api	log	(Line 6) Message: checkForCPNSegments(ce_no_usa)
console-api	log	(Line 8) Message: logit -all
console-api	log	(Line 6) Message: checkForCPNSegments(all)
console-api	log	(Line 6) Message: checkForCPNSegments(smt_new)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_reporting_has_visited_web)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_reporting_multi_session_visitor)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_reporting_last_visit_within_day)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_reporting_last_visit_within_week)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_reporting_last_visit_within_month)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_reporting_last_visit_within_3_months)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_unknown_email)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_repeat_visitor)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_international_visitor)
console-api	log	(Line 6) Message: checkForCPNSegments(ly_uses_desktop)
console-api	log	(Line 6) Message: checkForCPNSegments(ce_unknown_1000plus)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_063017_priority_3_sc_reboot_17_industry_innovators)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_072017_priority_2_81_secureworks_15)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_21_073117_priority_2_817_thycotic)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_081717_priority_3_surviving_ransomware_28)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_090717_priority_2_surviving_ransomware_41)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_56_092717_priority_3_threat_management_eb)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_74_103017_priority_2_threat_management_eb)
console-api	log	(Line 6) Message: checkForCPNSegments(sc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86)
console-api	log	(Line 5) Message: OK
console-api	log	URL: https://3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1552920019(Line 1) Message: [ABD] exiting test loop - value: false

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3erczm2x84t2p8xnj226kmxx-wpengine.netdna-ssl.com
action.dstillery.com
action.media6degrees.com
adservice.google.com
adservice.google.de
api-34-219-6-126.b2c.com
api-54-149-45-227.b2c.com
api-54-203-218-248.b2c.com
api.b2c.com
api.lytics.io
c.disquscdn.com
c.lytics.io
cdn.feathr.co
content.maropost.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
marco.feathr.co
match.adsrvr.org
pagead2.googlesyndication.com
ping.chartbeat.net
polo-v1.feathr.co
polo.feathr.co
px.ads.linkedin.com
s3.amazonaws.com
scmagazineus.disqus.com
script.crazyegg.com
securepubads.g.doubleclick.net
snap.licdn.com
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.scmagazine.com
13.35.253.54
151.101.120.134
151.101.128.134
172.217.16.130
18.213.92.219
18.235.176.117
204.2.197.202
2600:1f14:e96:5800:5571:ae82:1dfd:9bde
2600:1f14:e96:5800:7c5b:c788:a470:3ccb
2600:1f14:e96:5802:1639:b44c:1d24:e6d5
2600:1f14:e96:5802:37f7:83d2:84d:39a7
2600:9000:2043:5200:18:1fcd:348:2461
2600:9000:2043:b400:1b:fadc:b780:93a1
2606:4700:20::6819:5465
2606:4700:20::6819:f763
2606:4700::6810:4fa6
2606:4700::6813:9308
2620:109:c00c:104::b93f:9005
2a00:1450:4001:80b::2008
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:818::2004
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:820::2001
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c08::9b
2a02:26f0:6c00:296::25ea
2a05:f500:10:101::b93f:9101
34.219.6.126
35.227.192.113
38.126.130.202
52.216.81.19
52.48.132.12
54.149.45.227
54.203.218.248
54.86.31.50
54.87.95.71
94.31.29.64
01230d34c001264b5b6d801d5578914778cc81637fa76a77fd4fe76b0b7c2841
015b30df447be6dc8721d1339757d63d5d3ea9c319b35e04f08cec289eca6d8a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
049d45f8c718790a6a447170a8856d704cb933a412669360465b1593ede4d359
055c9988ca77473a45a5ec6c5eae495120bcb612b32359a1faafa0c772dc1a95
07ceab98ce05a7204150adb5f25a841f6732ef283907d746a8e4f416daeb53b0
0c7e4012cb73f8c0836fa8aee34bb0da2250b5af84d0c4a1959d60764597f05a
0f7f1d70809c8ac5942aa10f19fac6c7e9df3fc62629e99243659f9f851204da
155ef7601d4af029d8b6f3efa4ed4984748ea0a36c85f038f129ffdc6fb83b66
1c8b0c7d14c16cdcc09362272ab07ca73a0e2cbafd5f3c6611dae16b5299f1d8
1d90939dba16916ae487a09245dfb95ea74654b16d67d90e2621e3ac0be0cef0
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2904791a3d21ac418c20883cb50a3f5923f1600fe9793cf7662a98f0cc9a2e00
29524d2058638455c86eeb2e1e99102f41a9b80aea82e8399d9827600242b825
2a2662269dcff61677f3cff8aca472a6b6969e6e749200c77b123373f15491af
2b63a484e50b0887ede8571126709a164efc6d3647d5982fb520098be0b6a888
2e42416a784ea322e462ecc0085a86013315dce1f3a7808c8ada6f5b1656682c
2edf73736dcca6150ee1aadfa652a5e7287baf8a6ad4b3a0b9443ea3bfe11680
323b5839559581754a7eec71a8041919b64b1edad7f5c8b81a87499a37f15080
32ca65dd304efa5241cd5eefcc2ed9be6f897a390934a232bcfffcbf0f108c02
33fe4fe8214760f15a5fdd753b5c396ee5b916e5d6f66f79d4765ed260706723
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3631acd19af105b058f0de1448fff182c213d91cd8b805c7f03a2f780516c463
3da096eadec42f2ee70ba0d51e8a54704543b5b67a957732d8c244cd90b731ab
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
407348148e099c694fe66b76e2bb1db76f99be8bdcd2cb4b24f8ec8e0fa2b3c7
411b7cab5d697d74a54049a75a737b641bb26d9379f2715b8fa6fbc2eb0fa317
41a1b87a4754b4b1ac551edf5c52c6f4b67fac2bb2f06fbe9000b4355eb20a90
4400ba12fc49a86640974d46d2476c8ffc2ebff620b8b1d2cf72d49bc69bc6aa
4456ccbba2c0f4a6db157881abc08815c353e64d10ea43ccc26bd8ee8cf24d8a
47016194347d0caaca6424c88c5d12d1e33ac99c4c20f1f906a24520ea387429
471ab3b374a8298423c5826ad9fc8f85d6cd2c4b32adf75a6c8c7ec8334ccf26
481185a77675bddcb1ad4717ef0f12794355fb7001ca30896bc76bed3e7900d7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4946bb242473afbd7b41036315cd3c04c26425a28d15b81fcb6aecc4e6752395
4967d03fb66f41ab7a7bef6265dbc532e549d91805ff654f1656bc790b6dcff2
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
4de535e21fcc7ed59a24376caec397ec98bb8a170656f40034811e0ed9bbf738
4e77140b8c972fbef43ae7e06485040f0a70246532739e98a8277bc2373f7146
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
535edbf8f46eb2a14ff21a4806bdc5e7c34b94e4986fb1b9d2e34a91c5c80827
56b5a5d8fe5b54d0dae838fa7c6c97def4e23787cbbadea45cab15c94ae3264a
578cfa2653e37fa6d738bf5fb6154b629597df0aac751646473e4fbc3f7ca744
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
597e196bad54cb188ed7745af600a1ebdc56667f4757ddab2f2efa0bbab7b55d
5bcc0598befecb299a8bec3e126e2772290d056fcf68e7e192b7d610247cd0a3
5defe440039097d869dcc438d41487a045c28b9695c9220caa16a2e7009902fb
5ed2c77a12d6be1eb2ca8462376dc9bc53fb4fae1585b1c83aa039c430c7db55
60fdb35f6ad4bb9182219967e37128a310ac24a1ce67bc8cadb11ad956de8aac
64c0f386e23546b11ab28e437684f0ea24cd9e538978c492d8afcb6af9444bc4
65061cb72b3ac17a45d013375cc3a562f58a9359e322f0fc6e0314d1458b6be1
679c120eb9d79cdeff370642128f691808c340d75f240c63a45313a2711aa71e
67b99ed0a00a9980728c48dfaa3e36f69a76f2966c3ecb4afc57878aa79d8e98
68382e178940abb38a2292d45ab9353520429bdee730070cf01c31341f206dcf
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
75328623300d84bcb66d60f7458cd10cba5f07122e9b1c24a4c1dc8466af0851
7864dec00a861bce0d6aacaebc427306f00047270cbcb7a7cadb10e6b43eb444
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
8277046b4728151496f534a8ff54ea92aacacafe874e71ff403d4c698c4bfb1a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811
8cad642d5009d9f538c20ce327532bea1a130c019fae995d6d37da325626347d
8e0da2e2d764c1a202d33dd39287784df8ac6bc20c7401ea14f2d62001292856
8eee3a6be61979cc46f626f7d79a0ee490a025dbef0d923da6a946ed27e231b2
93cb16ef79a563db85c96612f655f1068af4791a2cfbd7775532037d38e72e2d
94308b25a82c6c94b07808115e379e4f4151bde0c44100015cda9cb1c5cdb0e7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b918da624a9f1ac4937338123b488a87f744194a17d9bb5bffa039a2b3fbe2d
9e01cd9d5c99f2550fff5002f1b7fcc1402aa88b84f471214b032a7cde0f42b2
9ef5ebba3888de791beb4d7ac5614664381af2b8f75570b125c16d6d622ef5d8
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a5e0dc39f19e2f5c035766778759fd1d349c90208c66607b506aad592fbebac2
a7fcb8d67ebde90b461152d3446e816f072202a816394cac5bcd768e745ef0e2
abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2
b364e06239be7ab49c269bb58c15cee38deeaf5b4c032f3bae5b652c4aa497bc
b8ae3c6e8675e65c233a1426914f58a96bc3a5900f36b85689d9a0155942cf16
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388
c20cbbda8d0876c0ec5743020ebe05acb7d207b517768e2d102742ffe1bda4e2
c3de201eaab78b314512dcb695b7dde49e6e0938387331f56109449795a66f06
c3e9274b133413c69a306619ae2cbd78c137d82017ccb0f72b4e64653b689a04
ca5327697815bc7ac6c0073c5b4fbf2f260954bd1a9d5d48d13d5839e918c4bb
ca8396fc329ad8381d48ca97e0d132e89928b56c18bc0ecd670657c4d63501e4
ce8caa1e0c819366876622260f35894f2e893f1ab406ab801d59ff07bd09cc55
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32
cfe0a4e83927b1dbabba7682082338520b9a150ce2c51ae2298638bc52ed3deb
cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1
d0e369c8ddf204cd59396e1f15945d6f892d43091bf559a5df8a724756e6c50e
d325a923a16286d29f35ded6d128f822899f617cf400601956b8f9d5edcda413
da8673eca8689c04c0f2d5415ec08b7f877d2b06311512f25692e75ff24d1fb1
e01a44849121561b1849048879e056fbe612132e104edbabef256aaa926c6dde
e38c283cf693ccc86f81942e7cae20849f0cfd639bfd5e7362677d91e8f0d4b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43e078b242c478fb2a0d2e8d1b21dabc9cf8ab15a33d82a8b18a81570ecde26
e57f5d34086e3fd304b9e9303033020d7d2e0965e1ef36e5659bb96a20fdfbcb
e60e3b9a4b291934fd0d909ae83a03364c5d514255934ea060211b2d11b949f1
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006d9bc740395b50e860b9b0233e701b7ef3567168e41b6e592046b9e326b98
f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452
f2e39668a20d08f09afdc26d253f407b640ef7456a89cfd163015066d871fcc8
f78a10cfffe095c1c649948bdc73c4fcb44f54d7648c592b814090a9ce8afce8
f88c0bc0ddfdece9c93b11d632c0ba270fb3350aaa6b9c86e42e715592fe664f
fad32328a0e104c32e5f61eafb03e0518eded7af80a321ff9eae78250cabf83a
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd220ed35b72aa7713de3e7ba9cf988681531888e86d4a4d0b585def878cab32

www.scmagazine.com Open in urlscan Pro 54.86.31.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

198 Requests

100 %HTTPS

60 %IPv6

26 Domains

39 Subdomains

38 IPs

4 Countries

7608 kBTransfer

9692 kBSize

2 Cookies

17 Outgoing links

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.scmagazine.com Open in urlscan Pro
54.86.31.50 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

100 %
HTTPS

60 %
IPv6

26
Domains

39
Subdomains

38
IPs

4
Countries

7608 kB
Transfer

9692 kB
Size

2
Cookies

198 HTTP transactions
3 data transactions