www.mcafee.com Open in urlscan Pro
64.12.16.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Effective URL:
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Submission: On October 10 via manual (October 10th 2022, 3:03:45 pm UTC) from US — Scanned from DE

Summary HTTP 197 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 34 domains to perform 197 HTTP transactions. The main IP is 64.12.16.2, located in United States and belongs to EDGECAST, US. The main domain is www.mcafee.com.
TLS certificate: Issued by McAfee OV SSL CA 2 on August 5th 2022. Valid for: a year.

This is the only time www.mcafee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	161.69.25.99 161.69.25.99	7754 (MCAFEE) (MCAFEE)
1 58	64.12.16.2 64.12.16.2	15133 (EDGECAST) (EDGECAST)
4	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:592::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 10	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.30.140.233 52.30.140.233	16509 (AMAZON-02) (AMAZON-02)
2	52.201.98.245 52.201.98.245	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.78.88 13.225.78.88	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:91d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	206.19.49.24 206.19.49.24	7018 (ATT-INTER...) (ATT-INTERNET4)
4	52.44.206.121 52.44.206.121	14618 (AMAZON-AES) (AMAZON-AES)
2	104.208.16.0 104.208.16.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1	34.254.43.202 34.254.43.202	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:f600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:a400:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.30.136.248 52.30.136.248	16509 (AMAZON-02) (AMAZON-02)
3	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.251.26.3 34.251.26.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	13.225.84.53 13.225.84.53	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
197	39

1 161.69.25.99 (Plano, United States) 1 redirects

ASN7754 (MCAFEE, US)

blogs.mcafee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 64.12.16.2 (United States) 1 redirects

ASN15133 (EDGECAST, US)

www.mcafee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:592::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-233.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.98.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-98-245.compute-1.amazonaws.com

api2932.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-88.fra2.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:91d9 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.44.206.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-206-121.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.208.16.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cu1pehnsweb01.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.43.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-43-202.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a400:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.136.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

mcafeeinc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.mcafee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.26.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-26-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-53.fra2.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	mcafee.com 2 redirects blogs.mcafee.com www.mcafee.com smetrics.mcafee.com	1 MB
17	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 ad.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 171	17 KB
16	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 136	2 KB
15	google.de www.google.de — Cisco Umbrella Rank: 3460	1 KB
14	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1132	109 KB
10	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 115	684 B
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	345 KB
6	gstatic.com fonts.gstatic.com	48 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	363 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 479	118 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4818	7 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	4 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 492	60 KB
4	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 5408	61 KB
3	d41.co api2932.d41.co cdn-0.d41.co — Cisco Umbrella Rank: 44176	76 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 293 mcafeeinc.demdex.net — Cisco Umbrella Rank: 262325	5 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	110 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1449 pixel.quantserve.com — Cisco Umbrella Rank: 683	11 KB
2	windows.net cu1pehnsweb01.servicebus.windows.net — Cisco Umbrella Rank: 181068	309 B
2	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 36316 apt.techtarget.com — Cisco Umbrella Rank: 47899	2 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 859	511 B
2	t.co t.co — Cisco Umbrella Rank: 550	493 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	32 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 596	98 B
1	cloudfront.net d6tizftlrpuof.cloudfront.net	3 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1620	517 B
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 1356	548 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1200	2 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4471	26 KB
1	mdhv.io jelly.mdhv.io — Cisco Umbrella Rank: 10019	235 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 967	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
197	34

	Domain	Requested by
58	www.mcafee.com	1 redirects www.mcafee.com
15	www.google.de	www.mcafee.com
15	www.google.com	www.mcafee.com
14	tags.tiqcdn.com	www.mcafee.com tags.tiqcdn.com
14	googleads.g.doubleclick.net	www.googleadservices.com
10	www.facebook.com	1 redirects www.mcafee.com
7	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com tags.tiqcdn.com
6	fonts.gstatic.com	fonts.googleapis.com
5	connect.facebook.net	www.mcafee.com connect.facebook.net
5	assets.adobedtm.com	www.mcafee.com assets.adobedtm.com
4	tags.srv.stackadapt.com	tags.tiqcdn.com tags.srv.stackadapt.com
4	cdn.jsdelivr.net	www.mcafee.com
4	static.addtoany.com	www.mcafee.com static.addtoany.com
3	smetrics.mcafee.com	assets.adobedtm.com
3	cdnjs.cloudflare.com	www.mcafee.com cdnjs.cloudflare.com
2	ad.doubleclick.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cu1pehnsweb01.servicebus.windows.net	tags.tiqcdn.com
2	api2932.d41.co	assets.adobedtm.com cdn-0.d41.co
2	dpm.demdex.net	assets.adobedtm.com www.mcafee.com
2	px.ads.linkedin.com	2 redirects
2	analytics.twitter.com	www.mcafee.com
2	t.co	www.mcafee.com
2	www.googleadservices.com	www.mcafee.com www.googletagmanager.com
1	idsync.rlcdn.com
1	d6tizftlrpuof.cloudfront.net	www.mcafee.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.everesttech.net	1 redirects
1	mcafeeinc.demdex.net	assets.adobedtm.com
1	pxl.qccerttest.com	www.mcafee.com
1	adservice.google.com	www.mcafee.com
1	pixel.quantserve.com	www.mcafee.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	tags.tiqcdn.com
1	w.usabilla.com	www.mcafee.com
1	jelly.mdhv.io	www.mcafee.com
1	apt.techtarget.com	www.mcafee.com
1	trk.techtarget.com	www.mcafee.com
1	cdn-0.d41.co	assets.adobedtm.com
1	px4.ads.linkedin.com	www.mcafee.com
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	www.mcafee.com
1	snap.licdn.com	www.mcafee.com
1	fonts.googleapis.com	www.mcafee.com
1	blogs.mcafee.com	1 redirects
197	45

This site contains links to these domains. Also see Links.

Domain
careers.mcafee.com
ir.mcafee.com
service.mcafee.com
forums.mcafee.com
home.mcafee.com
techmaster.mcafee.com
securingtomorrow.mcafee.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.addtoany.com

Subject Issuer	Validity	Valid
www.mcafee.com McAfee OV SSL CA 2	`2022-08-05` - `2023-08-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-19` - `2022-10-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.d41.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-03-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-11-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 05	`2022-07-11` - `2023-07-06`	a year	crt.sh
jelly.mdhv.io GTS CA 1D4	`2022-09-30` - `2022-12-29`	3 months	crt.sh
w.usabilla.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
smetrics.mcafee.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Frame ID: 12F8D33644C9A670CA4369D20ACD2F5C
Requests: 187 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: F69461B0B976E8CE68C583F4A4055D54
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/1eb8bd09b246.js?lv=1
Frame ID: 11FD0B6EF1222C17B4E42F4F710C8CBE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8A434D8EA1ED98DAC166CE15F5A9216E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0E8F9069FFE3B5CD89E0D292BF550A81
Requests: 1 HTTP requests in this frame

Frame: https://mcafeeinc.demdex.net/dest5.html?d_nsid=0
Frame ID: ABC41E399D0CCD5BDDA3B98AC59D1F49
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 303F1B2FE4D3559734BCDA172E9EBEB9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8BBBD2F7BD02097F750251966C451B67
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/mcafee-consumer-button-1944989b2cb625c962c6ef510fb08a96.png
Frame ID: 608405C2A9AE82E8A7402C64384B6328
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meet 'Tox': Ransomware for the Rest of Us | McAfee Blog

Page URL History Show full URLs

https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us HTTP 301
https://www.mcafee.com/blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us HTTP 301
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

197
Requests

98 %
HTTPS

49 %
IPv6

34
Domains

45
Subdomains

39
IPs

5
Countries

2911 kB
Transfer

6309 kB
Size

48
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://careers.mcafee.com/
Title: Search Job Openings

Search URL Search Domain Scan URL

URL: https://careers.mcafee.com/life-at-mcafee
Title: Life at McAfee

Search URL Search Domain Scan URL

URL: https://careers.mcafee.com/our-teams
Title: Our Teams

Search URL Search Domain Scan URL

URL: https://careers.mcafee.com/our-locations
Title: Our Locations

Search URL Search Domain Scan URL

URL: https://ir.mcafee.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://service.mcafee.com/
Title: Consumer Support

Search URL Search Domain Scan URL

URL: https://forums.mcafee.com/
Title: Support Community

Search URL Search Domain Scan URL

URL: https://home.mcafee.com/Secure/MyAccount/DashBoard.aspx?culture=en-us
Title: Login

Search URL Search Domain Scan URL

URL: https://techmaster.mcafee.com/Subscription
Title: TechMaster Concierge

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/toxlogo

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/tox2_2

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/tox2_1

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/tox_config_screen1

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/tox_download_virus_file

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/tox_client_exe_1

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/tox_client_encrypting

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/tox_client_encrypt_message_1

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/pe_sections-jpg

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us/attachment/cc_send-jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mcafee

Search URL Search Domain Scan URL

URL: https://twitter.com/mcafee

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mcafee

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mcafee

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mcafee

Search URL Search Domain Scan URL

URL: https://twitter.com/mcafee_home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/McAfee/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mcafee/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mcafee4consumers

Search URL Search Domain Scan URL

URL: https://techmaster.mcafee.com/subscription
Title: McAfee® Techmaster Concierge

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us HTTP 301
https://www.mcafee.com/blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us HTTP 301
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D68395%26time%3D1665414219353%26url%3Dhttps%253A%252F%252Fwww.mcafee.com%252Fblogs%252Fother-blogs%252Fmcafee-labs%252Fmeet-tox-ransomware-for-the-rest-of-us%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&liSync=true&e_ipv6=AQIFF0oxSU8U2gAAAYPCbEfOAH3utpHzh0mEo7YV8AWTj9wU-pIcX1l0LoLuzDybLQBKUYJyDxrUeTs4R4eFfOlZXXFj

Request Chain 84

https://www.facebook.com/tr/?id=448732493334171&ev=PageView&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&rl=&if=false&ts=1665414219396&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665414219394.1718698263&it=1665414219236&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&ec=0&ev=PageView&fbp=fb.1.1665414219394.1718698263&id=448732493334171&if=false&it=1665414219236&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1665414219396&v=2.9.84

Request Chain 142

https://ad.doubleclick.net/activity;src=5471927;type=;cat=;gtm=2oda50;auiddc=1174185438.1665414220;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CKmH9bf31foCFflIHgId7Q8Jyw;src=5471927;type=;cat=;gtm=2oda50;auiddc=1174185438.1665414220;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CKmH9bf31foCFflIHgId7Q8Jyw;src=5471927;type=;cat=;gtm=2oda50;auiddc=*;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us

Request Chain 158

https://cm.everesttech.net/cm/dd?d_uuid=75450410271991590300542121439103635641 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0Q0TAAAAEdp0wOY

197 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request meet-tox-ransomware-for-the-rest-of-us Show response
www.mcafee.com/blogs/other-blogs/mcafee-labs/
Redirect Chain

https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
https://www.mcafee.com/blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

152 KB
25 KB

587ms
587ms

Document
text/html

64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAA) / PHP/8.1.8

Resource Hash

fbf8bdaf628a1b8270b0cb16c7d6fde31e6caa75b42e74ac78ce5d4f29003a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26220
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 10 Oct 2022 07:46:38 GMT
expires: Mon, 07 Nov 2022 12:52:37 GMT
link: <https://www.mcafee.com/blogs/wp-json/>; rel="https://api.w.org/" <https://www.mcafee.com/blogs/wp-json/wp/v2/posts/43499>; rel="alternate"; type="application/json" <https://www.mcafee.com/blogs/?p=43499>; rel=shortlink
server: ECAcc (frc/4CAA)
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=573
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding, user-agent
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-0-cache-hash: 8919b930d1f827d555fbea90e04f9358162becdeba269abd38cecf7b8e23a0bb
x-0-caching-status: no-max-age
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-surrogate-key
x-0-t: eh=538,ek=537,ect=534,ecc=miss,edt=530,edd=0,edf=529,dgpop=fll,gh=17,gct=15,gcc=miss,gdt=11,gdd=0,gdf=9
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-amz-cf-id: MYLZACoHpQFDD0TofZJ2PISuOhCN5KEFu7jO01UlaxPLGaIJiq84Iw==
x-amz-cf-pop: MIA3-P3
x-cache: Hit from cloudfront
x-cache-key: 8919b930d1f827d555fbea90e04f9358162becdeba269abd38cecf7b8e23a0bb
x-matched-routes: 5,83
x-powered-by: PHP/8.1.8
x-request-id: 104598687719781910718090639572879894716

Redirect headers

age: 0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 10 Oct 2022 15:03:38 GMT
expires: Mon, 07 Nov 2022 12:52:37 GMT
ie-location-2: /blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
location: /blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
server: ECAcc (frc/4CAA)
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=1525
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding, user-agent
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-0-cache-hash: b6891302931b1b9e0e81f82d1b67d08d22bea50393b68f1e469da029cce3e3ce
x-0-caching-status: no-max-age
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-0-status: s=301,eh=301,ek=301,ed=301,gh=301,gd=301
x-0-surrogate-key
x-0-t: eh=1489,ek=1487,ect=1484,ecc=miss,edt=1482,edd=0,edf=1482,dgpop=fll,gh=966,gct=964,gcc=miss,gdt=959,gdd=3,gdf=955
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-amz-cf-id: Y5jhCruxTpKj4EXeJ7oupzGWlLT3zbgyxc3R9U8ECdGpwMngAc9Shg==
x-amz-cf-pop: MIA3-P3
x-cache: Miss from cloudfront
x-cache-key: b6891302931b1b9e0e81f82d1b67d08d22bea50393b68f1e469da029cce3e3ce
x-matched-routes: 5,83
x-powered-by: PHP/8.1.8
x-redirect-by: redirection
x-request-id: 848165155539171521310798189633931674349

GET
H2 200 main.min.css
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/ 78 KB
14 KB 63ms
59ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/main.min.css

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D09) /

Resource Hash

b63f011bf81f6548e73fe3c4f2edf35d97ca29054a35969373953a4ba382d782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 39d0fe4a2911b270f061d8710021a9e8d6d0593efb418fa127aeb51d0eb8dedc
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=45
content-length: 14247
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 113854723823956965646750659019991816381
x-0-t: eh=6,ek=5,ect=3,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4D09)
etag: W/"13862-5e4368f2cd440"
x-0-cache-hash: 39d0fe4a2911b270f061d8710021a9e8d6d0593efb418fa127aeb51d0eb8dedc
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: nBvs2q_bItEuG75bYd1aFD9Kw2uVLVbII5vM9H-NYE_LOSvm3VrcSQ==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 style.min.css
www.mcafee.com/blogs/wp-includes/css/dist/block-library/ 81 KB
11 KB 61ms
56ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-includes/css/dist/block-library/style.min.css?ver=5.9.1

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB5) /

Resource Hash

74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:28:56 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 2082
x-amz-cf-pop: MIA3-P3
x-cache-key: 4b0ac9ca6535e22b13bb5f4e362f06588c838f1dfca94bccbe86c3bbb3e8b9d4
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=42
content-length: 10509
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 9815195218942366842303389932085056388
x-0-t: eh=5,ek=3,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:46 GMT
server: ECAcc (frc/4CB5)
etag: W/"145a9-5e4368f3c1680"
x-0-cache-hash: 4b0ac9ca6535e22b13bb5f4e362f06588c838f1dfca94bccbe86c3bbb3e8b9d4
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: NKcSxZqEv4AVOkxweyWrLlkXlr4-WDQA9-1F0eTutrYsUGRn59VCxQ==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 blocks.style.build.css
www.mcafee.com/blogs/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 69ms
64ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 55f3d0deb9a1f4ce0e2d8256535866af32fcd342c9237f77d0fe326e93aa8fe9
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=50
content-length: 2791
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 5684805192063346704144851362195809833
x-0-t: eh=5,ek=4,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CE6)
etag: W/"6c70-5e4368f2cd440"
x-0-cache-hash: 55f3d0deb9a1f4ce0e2d8256535866af32fcd342c9237f77d0fe326e93aa8fe9
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: sfkHMuoo389cr5NAAoEWshlJZzdD6A_SLqHmEj_iIjZ60fP4NprVCA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 style.min.css
www.mcafee.com/blogs/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/ 2 KB
880 B 36ms
31ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/style.min.css?ver=1

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8C) /

Resource Hash

c85b89d6b7d92272f7fb5946e61282a75b946883176c9ff73eac557dde75c724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267024
x-amz-cf-pop: MIA3-P3
x-cache-key: af5d72823e99785b671bf0b4fd33ecce43ab47ca1f0053b07e647e8b509d5d20
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=17
content-length: 402
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 42981309191932914673602175234789190089
x-0-t: eh=4,ek=3,ect=0,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:46 GMT
server: ECAcc (frc/4C8C)
etag: W/"671-5e4368f3c1680"
x-0-cache-hash: af5d72823e99785b671bf0b4fd33ecce43ab47ca1f0053b07e647e8b509d5d20
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: g3DuzX-I0mWuu2c-TSiW6yIdaSJ-Z11lgC4YrgBxUpB-L_oeH0fh3w==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 style.css
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/ 28 KB
6 KB 61ms
57ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/style.css?ver=5.9.1

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF6) /

Resource Hash

2433290762f14878390667a857add6770254f0ce19676e8d790eeddfe16b082f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:28:56 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 2082
x-amz-cf-pop: MIA3-P3
x-cache-key: 821ea93f505be50750e863e41f2427c37b57204c6bdc362eceb0bc7405223630
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=42
content-length: 5467
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 116811522422200545412899451584970308676
x-0-t: eh=4,ek=3,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CF6)
etag: W/"71bf-5e4368f2cd440"
x-0-cache-hash: 821ea93f505be50750e863e41f2427c37b57204c6bdc362eceb0bc7405223630
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: A3w552WnTBz0mtowcrH6W-jH50YsqxdExnONwlRpfJTvYL5QvZkLiw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 addtoany.min.css
www.mcafee.com/blogs/wp-content/plugins/add-to-any/ 1 KB
795 B 60ms
55ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD7) /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:35:27 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 1691
x-amz-cf-pop: MIA3-P3
x-cache-key: fcb563ec378dd3a1e44651120c2643c4d089d037c14351510551925804e32fef
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=40
content-length: 405
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 966459197194458261412738238523769361627
x-0-t: eh=6,ek=4,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CD7)
etag: W/"5ef-5e4368f2cd440"
x-0-cache-hash: fcb563ec378dd3a1e44651120c2643c4d089d037c14351510551925804e32fef
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: _axXH2EVwL6VWmLgMNh6cOOj_AMYxBsUpM-kut9S4gaBQEv1ntFNDA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
www.mcafee.com/blogs/wp-content/plugins/jquery-updater/js/ 87 KB
30 KB 72ms
68ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/jquery-updater/js/jquery-3.6.0.min.js?ver=3.6.0

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C99) /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 13ab2e9c20a5f2d0e3edec45e615a675680114ef3338afdfbd5762dd0ad441f9
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=37
content-length: 30362
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 795035734872208493611660242109080528165
x-0-t: eh=4,ek=3,ect=0,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4C99)
etag: W/"15d9d-5e4368f2cd440"
x-0-cache-hash: 13ab2e9c20a5f2d0e3edec45e615a675680114ef3338afdfbd5762dd0ad441f9
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: Y2olTMGnRguH0fNpOqEpQlhnmZdgfM_-eyHaB1qw6RK_hqAjee3TxA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
www.mcafee.com/blogs/wp-content/plugins/jquery-updater/js/ 11 KB
4 KB 78ms
74ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/jquery-updater/js/jquery-migrate-3.3.2.min.js?ver=3.3.2

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD8) /

Resource Hash

f7e248392cea6eed6651423f5b9a4adafec5b15921a2f16ec54e1012be0aaee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:35:20 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 1697
x-amz-cf-pop: MIA3-P3
x-cache-key: e12d8d6d320433ac10bc292ee4ef1b00a7c113ab291b8e5e2c1363583d8ee702
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=43
content-length: 4027
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 167181767915324291457412098856997756686
x-0-t: eh=6,ek=4,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CD8)
etag: W/"2bd8-5e4368f2cd440"
x-0-cache-hash: e12d8d6d320433ac10bc292ee4ef1b00a7c113ab291b8e5e2c1363583d8ee702
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: P_l3jl0iNP8yGlmCei2b9eML4FTvpgMYukG3Syg3pn3oGz-hxpS-lw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 114ms
64ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b964f75cb8c613e484743bf4daaac6efc65c74156fca95cd76ca15d742555d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 143765
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 03 Sep 2022 00:56:47 GMT
server: cloudflare
etag: W/"ba7-5e7bb5238fa5f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 75803e756b0e6993-FRA

GET
H2 200 addtoany.min.js Show response
www.mcafee.com/blogs/wp-content/plugins/add-to-any/ 129 B
558 B 70ms
62ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFD) /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:15 GMT
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 9268c9b51ef08b7a763596785580f868e903e2d61f175dae512c894e90f99e84
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=46
content-length: 126
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 429361875454924611811722802939296778191
x-0-t: eh=7,ek=6,ect=2,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CFD)
etag: W/"81-5e4368f2cd440"
x-0-cache-hash: 9268c9b51ef08b7a763596785580f868e903e2d61f175dae512c894e90f99e84
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: zsK-wJqjzeebVCgBo6KZZLk4kwatX9kBV6f8aqj700LsZyjzQ3UsNg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 script.min.js Show response
www.mcafee.com/blogs/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/ 925 B
1 KB 74ms
71ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/script.min.js?ver=1

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C95) /

Resource Hash

656955dd522a5ad6e4854b1ae8cc510c8eafab407ce64ec7957b5c23a8014bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 767fe2f537554c4341f69c60dd154e6f01830c2cdb6882a58bf96005647f6b3f
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=40
content-length: 418
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 227247159937905520813185121323335535716
x-0-t: eh=7,ek=5,ect=2,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:46 GMT
server: ECAcc (frc/4C95)
etag: W/"39d-5e4368f3c1680"
x-0-cache-hash: 767fe2f537554c4341f69c60dd154e6f01830c2cdb6882a58bf96005647f6b3f
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: XqEwzSWeyTyyt61b10HrmzV9Jm1BJPcGAdl2clJ8L5qRNenwBgjN3A==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 blog.css
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/ 20 KB
5 KB 64ms
61ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/blog.css

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD6) /

Resource Hash

85f9a306434e8ed7d91e8ee0ee03ca08c58d61b4d41511b51d6e8ee243a3f2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: b551eb1f4685b98bb26b508c7dc4eb89d80e182e88e7e0a6f78914c7d40ac014
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=45
content-length: 4581
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 121239682995819049237678504707732676722
x-0-t: eh=8,ek=7,ect=3,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CD6)
etag: W/"4ffa-5e4368f2cd440"
x-0-cache-hash: b551eb1f4685b98bb26b508c7dc4eb89d80e182e88e7e0a6f78914c7d40ac014
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: zdpYPJ2_puPGF77vPl2TQKnrnTZlV3LsTumVj6DoZp1q6z64n0gpmg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/ 158 KB
25 KB 80ms
33ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mcafee.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12445945
x-jsd-version: 4.6.1
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19174-FRA, cache-itm18824-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dfIDvhjfomAJzvwIzy%2Fq7XqUCU4khcWSDtxwE7Au4lHuTTBGLsSypV%2BqpDuJJMlZIzYPuaSa6kp5wsSwLwAMs30%2B2p9viwwohcvJcfHdN70pNqUj8Ek8xLj2lTrr7UWahPEzn97wv%2FwGD7kON0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75803e74ab8abb97-FRA

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 69ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 415619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ1iAQ9M1y4kpTUUXFH%2BKHgO5%2B81fjXLq%2F0Qbgc343pMo%2BpIvrnaoe4Rr11QuX746%2F%2Bt1xeHmshv3fadNHNefn3W8GTGpyAqL68ykWwRMMqAdHZdki2MFKWoXo1cRt2edXybtskysUI0fTFUwy5QD7%2BL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75803e74ad5a9191-FRA
expires: Sat, 30 Sep 2023 15:03:38 GMT

GET
H2 200 static_nav.css
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/ 53 KB
8 KB 57ms
54ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/static_nav.css

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB6) /

Resource Hash

218d05d13fe4ec02c43381f56d55867da02dbb5ed32c417c2584a44fbbfc8c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 6dc897a7a800cfcc0e8820b110d7c51865009f26491b6dbaf3c68719a5ba142c
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=37
content-length: 7815
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 29010974588494019026198530489482934226
x-0-t: eh=6,ek=4,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CB6)
etag: W/"d5f2-5e4368f2cd440"
x-0-cache-hash: 6dc897a7a800cfcc0e8820b110d7c51865009f26491b6dbaf3c68719a5ba142c
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: hrk_FK5bNHBM-29nenueRWiiUudwKsLtf4mIN7CnJMtN0VXjRWtU8g==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 static_footer.css
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/ 18 KB
3 KB 62ms
60ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/static_footer.css

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAF) /

Resource Hash

7c48971a72486c60216251e89061d7c2b8b03fa57551e0a6be0b7f0f9ab6254c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267024
x-amz-cf-pop: MIA3-P3
x-cache-key: 3947644c55c347393c336d8b5baf0620dfb6fbe3326a6b3d0c82b16bb597abdc
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=41
content-length: 2663
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 518546380614048519111705640046423436920
x-0-t: eh=5,ek=3,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CAF)
etag: W/"4776-5e4368f2cd440"
x-0-cache-hash: 3947644c55c347393c336d8b5baf0620dfb6fbe3326a6b3d0c82b16bb597abdc
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: pIAHdER7GIBE-D4TlONTi_uFTZCAYSRn5wBz8LgRZcS5u8VIn3wyWw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 86ms
40ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css?ver=5.6.3

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17559716
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19127-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhdpwyUdb1ryTtOYSeV%2BPoGb4EoDLa6QERqligsa63%2Bnl9e5qO2G16yGHOJJYlE9flrzIxctlRriZ8y4LrS1t6dvXM%2FZZaS0QGFgaHNK2iKVFn6pwAjjKsiG8Vg5hJkTv8%2FLyrTmzdkUX4DyJh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75803e74af37bbcb-FRA

GET
H2 200 newtheme-style.css
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/ 80 KB
13 KB 71ms
69ms Stylesheet
text/css 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/newtheme-style.css?ver=5.6.8

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCD) /

Resource Hash

678e4443e87259063b8fd75aadfe00332e64993b3829693fd69f6b190321042f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:14 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 69d2f03fcedade106cd8631cd4300e178832588204b872cc97ecf7006bc864b1
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=47
content-length: 13173
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 10818154765580675323901789090891951431
x-0-t: eh=4,ek=3,ect=0,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CCD)
etag: W/"1405e-5e4368f2cd440"
x-0-cache-hash: 69d2f03fcedade106cd8631cd4300e178832588204b872cc97ecf7006bc864b1
vary: accept-encoding, user-agent
content-type: text/css
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: F57ihwZmnq4Fz24WH__0nj4Df8gHmdes_ZV7KvSRkSmfwMWA5en81A==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 McAfeeHzRed.svg
www.mcafee.com/content/dam/consumer/en/company-logo/ 3 KB
2 KB 64ms
56ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/content/dam/consumer/en/company-logo/McAfeeHzRed.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC4) /

Resource Hash

8474952f856a73d936c67fc73c4b330547430caec755cab2ee773a626ec03988

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://pam.mcafee.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://pam.mcafee.com
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
date: Mon, 10 Oct 2022 14:28:32 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2106
x-cache-key: c498e39ad161d049fa78533cbd376e2f39aa5a0c0e7bf65be3516437522e4c9a
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%28.%2A%29.%28jpg%7Cjpeg%7Cpng%7Cgif%7Csvg%7Cico%7Cwebp%7Cimviewer%7Cmp4%7Cttf%7Cotf%7Cwoff%7Cwoff2%29%22%7D",edge;dur=41
content-length: 1261
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=origin
x-request-id: 167027278926573472456468150025736999355
x-0-t: eh=7,ek=3,ect=0,ecc=hit
last-modified: Wed, 28 Sep 2022 11:23:00 GMT
server: ECAcc (frc/4CC4)
etag: W/"b88-5e9bafbbd3527"
x-0-cache-hash: c498e39ad161d049fa78533cbd376e2f39aa5a0c0e7bf65be3516437522e4c9a
vary: accept-encoding, user-agent
x-frame-options: DENY
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, max-age=2592000
x-matched-routes: 5,91
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-mcafee-cache: 365-days
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 chevron-up-black.svg
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 265 B
714 B 616ms
608ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/chevron-up-black.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD6) /

Resource Hash

9dee9f7724ca98ec632aadeee67d695806122f2ceae9b874dbc47f4535345ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:00 GMT
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 16539
x-amz-cf-pop: MIA3-P3
x-cache-key: 3b16fdb3a9e544e1edfa4ab076cc3a194a64a2b910fd0e765ef35cb7ef37075b
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=593
content-length: 207
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 113304852699257265299203798054534373469
x-0-t: eh=563,ek=561,ect=558,ecc=pass,edt=554,edd=0,edf=553,dgpop=fll,gh=42,gct=40,gcc=pass,gdt=36,gdd=0,gdf=35
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CD6)
etag: W/"109-5e4368f2cd440"
x-0-cache-hash: 3b16fdb3a9e544e1edfa4ab076cc3a194a64a2b910fd0e765ef35cb7ef37075b
vary: accept-encoding, user-agent
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: X8vYiT7fAFMB0ZjLacn6OMOcFYu5PuQdNzu3z1bkY1PorXv4Cb2mSQ==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 search_icon_black.svg
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
1 KB 633ms
625ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/search_icon_black.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFE) /

Resource Hash

0c5d12f7f623ddaea002928a5e8aa1126cccf4cb80b58a4ed180d675a339efcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:00 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 16539
x-amz-cf-pop: MIA3-P3
x-cache-key: 8839d7f55d363f568653a918854d1deeadc6ae3eb14844cdda91c9cafc3cc5d1
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=610
content-length: 615
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 131021544604479979415134440807163642350
x-0-t: eh=575,ek=573,ect=570,ecc=pass,edt=566,edd=0,edf=565,dgpop=fll,gh=49,gct=48,gcc=pass,gdt=45,gdd=0,gdf=43
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CFE)
etag: W/"4be-5e4368f2cd440"
x-0-cache-hash: 8839d7f55d363f568653a918854d1deeadc6ae3eb14844cdda91c9cafc3cc5d1
vary: accept-encoding, user-agent
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: 9EZLaaipot7zeDYV8uHjNbjTP3w6UNPkOIBRozE5236IXvt_kjdYDA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 cross-grey-icon.svg
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 447 B
877 B 625ms
618ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/cross-grey-icon.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF1) /

Resource Hash

75b43df6930d03341e76a75dcd100473926121ac0e707825a0e73e5666d7ff97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:00 GMT
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 16539
x-amz-cf-pop: MIA3-P3
x-cache-key: 8adffbbfd18012da6430013c06cf67ad18ab61207cd7df7433019268464a9292
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=602
content-length: 260
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 816272781076025933813809048772895214575
x-0-t: eh=569,ek=567,ect=564,ecc=pass,edt=558,edd=0,edf=558,dgpop=fll,gh=42,gct=41,gcc=pass,gdt=37,gdd=0,gdf=35
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CF1)
etag: W/"1bf-5e4368f2cd440"
x-0-cache-hash: 8adffbbfd18012da6430013c06cf67ad18ab61207cd7df7433019268464a9292
vary: accept-encoding, user-agent
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: X6O8CV8yHfAsGjr3FwyaH7IlIACz3r7lxttmk9iFMCXaeE52mDKdHw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 globe-icon.svg
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
1 KB 704ms
696ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/globe-icon.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB2) /

Resource Hash

76e492344b7da6c17b6cfb90fd603bce68e20de9f1d2751d93eef85ee0137d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:00 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 16539
x-amz-cf-pop: MIA3-P3
x-cache-key: 5a660c1c089242e85cb03d8e7bf4f1620f4352fc5fe7a1f931405fb3b18f0be5
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=680
content-length: 521
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 89951800424980562376646861449826286197
x-0-t: eh=647,ek=645,ect=642,ecc=pass,edt=639,edd=0,edf=638,dgpop=fll,gh=122,gct=121,gcc=pass,gdt=117,gdd=1,gdf=115
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CB2)
etag: W/"43f-5e4368f2cd440"
x-0-cache-hash: 5a660c1c089242e85cb03d8e7bf4f1620f4352fc5fe7a1f931405fb3b18f0be5
vary: accept-encoding, user-agent
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: vihIIpnGZ2EQjjWW-PO8ClJFERRGaALnVKNwR6OlomDd1SAEtFisOg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 IMAL_49924_ManCablesServers_72dpi.jpg
www.mcafee.com/blogs/wp-content/uploads/ 80 KB
80 KB 617ms
609ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/IMAL_49924_ManCablesServers_72dpi.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF4) /

Resource Hash

e1e5bc8d022de6eb901d993242b63168860635b238b3f255b39fb83a549b81ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 44150
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: ce147e6ab5e5e0b8f967966359057552a575c66bb10bb52a27639b96e50c4abc
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=592
content-length: 81410
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 102944517067437036069832508813955597245
x-0-t: eh=542,ek=539,ect=537,ecc=miss,edt=533,edd=0,edf=532,dgpop=fll,gh=17,gct=16,gcc=miss,gdt=11,gdd=0,gdf=10
last-modified: Sat, 30 Apr 2022 19:38:24 GMT
server: ECAcc (frc/4CF4)
etag: "244b0d10f31fafa565d4bfe7a2dfd795"
x-0-cache-hash: ce147e6ab5e5e0b8f967966359057552a575c66bb10bb52a27639b96e50c4abc
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: kezth-z0h1Yjfw14-JiQjlUP6VTsLOTS-PSMqan4r_Qd4VPC-UqDfA==
expires: Tue, 08 Nov 2022 13:24:15 GMT

GET
H2 200 facebook.png
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
2 KB 626ms
618ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/facebook.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC9) /

Resource Hash

c47380f71c3bdb3ebf92f494d7a6b8c1525f1ce8331fdb50398c22f59eea3936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 16538
x-amz-cf-pop: MIA3-P3
x-cache-key: 6c96a3d30e58393adfbded4d74a8c3a8fd03d099eafcd4b07e8be4f798682d8f
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=603
content-length: 1231
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 1716808651786432226413998999306552245088
x-0-t: eh=568,ek=566,ect=563,ecc=pass,edt=559,edd=0,edf=558,dgpop=fll,gh=41,gct=40,gcc=pass,gdt=36,gdd=0,gdf=34
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CC9)
etag: "4cf-5e4368f2cd440"
x-0-cache-hash: 6c96a3d30e58393adfbded4d74a8c3a8fd03d099eafcd4b07e8be4f798682d8f
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: 1_UIrfaMSUDXtTbfyX08VHk1nAzipN3Xo9xvLQm2efCgBggUKgwgvQ==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 linkedin.png
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
2 KB 615ms
608ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/linkedin.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA2) /

Resource Hash

82c52b937868d2d0afb2abccadf9b697f20c73c3c30ad9204dad4884878a7f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 16538
x-amz-cf-pop: MIA3-P3
x-cache-key: 3d8df3c51dd75cb41d97f2140431dee84e5181151548b8e7f97f841dd0290c54
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=591
content-length: 1397
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 1606754397479016439110284218382803558869
x-0-t: eh=562,ek=560,ect=558,ecc=pass,edt=553,edd=0,edf=552,dgpop=fll,gh=41,gct=39,gcc=pass,gdt=36,gdd=1,gdf=34
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CA2)
etag: "575-5e4368f2cd440"
x-0-cache-hash: 3d8df3c51dd75cb41d97f2140431dee84e5181151548b8e7f97f841dd0290c54
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: MMibwd17td33lSgO0Qg1xGArfqSp4K3JN76nU5zl3KHCSdiQyfMM8w==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 twitter.png
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
2 KB 706ms
699ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/twitter.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB3) /

Resource Hash

b08faf373c3f1c8247d01a6ac23353ae7a36a7bbf40d7591814920c11196bedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 16538
x-amz-cf-pop: MIA3-P3
x-cache-key: 655ccf33da0014e27a26d9550d6ca886f516a83b817072354a697d493f547036
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=683
content-length: 1533
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 899006122984983196615804445104222812821
x-0-t: eh=642,ek=638,ect=635,ecc=pass,edt=633,edd=0,edf=632,dgpop=fll,gh=121,gct=120,gcc=pass,gdt=116,gdd=0,gdf=114
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CB3)
etag: "5fd-5e4368f2cd440"
x-0-cache-hash: 655ccf33da0014e27a26d9550d6ca886f516a83b817072354a697d493f547036
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: 0JVGBHPyIN2n46jJE72bgVpvWnAGhg5E4dgVOFvUAKKCTqgJ56zWWg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 email.png
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
2 KB 619ms
612ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/email.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE9) /

Resource Hash

2e8af6374a001a941e7eea578da32e139e8c9a659ffab78acd97fa160876efee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 16538
x-amz-cf-pop: MIA3-P3
x-cache-key: 34c82404e3d37532dfee5d0111cc1e98b81ac88d8f4112c5bf08f3b3f109fa41
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=596
content-length: 1443
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 149843171583687426054879345444349526845
x-0-t: eh=563,ek=561,ect=558,ecc=pass,edt=555,edd=0,edf=554,dgpop=fll,gh=37,gct=36,gcc=pass,gdt=32,gdd=0,gdf=30
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CE9)
etag: "5a3-5e4368f2cd440"
x-0-cache-hash: 34c82404e3d37532dfee5d0111cc1e98b81ac88d8f4112c5bf08f3b3f109fa41
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: C5nf_Wyd6KaEtCHGdgj6swKj9JjADCXoDQ5HYVAgE0crpP8wRFnxyw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 link.png
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 886 B
1 KB 633ms
626ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/link.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CEE) /

Resource Hash

d051f3c16ae61275a06cdf30938b3492e1bc6d89b9e7d67e2d175cec4e44df8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 16538
x-amz-cf-pop: MIA3-P3
x-cache-key: 43678687574089aa613c1a856ba7db82bd8bdde72fbca01d6257c881298fe83b
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=609
content-length: 886
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 115647408944618096312591792065668883453
x-0-t: eh=565,ek=562,ect=560,ecc=pass,edt=555,edd=0,edf=554,dgpop=fll,gh=41,gct=39,gcc=pass,gdt=34,gdd=0,gdf=33
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CEE)
etag: "376-5e4368f2cd440"
x-0-cache-hash: 43678687574089aa613c1a856ba7db82bd8bdde72fbca01d6257c881298fe83b
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: HEwpnceOIczUVAyHfcZo-tViwpzrg6nSzpdvHWqG4iKG7jz8s8UFQg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 rss-white.svg
www.mcafee.com/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 744 B
968 B 69ms
63ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/wp-content/themes/securingtomorrow-brillio/img/new-icons/rss-white.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF0) /

Resource Hash

003c5212fe084a97fd7fd753297fe409de81f1be36fa96caced384c844d3d361

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:15 GMT
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
age: 267023
x-cache-key: 16c38675f07e98363fdeb81beeeae6b8dc50186eaa884a2ae7734b4e055c389c
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fwp-content%28.%2A%29%22%7D",edge;dur=43
content-length: 385
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=enterpriseorigin
x-request-id: 184500330104827764317679241888371364657
x-0-t: eh=7,ek=5,ect=2,ecc=hit
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Aug 2021 11:05:19 GMT
server: ECAcc (frc/4CF0)
x-0-cache-hash: 16c38675f07e98363fdeb81beeeae6b8dc50186eaa884a2ae7734b4e055c389c
vary: accept-encoding, user-agent
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: max-age=2592000, public
x-matched-routes: 5,55
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 300x200_Blog_malliciouscookingstuffing-1-300x203.png
www.mcafee.com/blogs/wp-content/uploads/2022/08/ 81 KB
82 KB 67ms
60ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/08/300x200_Blog_malliciouscookingstuffing-1-300x203.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE9) /

Resource Hash

0d66fa6c68f151d974336b6ba4fbc234568f3c3fd9e17f23310f78ff9d983bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 16:27:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 340583
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 8be635f7ddff3dd3fd5230a49a95995e76cc6e59fb500ce7ed28011501825c8c
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=42
content-length: 83321
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 156027379906389438582584658377459512183
x-0-t: eh=4,ek=2,ect=0,ecc=hit
last-modified: Mon, 29 Aug 2022 21:38:10 GMT
server: ECAcc (frc/4CE9)
etag: "87e5c6ed3b2d97d455f7f4d90558503d"
x-0-cache-hash: 8be635f7ddff3dd3fd5230a49a95995e76cc6e59fb500ce7ed28011501825c8c
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: max-age=31536000
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: MFZylOvE3YAB9BKjFsYxJOKueyRpRy7JKJ-b1b2hc0Md6C07I4SkpA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 Cloud-300x162.jpeg
www.mcafee.com/blogs/wp-content/uploads/2021/11/ 9 KB
10 KB 213ms
207ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2021/11/Cloud-300x162.jpeg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC7) /

Resource Hash

49bb1710089118878b85269bc29493940781332955c32b2714f94aaf664dc818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 08:33:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 23394
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: e9da2ac2e731c66e9d1c05c08af7429b764d4ee25edfd7f20d4938b3e99793e3
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=188
content-length: 9350
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 16384286924826970057267005891903481105
x-0-t: eh=151,ek=149,ect=147,ecc=miss,edt=143,edd=0,edf=142,dgpop=fll,gh=15,gct=13,gcc=miss,gdt=9,gdd=0,gdf=7
last-modified: Wed, 27 Apr 2022 18:04:00 GMT
server: ECAcc (frc/4CC7)
etag: "fd8e38d8247fc8474d606ee43905ccf2"
x-0-cache-hash: e9da2ac2e731c66e9d1c05c08af7429b764d4ee25edfd7f20d4938b3e99793e3
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: gNVXtZC8ma_BJ93rTRwgXuSPW8ws6bNFKd1aYLkejn6jsK52v_0Dww==
expires: Tue, 08 Nov 2022 01:52:23 GMT

GET
H2 200 300x200_Blog_googleplay.png
www.mcafee.com/blogs/wp-content/uploads/2022/07/ 67 KB
67 KB 70ms
64ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/07/300x200_Blog_googleplay.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8C) /

Resource Hash

a982c540f8f384f11cce36732cc23b9f3e9bf9dbee0c854c663f99b27f035969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 16:27:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 340583
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 9957d64aadb7107a959a3fe4d2696a4e97d35498833e31d8cd761e7548275ba1
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=46
content-length: 68211
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 913916259249891646414684893998188536641
x-0-t: eh=5,ek=4,ect=0,ecc=hit
last-modified: Fri, 29 Jul 2022 03:16:10 GMT
server: ECAcc (frc/4C8C)
etag: "1d806467d4b5264c01768f3ef22ecafa"
x-0-cache-hash: 9957d64aadb7107a959a3fe4d2696a4e97d35498833e31d8cd761e7548275ba1
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: max-age=31536000
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: hboWA4PwFuCgjuWTc54rXFdZzPStkuMHCqet4ETkrzGH3B7d_J4Gog==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 300x200_Blog_LNK-Malware.png
www.mcafee.com/blogs/wp-content/uploads/2022/06/ 92 KB
92 KB 72ms
66ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/06/300x200_Blog_LNK-Malware.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D08) /

Resource Hash

c64a0dd00d685de6eb7d2053110e20e2515ec436f262e5d36896a03b390f917a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 16:27:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 340583
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 35c641750b559d9c0817a4d68fbb72e241076cb5bc3805a754b0b5f90a855260
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=38
content-length: 93753
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 87045718366479999218025545472390573308
x-0-t: eh=4,ek=3,ect=0,ecc=hit
last-modified: Tue, 21 Jun 2022 18:47:31 GMT
server: ECAcc (frc/4D08)
etag: "269b6c55466cf51072f191ac2be74169"
x-0-cache-hash: 35c641750b559d9c0817a4d68fbb72e241076cb5bc3805a754b0b5f90a855260
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: max-age=31536000
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: x5CD8xyg9dNkuRYCPtkEcK2_uoDKAKdc_61RFSYAxxNs2YUac2hCJw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 300x200_Blog_tiktok-1.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/06/ 11 KB
12 KB 85ms
79ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/06/300x200_Blog_tiktok-1.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C99) /

Resource Hash

30d43129b574f4fac7b014c9d2bfa306278e2898863420c5570b7a55610257e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 15:36:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 343615
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: aeb55f673b0f9c47e4afb1cba0008905b018040d4f6e4a27ef31beb2f45c3580
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=46
content-length: 11584
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 91703018276318403829893072065753660578
x-0-t: eh=8,ek=6,ect=3,ecc=hit
last-modified: Thu, 09 Jun 2022 18:44:53 GMT
server: ECAcc (frc/4C99)
etag: "c43c0deb31352d26402c87137f472e14"
x-0-cache-hash: aeb55f673b0f9c47e4afb1cba0008905b018040d4f6e4a27ef31beb2f45c3580
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: max-age=31536000
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: 30ydUiYfefEizcB9ChQoIPn8YAXa6bEZ-evfMFktaJIHiqW2AJbH5w==
expires: Tue, 15 Nov 2022 11:46:29 GMT

GET
H2 200 300x200_Blog_childphones-1.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/06/ 10 KB
10 KB 85ms
80ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/06/300x200_Blog_childphones-1.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C87) /

Resource Hash

3fc414a0ae1021464164ee20393fbd17ab0046edf8be7aeec6e186a5f986cea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 15:36:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 343615
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 05f4df17780da4134e9536950d74404200d1358e43d83f68c68a2fc843b489ff
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=46
content-length: 9776
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 784187380652743381211377770457316100025
x-0-t: eh=8,ek=6,ect=3,ecc=hit
last-modified: Thu, 09 Jun 2022 18:55:58 GMT
server: ECAcc (frc/4C87)
etag: "a4dc9fcd6611c8cd1a73df4e5271235a"
x-0-cache-hash: 05f4df17780da4134e9536950d74404200d1358e43d83f68c68a2fc843b489ff
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: max-age=31536000
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: AdCMm-AMOvfm_cpJKVIo_6xV9lZMIxvo6VvRhEekEAMFhm9IpDss4Q==
expires: Tue, 15 Nov 2022 11:46:29 GMT

GET
H2 200 300x200_Blog_MFE_Blogs_051722_Blog-1.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/05/ 7 KB
8 KB 75ms
70ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/05/300x200_Blog_MFE_Blogs_051722_Blog-1.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAF) /

Resource Hash

25ee50380a78316f90371f2836a861dd57be75f2fa6ad98f562694adfdd0901c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 15:36:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 343615
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 57c0a2d32c0409d06c3b1ecb8970643deeacb0d83f7be7eecc03aaad4b48a8ea
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=41
content-length: 7134
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 669634390637830327413406844571062955228
x-0-t: eh=5,ek=4,ect=1,ecc=hit
last-modified: Thu, 19 May 2022 04:29:02 GMT
server: ECAcc (frc/4CAF)
etag: "386d66c33c0b8d8d4473988a9914bc58"
x-0-cache-hash: 57c0a2d32c0409d06c3b1ecb8970643deeacb0d83f7be7eecc03aaad4b48a8ea
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: max-age=31536000
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: e8Oq9BFgFvNAFObftgEniZY_Pn_ToEtlvpgKYHYjBrZreGILKYOLuw==
expires: Tue, 15 Nov 2022 11:46:29 GMT

GET
H2 200 300x200_Blog_backupday.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/03/ 8 KB
8 KB 39ms
34ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/03/300x200_Blog_backupday.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDF) /

Resource Hash

d878c25499f6df68615bca8b85c8ea900050d40fcc1453c4facf0bdf133aaec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 1263
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: c7d15e7d77ec4e4f96c2c1b9d14a9af257c896b35f5d621dd0b023711f00cc4e
x-cache: HIT
content-length: 7814
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 330757142790506261912981435785903603088
x-0-t: eh=537,ek=535,ect=531,ecc=miss,edt=528,edd=0,edf=527,dgpop=fll,gh=12,gct=11,gcc=miss,gdt=9,gdd=0,gdf=7
last-modified: Thu, 05 May 2022 13:35:12 GMT
server: ECAcc (frc/4CDF)
etag: "de50fb4e804d4612d015af8b16be168f"
x-0-cache-hash: c7d15e7d77ec4e4f96c2c1b9d14a9af257c896b35f5d621dd0b023711f00cc4e
x-0-caching-status: no-max-age
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: slWz0yt_-MtFvgnBfyXsyUkLaM03OMq9nTg4UqKGkQwimtdXlyqjeQ==
expires: Mon, 07 Nov 2022 19:19:34 GMT

GET
H2 200 300x200_Blog_ukrainescam.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/04/ 8 KB
9 KB 602ms
596ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/04/300x200_Blog_ukrainescam.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE7) /

Resource Hash

33f4cfce31eb8bdf380d7ab022c7f25fe8bac13f3a4607eac724d75fa74a65e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 13:13:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 6610
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 9ccac5ff40fa494d0fc49b142e0a365b45efc839cbb6edec92b5b2bac954d66e
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=567
content-length: 8594
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 1087135159137501358217169744644310501626
x-0-t: eh=533,ek=530,ect=528,ecc=miss,edt=525,edd=0,edf=524,dgpop=fll,gh=9,gct=8,gcc=miss,gdt=4,gdd=0,gdf=3
last-modified: Thu, 05 May 2022 13:12:42 GMT
server: ECAcc (frc/4CE7)
etag: "b84e990c79334f9935dcb2f204a17029"
x-0-cache-hash: 9ccac5ff40fa494d0fc49b142e0a365b45efc839cbb6edec92b5b2bac954d66e
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: G5am5x-g4S-qiT-GLzoTA1TbXuvhAQrbQMMivU0kdf-k9TCJ3p5hYQ==
expires: Mon, 07 Nov 2022 16:32:55 GMT

GET
H2 200 300x200_Blog_scamparty.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/03/ 9 KB
10 KB 615ms
610ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/03/300x200_Blog_scamparty.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF4) /

Resource Hash

e7d47d41ed2bfca38c08c546c985599e8bee738a54d3e680d38b58e9f737e520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 18:00:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 75805
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: f798f526c5d7b5523b1e3b175535076b74d9132bdc5c7ed609f0d034482d68ca
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=579
content-length: 9432
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 6838602013755777291160658183170642115
x-0-t: eh=538,ek=536,ect=533,ecc=miss,edt=530,edd=0,edf=529,dgpop=fll,gh=14,gct=12,gcc=miss,gdt=10,gdd=0,gdf=8
last-modified: Thu, 21 Apr 2022 14:08:08 GMT
server: ECAcc (frc/4CF4)
etag: "5fa16d52a98b0d00e72346e19f98cb8a"
x-0-cache-hash: f798f526c5d7b5523b1e3b175535076b74d9132bdc5c7ed609f0d034482d68ca
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: e10ROOwkVFHShSGK3OEesjEqsyadX8p-XSWfWhrEW8HOGESqt1QLXQ==
expires: Wed, 09 Nov 2022 06:59:25 GMT

GET
H2 200 300x200_Blog_phonenotifications.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/02/ 10 KB
10 KB 610ms
606ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/02/300x200_Blog_phonenotifications.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE5) /

Resource Hash

dc043f2a44778d31ee700ab78a3805cfb4756f91fa34ef29919541488c9de674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 18:00:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 75761
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 3841099a469ef578c31ea7694430bfd92c77f9e528be544f8104a860d2d17c60
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=576
content-length: 10074
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 238355115165706951616115811846185990418
x-0-t: eh=530,ek=527,ect=525,ecc=miss,edt=522,edd=0,edf=521,dgpop=fll,gh=12,gct=11,gcc=miss,gdt=6,gdd=1,gdf=4
last-modified: Thu, 05 May 2022 13:32:35 GMT
server: ECAcc (frc/4CE5)
etag: "579c3418512929b2c70d1b2fd025039a"
x-0-cache-hash: 3841099a469ef578c31ea7694430bfd92c77f9e528be544f8104a860d2d17c60
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: uQ1cb_f9BYeA6AfHhaUTohlw-saGRRMIvovMDgDE1x97rA6NYtv59A==
expires: Wed, 09 Nov 2022 06:57:57 GMT

GET
H2 200 300x200_maskingIP.jpg
www.mcafee.com/blogs/wp-content/uploads/2022/02/ 12 KB
13 KB 613ms
609ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2022/02/300x200_maskingIP.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD9) /

Resource Hash

b7f2b6d7c3510789980ed6b0ee7741dc21ffed3a13a2ba7bb4566b569a49c598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 18:00:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 75761
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 057b609db47c48ee7a495b9af2a62890dc09cf9dda747a277dcb4d2f86d452cf
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=579
content-length: 12662
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 1210524452459491152843007927278286745
x-0-t: eh=534,ek=532,ect=529,ecc=miss,edt=525,edd=0,edf=524,dgpop=fll,gh=8,gct=7,gcc=miss,gdt=3,gdd=0,gdf=2
last-modified: Thu, 21 Apr 2022 15:09:10 GMT
server: ECAcc (frc/4CD9)
etag: "c3ad9e30865840d001f863e7b61e81b3"
x-0-cache-hash: 057b609db47c48ee7a495b9af2a62890dc09cf9dda747a277dcb4d2f86d452cf
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: 6NPLD5NU2D9G60x_VfY93EysVyqNbrCYTwRLQI1KTT_hJ3m8PmeooA==
expires: Wed, 09 Nov 2022 06:57:57 GMT

GET
H2 200 logo-red.svg
www.mcafee.com/content/dam/consumer/en/company-logo/ 4 KB
2 KB 76ms
71ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/content/dam/consumer/en/company-logo/logo-red.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD5) /

Resource Hash

d3704d9797dce227e5032123ba2c7744319bf51460b1f5a54e21ec3d9952004e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://pam.mcafee.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://pam.mcafee.com
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
date: Fri, 07 Oct 2022 12:52:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 267046
x-cache-key: a45c018f725981d033e04535782e09f39ddebca3efaf5f09eae029390ff25333
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%28.%2A%29.%28jpg%7Cjpeg%7Cpng%7Cgif%7Csvg%7Cico%7Cwebp%7Cimviewer%7Cmp4%7Cttf%7Cotf%7Cwoff%7Cwoff2%29%22%7D",edge;dur=41
content-length: 1414
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=origin
x-request-id: 22295199906647597621127561752553495974
x-0-t: eh=5,ek=3,ect=1,ecc=hit
last-modified: Wed, 28 Sep 2022 11:55:13 GMT
server: ECAcc (frc/4CD5)
etag: W/"e1a-5e9bb6ef682bb"
x-0-cache-hash: a45c018f725981d033e04535782e09f39ddebca3efaf5f09eae029390ff25333
vary: accept-encoding, user-agent
x-frame-options: DENY
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: private, max-age=2592000
x-matched-routes: 5,91
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-mcafee-cache: 365-days
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 backtotop.png
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
2 KB 631ms
626ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/backtotop.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF4) /

Resource Hash

44a6addb012e85ee247ae07452582489aaa2a0054e45b0810a95108c68f744a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 10:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 16538
x-amz-cf-pop: MIA3-P3
x-cache-key: e8b4b0f4fdb5d2e7a07c9f989073f627cc7f87099a186303149d1bd27c1cede2
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=596
content-length: 1348
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 88366209738391452526669989972482882408
x-0-t: eh=564,ek=562,ect=559,ecc=pass,edt=555,edd=0,edf=555,dgpop=fll,gh=43,gct=41,gcc=pass,gdt=39,gdd=0,gdf=37
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CF4)
etag: "544-5e4368f2cd440"
x-0-cache-hash: e8b4b0f4fdb5d2e7a07c9f989073f627cc7f87099a186303149d1bd27c1cede2
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: B_2t1kxOkMqQA4qA7H6Ks3OLanEKIowdr_l8hXI2xrPx3rTiJsBZEg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 navigation.js Show response
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/js/ 2 KB
1003 B 53ms
52ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/js/navigation.js

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCD) /

Resource Hash

ff4f1d3b83b386fe368a36112d66e193f81a07d24e2d4f98312fcfb53360d5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:15 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267023
x-amz-cf-pop: MIA3-P3
x-cache-key: 4e9f20343153fbd81ab3b6c88d22b55535fec3346b65eca660b052e2a61fb835
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=38
content-length: 506
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 169789170466128556146660425734569495813
x-0-t: eh=3,ek=2,ect=0,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CCD)
etag: W/"651-5e4368f2cd440"
x-0-cache-hash: 4e9f20343153fbd81ab3b6c88d22b55535fec3346b65eca660b052e2a61fb835
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: aVPWeAhf4mixz8yShNDPI7th1EsvQglJJ0St7Vjh6vCvm1chkia3MA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 65ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mcafee.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6456824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R71Ojslwf5lnHDv%2FZYZXyWI3tD9irYPLZkTPqwnxYEsA4Wo67toy2ZN29S86pij8JUTZlh0Judi25kSZUPE78nnyuYfp2wMlYo%2BDXBXCxsFAj7%2BI0OWt21JrD9t2nIu4SbcgY8KELb%2FFEwslK5aXRpes"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75803e752fd79061-FRA
expires: Sat, 30 Sep 2023 15:03:39 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/ 81 KB
23 KB 33ms
26ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mcafee.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17559694
x-jsd-version: 4.6.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19150-FRA, cache-hhn4065-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"14535-A2PLWLentg73+/gri862MFIyUBo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIL3H7DZAbbLDGyS%2FaAIvrz%2B7NKMWsnWMoQ6y4XOZv%2FXNnvmUC6UMcnuHUH5iZ5GHwMMj7sO%2BR9Z6%2ByY74nnpey%2F2zG2msFLxAx%2FuG8pto%2Fll%2F2CjP1P%2BHbTzJQpFuCtKIK0HVwcrpta4t06Qj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75803e751c80bb97-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 37ms
29ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?ver=10faaf528e636a046163bdb6753031b2

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17559720
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA, cache-hhn4058-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D90W0ZRccdolj9Gqp0Y8bZi6G8%2FXTprW%2BR2xTpZHcNqJb2mbAPg0hEmSeGlX8jXyd0wD7fgGKIMPkzVdFezGcTPFlDHtc9XejMizRQs9fmv8O96PQ%2B90ReIPEALYZy%2Fy27OgQFfh%2FWzEKOwNnOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75803e75281abbcb-FRA

GET
H2 200 launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js Show response
assets.adobedtm.com/ 335 KB
94 KB 215ms
58ms Script
application/x-javascript 2a02:26f0:3500:592::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6d4d659f4b34d65df2bfac351dda22f2a050352cbebf8f5df3fcb109018f945e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 21:15:50 GMT
server: AkamaiNetStorage
etag: "f4f97dfb86834a4f03017580725d0f33:1648761350.205862"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mcafee.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 95958
expires: Mon, 10 Oct 2022 16:03:39 GMT

GET
H2 200 mpp-frontend.js Show response
www.mcafee.com/blogs/wp-content/plugins/metronet-profile-picture/js/ 331 B
772 B 63ms
55ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFE) /

Resource Hash

b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:35:20 GMT
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 1698
x-amz-cf-pop: IAD89-P2
x-cache-key: 7b8c3bca8305c7e17e82a81bc0c0585db184421d00fbad85378513e1802c5bd6
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=41
content-length: 195
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 604520036536746203916468453225096605422
x-0-t: eh=6,ek=4,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CFE)
etag: W/"14b-5e4368f2cd440"
x-0-cache-hash: 7b8c3bca8305c7e17e82a81bc0c0585db184421d00fbad85378513e1802c5bd6
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: hDPsha834ctsV5tIl3k_kinvRMe55iDoJAtjxm1_rNyBM5gErGiDUA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 theme-script.js Show response
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/js/ 4 KB
2 KB 65ms
57ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/js/theme-script.js?ver=5.9.1

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D07) /

Resource Hash

b5ef1c00425aca5499c3fa6e3ae78cecaa4682508e587b952780fccc7e8a2475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:28:56 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 2082
x-amz-cf-pop: MIA3-P3
x-cache-key: 93822de5467f00583167e29ee8a0fa57efe73c40a29ec4f66f8942fc24770814
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=42
content-length: 1099
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=blogsorigin
x-request-id: 103743808726812278801835861421830628062
x-0-t: eh=8,ek=6,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4D07)
etag: W/"e98-5e4368f2cd440"
x-0-cache-hash: 93822de5467f00583167e29ee8a0fa57efe73c40a29ec4f66f8942fc24770814
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: xjyUuuP9WOD7qJqEmkjoTjOz08vyZe-MuB0-7wUCEQOnVR_e63HPOA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 skip-link-focus-fix.min.js Show response
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/js/ 325 B
805 B 66ms
58ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/js/skip-link-focus-fix.min.js?ver=20151215

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD3) /

Resource Hash

53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:16 GMT
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267022
x-amz-cf-pop: MIA3-P3
x-cache-key: 00a53309b68fce1a0ece470a176678c30b8f28436b0226e8e9811090e0895176
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=43
content-length: 242
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 49201673470712838528137539979350904935
x-0-t: eh=9,ek=7,ect=3,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CD3)
etag: W/"145-5e4368f2cd440"
x-0-cache-hash: 00a53309b68fce1a0ece470a176678c30b8f28436b0226e8e9811090e0895176
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: 4UXicSwaboPjz4lqraMiQn8qoXwg39eqOridKCJS8r5bFLF46kW5Aw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.mcafee.com/blogs/wp-includes/js/ 18 KB
5 KB 75ms
70ms Script
application/javascript 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-includes/js/wp-emoji-release.min.js?ver=5.9.1

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC0) /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:53:16 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 267022
x-amz-cf-pop: MIA3-P3
x-cache-key: 364ecf0961d557b2c30acd6cb3cc3d83590a36bc42586bffc96823729f36fc58
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=39
content-length: 4544
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 46378460205747694619466199151475321209
x-0-t: eh=4,ek=3,ect=1,ecc=hit
last-modified: Wed, 20 Jul 2022 06:17:46 GMT
server: ECAcc (frc/4CC0)
etag: W/"4705-5e4368f3c1680"
x-0-cache-hash: 364ecf0961d557b2c30acd6cb3cc3d83590a36bc42586bffc96823729f36fc58
vary: accept-encoding, user-agent
content-type: application/javascript
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: ok
cache-control: private, no-store, no-cache
x-matched-routes: 5,11,12,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: Rg-DF3pDfpcSkMAKp0iM1xVzVRIvzNtV2qjiooDbxopJVl6Cbv1RPA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 75ms
32ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/static_nav.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2458c6e69ec960015408bcff5b6e3c679da9a9e7cb3149cc810ef75158c0acf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 14:13:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H2 200 gray-arrowdwn.svg
www.mcafee.com/content/dam/en-us/test-assets/header-redesign/ 179 B
1016 B 57ms
57ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/content/dam/en-us/test-assets/header-redesign/gray-arrowdwn.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/static_nav.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA8) /

Resource Hash

2170edf920df8db1736b378cacb7cbbb19d9693f32a60348d31e285ab9744591

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://pam.mcafee.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/static_nav.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://pam.mcafee.com
content-encoding: gzip
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
date: Mon, 10 Oct 2022 14:34:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 1774
x-cache-key: 9334c843fc42c847d52b01fdf1bba61802b79904fecdebfeba562293b5a5e80d
server-timing: layer0-cache;desc="HIT-L1", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%28.%2A%29.%28jpg%7Cjpeg%7Cpng%7Cgif%7Csvg%7Cico%7Cwebp%7Cimviewer%7Cmp4%7Cttf%7Cotf%7Cwoff%7Cwoff2%29%22%7D",edge;dur=42
content-length: 162
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,ed=1.4.3,b=origin
x-request-id: 14771445426574034043134700720477642234
x-0-t: eh=4,ek=3,ect=1,ecc=hit
last-modified: Wed, 28 Sep 2022 15:59:36 GMT
server: ECAcc (frc/4CA8)
etag: W/"b3-5e9bed8f1b393"
x-0-cache-hash: 9334c843fc42c847d52b01fdf1bba61802b79904fecdebfeba562293b5a5e80d
vary: accept-encoding, user-agent
x-frame-options: DENY
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,ed=200
x-0-caching-status: ok
cache-control: private, max-age=2592000
x-matched-routes: 5,91
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-mcafee-cache: 365-days
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 blue-right-arrow.svg
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
1 KB 582ms
582ms Image
image/svg+xml 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/blue-right-arrow.svg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/newtheme-style.css?ver=5.6.8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCD) /

Resource Hash

5d4ac009da7f99e32023b5d21c87939275d1561bf80e4737aa5d61beba675f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/newtheme-style.css?ver=5.6.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 15:56:06 GMT
content-encoding: br
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
strict-transport-security: max-age=31536000; includeSubDomains
age: 83253
x-amz-cf-pop: MIA3-P3
x-cache-key: 373d026f0721de30066bf914ad94d5be28d73988605b0ff420b5ae0bdb0d97e9
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=568
content-length: 652
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 409003881209068036213213285874728309254
x-0-t: eh=531,ek=529,ect=526,ecc=miss,edt=522,edd=1,edf=521,dgpop=fll,gh=9,gct=8,gcc=miss,gdt=6,gdd=0,gdf=5
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CCD)
etag: W/"534-5e4368f2cd440"
x-0-cache-hash: 373d026f0721de30066bf914ad94d5be28d73988605b0ff420b5ae0bdb0d97e9
vary: accept-encoding, user-agent
content-type: image/svg+xml
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: __KCJ2wZa82JAjaQ08BWAGlimzEsmr7hAOx7bwfuNzEs98uvnMmyBw==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 Social-Media-PF-Logo-Pic-300x300.jpg
www.mcafee.com/blogs/wp-content/uploads/2017/05/ 4 KB
4 KB 605ms
605ms Image
image/webp 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/2017/05/Social-Media-PF-Logo-Pic-300x300.jpg

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF1) /

Resource Hash

2b2584c0ca6ddbc47c0aa30d55c12aaab9230b50780e82e20a6bdfede185a6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:02:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
x-edgeio-status: OK
age: 28897
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 7554c49a51b646e11e289f57a8577819f48e42ac361163322d468a2856de9976
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=591
content-length: 3836
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 98357074767816569679751327233212178463
x-0-t: eh=539,ek=537,ect=534,ecc=miss,edt=529,edd=0,edf=528,dgpop=fll,gh=14,gct=12,gcc=miss,gdt=8,gdd=0,gdf=6
last-modified: Fri, 29 Apr 2022 08:23:38 GMT
server: ECAcc (frc/4CF1)
etag: "959e635d3c7543906656c94798a0b93b"
x-0-cache-hash: 7554c49a51b646e11e289f57a8577819f48e42ac361163322d468a2856de9976
vary: accept-encoding, user-agent
content-type: image/webp
x-0-status: s=200,s=304,eh=304,ek=304,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: uBuhGYe-LtEEG6ncnzyJisNLovDIp9_k_J8SCxXPFFGEU-7MrnmBGA==
expires: Tue, 08 Nov 2022 04:55:49 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 75ms
35ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 416318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:25:01 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 72ms
32ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 416318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:25:01 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 60ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 416319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:25:00 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 23ms
21ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7CWvMbuRjIfV5C8ObxIi7fjJ6hqOpcPU4aGxGLjVFkXL3uex%2BzdsbMEbhk9%2FaphbZyWenbzzKuIaMGIKBHPtI7q2ATHoL6KU7uVvFgUxnyqaPfLlTw90lbyynUu5PukE0dqv5EhNx5tgL%2FJCLzJ9Gbp"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75803e75a9269061-FRA
expires: Sat, 30 Sep 2023 15:03:39 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 62ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 416327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:24:52 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 57ms
18ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:45:32 GMT
x-content-type-options: nosniff
age: 454687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8712
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:45:32 GMT

GET
H2 200 opensans-regular-webfont.woff2
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/fonts/ 18 KB
19 KB 592ms
589ms Font
application/octet-stream 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/fonts/opensans-regular-webfont.woff2

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/main.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

50c8022116d8105e7c9af1cb08f1e21c26f3f8516875bba1013fe4cbdd166a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/main.min.css
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 21:11:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 64324
x-amz-cf-pop: MIA3-P3
x-cache-key: 95149c5b4fb008cf1c5f97778402a4629864f6361d9933b3e1fb2808096ed21f
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=575
content-length: 18612
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 165077258311755827569358872295497057259
x-0-t: eh=539,ek=537,ect=534,ecc=pass,edt=531,edd=1,edf=530,dgpop=fll,gh=14,gct=12,gcc=pass,gdt=8,gdd=0,gdf=6
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4C8D)
etag: "48b4-5e4368f2cd440"
x-0-cache-hash: 95149c5b4fb008cf1c5f97778402a4629864f6361d9933b3e1fb2808096ed21f
vary: accept-encoding, user-agent
x-0-caching-status: no-max-age
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: XsM52dSFLBT5vrQNguET5m6jWK9bC-faxeWkJwB7VmhnBje3ArLn2g==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 62ms
37ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:08:09 GMT
x-content-type-options: nosniff
age: 287730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 07:08:09 GMT

GET
H2 200 toxlogo-300x111.png
www.mcafee.com/blogs/wp-content/uploads/ 13 KB
14 KB 610ms
609ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/toxlogo-300x111.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC1) /

Resource Hash

9da2750af4886578418ae46988324591e00ddc2e34749dd929d54fe7d1f78352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 44150
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 6eb588723779e66919473c87bab83b5268f14c97a091a86b136ef424436f019a
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=595
content-length: 13324
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 779980051076733881110086382754784342522
x-0-t: eh=560,ek=559,ect=556,ecc=miss,edt=554,edd=0,edf=553,dgpop=fll,gh=42,gct=41,gcc=miss,gdt=37,gdd=0,gdf=35
last-modified: Sat, 30 Apr 2022 20:55:39 GMT
server: ECAcc (frc/4CC1)
etag: "a7465a758eaa3851bf5f486a02e190bd"
x-0-cache-hash: 6eb588723779e66919473c87bab83b5268f14c97a091a86b136ef424436f019a
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: RQQHqLXwwh8somn_Ilj_6zwUROhRT5FCLckENzWPBI-bTc7DW_QONA==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 tox2_1-1024x531.png
www.mcafee.com/blogs/wp-content/uploads/ 90 KB
91 KB 589ms
588ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/tox2_1-1024x531.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD5) /

Resource Hash

42d305b1bb8127c61d5f9ba48f1cceeae017697e7bd476fab1d7444de102d423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 44150
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 7d2dea1a12505a84bc0c7e75304f2cb8841a2a7e27541ef1d38b277949a2bea1
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=575
content-length: 92127
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 171196994421663238439694394023491607329
x-0-t: eh=539,ek=537,ect=534,ecc=miss,edt=530,edd=0,edf=529,dgpop=fll,gh=18,gct=17,gcc=miss,gdt=11,gdd=0,gdf=9
last-modified: Sat, 30 Apr 2022 20:55:37 GMT
server: ECAcc (frc/4CD5)
etag: "b0bba0f6d0e6a596aa09571265bd3b28"
x-0-cache-hash: 7d2dea1a12505a84bc0c7e75304f2cb8841a2a7e27541ef1d38b277949a2bea1
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: _Tfx6szYyzpf6PgCZXgCq4jYHRBC26fv6pNHxwJq2l3k0QAnyInLLg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 TOX_config_screen1.png
www.mcafee.com/blogs/wp-content/uploads/ 119 KB
119 KB 1034ms
1033ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/TOX_config_screen1.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF8) /

Resource Hash

dd0f5b1254d79cce10a7cb18c74a7b5f85d8943374e7412d6f261b9bc246f880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 0
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 04e8f0ac1e3beed2b8779ee142db730cfcd4195d19672989ae9281b9c1ec95cb
x-cache: RefreshHit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=1016
content-length: 121415
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 367111925455428857611312728817782183018
x-0-t: eh=976,ek=974,ect=846,ecc=miss,edt=842,edd=0,edf=841,dgpop=fll,gh=329,gct=328,gcc=miss,gdt=325,gdd=0,gdf=324
last-modified: Sat, 30 Apr 2022 19:48:20 GMT
server: ECAcc (frc/4CF8)
etag: "5630214c7a00b6f8a38da70eb4c7695f"
x-0-cache-hash: 04e8f0ac1e3beed2b8779ee142db730cfcd4195d19672989ae9281b9c1ec95cb
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: 8ruo-_SxFKB3KAv-YSgpexqYiKy4plkhGwf25B-jxSqiKwFquWip-A==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 tox2_2-1024x630.png
www.mcafee.com/blogs/wp-content/uploads/ 129 KB
130 KB 743ms
742ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/tox2_2-1024x630.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF1) /

Resource Hash

23df0fa91ea2aeca2b1db40ad0dec5d84e9b91787e2a4fd3ec27aa2354e9a6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:47:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 44145
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 6ea202c9f3168832b829dceeb6aa842aca31f6a858ca349fc9de21fc899dbc5e
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=727
content-length: 132284
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 56607764126838652315891717680970463610
x-0-t: eh=693,ek=691,ect=562,ecc=miss,edt=559,edd=0,edf=558,dgpop=fll,gh=46,gct=45,gcc=miss,gdt=41,gdd=1,gdf=39
last-modified: Sat, 30 Apr 2022 20:55:38 GMT
server: ECAcc (frc/4CF1)
etag: "25899a8cd9c755bdbcb27299d8d4941a"
x-0-cache-hash: 6ea202c9f3168832b829dceeb6aa842aca31f6a858ca349fc9de21fc899dbc5e
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: pNrtwO_zJFsuYwcJSzwknohCcBF5x7NWcKiUEwTRyuApZbsohgkiRQ==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 TOX_download_virus_file.png
www.mcafee.com/blogs/wp-content/uploads/ 149 KB
150 KB 906ms
905ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/TOX_download_virus_file.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C96) /

Resource Hash

67b627b9d8b3bcd88516b64398532e4303657c479beec058b26646250fe9791c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 0
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 304db7a17ee74d81097cc594ce73a2d17e92ebef729bfabd10dfbde863107ae8
x-cache: RefreshHit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=891
content-length: 152670
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 1825025686950671941112734609110293138057
x-0-t: eh=857,ek=855,ect=853,ecc=miss,edt=850,edd=0,edf=849,dgpop=fll,gh=334,gct=333,gcc=miss,gdt=330,gdd=1,gdf=328
last-modified: Sat, 30 Apr 2022 19:48:22 GMT
server: ECAcc (frc/4C96)
etag: "7ea13335fdeab6d20d0f8781d9aa8adc"
x-0-cache-hash: 304db7a17ee74d81097cc594ce73a2d17e92ebef729bfabd10dfbde863107ae8
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: w51B-9b9OQ3zwM42sgfJENtpIlx8hPIDpBrgesTbC969nTy8HIIm8w==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 TOX_client_exe_1-1024x618.png
www.mcafee.com/blogs/wp-content/uploads/ 372 KB
373 KB 969ms
968ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/uploads/TOX_client_exe_1-1024x618.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

d9d2ee43226d548a07aa97187eec754b899087dc58c1bb601f2ea6dd4151ed53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 0
x-amz-cf-pop: MIA3-P3
x-amz-server-side-encryption: AES256
x-cache-key: 68e9306923c3df1d8edf2b1854bb898055b8fd7f8a52d7ce11dbf889551ce22a
x-cache: Miss from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=954
content-length: 381042
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 176362190996492439931749592508792883959
x-0-t: eh=917,ek=915,ect=912,ecc=miss,edt=909,edd=0,edf=908,dgpop=fll,gh=394,gct=391,gcc=miss,gdt=387,gdd=0,gdf=385
last-modified: Sat, 30 Apr 2022 19:48:17 GMT
server: ECAcc (frc/4CA9)
etag: "045a61c2feb7c6f828723ca962f45c54"
x-0-cache-hash: 68e9306923c3df1d8edf2b1854bb898055b8fd7f8a52d7ce11dbf889551ce22a
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: iB3ECk47qYnGrJXkzFfwAwqpJKNAMD-I0ygVuQy0VTiJERB6xGi36A==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 51ms
18ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gxJ5mJFEfso2ws5W5i4K/7iIOFsyWcc2HNeVinVyuq4yCs9ujnTx3RS2Q8r9Lc75xYsrqfLnJxZRKja3RN0v8Q==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 184ms
58ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=67340
accept-ranges: bytes
content-length: 3063

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 75ms
21ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kjyo7100153-IAD, cache-hhn11570-HHN

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 96ms
42ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mcafee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H3 200 core.e18d3993.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 58ms
37ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.e18d3993.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36925e7859abeeb8681d694d702e00b1fbba6f37ac49b11e8f863ed24507ca6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mcafee.com/
Origin: https://www.mcafee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2217008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 03 Sep 2022 00:56:46 GMT
server: cloudflare
etag: W/"11891-5e7bb52267bff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 75803e7638ab693f-FRA

GET
H3 200 448732493334171 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 104ms
85ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/448732493334171?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f220e2dc4fd32bcb6097a7d0990c19966d769f3c2483a513ad3b6f9d3742d9b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cmJIPzcY23ErfwQt52QqAJWw+2x2xA4zyjiPdFe3BLImNtrnWQC08c93zQBKq7L0u3FLL1+T6uPBlj5FilUNVw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 157ms
118ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=f37d5c69-e5e9-400c-8420-182837c4b9de&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=400388a3-cad2-4da9-8588-bb02df9dfb80&tw_document_href=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxlgc&type=javascript&version=2.3.27

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e2f92bba522a57ba
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c5d0fb5c9143240586c586cb675029a02a36de7437efc0a4ba2436f4b9916843
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 159ms
121ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f37d5c69-e5e9-400c-8420-182837c4b9de&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=400388a3-cad2-4da9-8588-bb02df9dfb80&tw_document_href=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxlgc&type=javascript&version=2.3.27

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 10 Oct 2022 15:03:38 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 03c745e83518b0e7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e100e79a023333f9ced40016135863790a6f073c31900ed96cf8a1d764f2ddfa
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975085349/ 2 KB
2 KB 72ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975085349/?random=1665414219270&cv=9&fst=1665414219270&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d94147f908f660d451621484e774388b2b9e3a01592bfafe9c1a6b7f15aa95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975085349/ 42 B
548 B 70ms
27ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975085349/?random=1665414219270&cv=9&fst=1665414000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&fmt=3&is_vtc=1&random=1544364140&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975085349/ 42 B
548 B 76ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975085349/?random=1665414219270&cv=9&fst=1665414000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&fmt=3&is_vtc=1&random=1544364140&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D68395%26time%3D1665414219353%26url%3Dhttps%253A%252F%252Fwww.mcafee.com%252Fblogs...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&liSync=tru...

0
265 B

172ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&liSync=true&e_ipv6=AQIFF0oxSU8U2gAAAYPCbEfOAH3utpHzh0mEo7YV8AWTj9wU-pIcX1l0LoLuzDybLQBKUYJyDxrUeTs4R4eFfOlZXXFj
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D82DAFDCB2D8467BA0CF0FB879FF0CC8 Ref B: FRAEDGE1117 Ref C: 2022-10-10T15:03:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqr3b7Kghm2Pf2VHf81A==

Redirect headers

date: Mon, 10 Oct 2022 15:03:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AE9B33854E9240BC82D180649147805C Ref B: FRAEDGE1313 Ref C: 2022-10-10T15:03:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68395&time=1665414219353&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&liSync=true&e_ipv6=AQIFF0oxSU8U2gAAAYPCbEfOAH3utpHzh0mEo7YV8AWTj9wU-pIcX1l0LoLuzDybLQBKUYJyDxrUeTs4R4eFfOlZXXFj
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqr3b4SyDD1LJFADhAKQ==

GET
H3 200 187610925152304 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/187610925152304?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d585297c70c75e9cc83fa3f363b5e833b645c3fc25f858765aeec296d4d4dac1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JxClVQBmRQDAVt6brpz5uE06gN6K4lEaIFHOh3qiE8RU8/OKUgAi4sTyRK3ukW7GxvIxoccTpG+2feVouTI0iQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=448732493334171&ev=PageView&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&rl=&if=false&ts=166541421939...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&ec=0&ev=PageView&fbp=fb.1.1665414219394.171869826...

0
18 B

33ms
15ms

Image
text/plain

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&ec=0&ev=PageView&fbp=fb.1.1665414219394.1718698263&id=448732493334171&if=false&it=1665414219236&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1665414219396&v=2.9.84

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

Redirect headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&ec=0&ev=PageView&fbp=fb.1.1665414219394.1718698263&id=448732493334171&if=false&it=1665414219236&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1665414219396&v=2.9.84
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 526 B
1 KB 572ms
156ms XHR
application/json 52.30.140.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A729776A5245B1590A490D44%40AdobeOrg&d_nsid=0&ts=1665414219448

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.140.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-140-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5a5ca36882d71fe5b91eabe8e1c1f2ff0fe90eb0a578352fe171a04cb40c29a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mcafee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v044-02e7166cb.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: t6B+9CWdQLk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.mcafee.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 361
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 33 KB
12 KB 61ms
61ms Script
application/x-javascript 2a02:26f0:3500:592::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "41f1b46329a6056c0f2c993498eda989:1591133412.019903"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mcafee.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12161
expires: Mon, 10 Oct 2022 16:03:39 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 3 KB
2 KB 62ms
62ms Script
application/x-javascript 2a02:26f0:3500:592::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "e9aa55ef8b40a205f86b54789b37de5c:1591133412.323749"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mcafee.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1607
expires: Mon, 10 Oct 2022 16:03:39 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 25 KB
9 KB 66ms
65ms Script
application/x-javascript 2a02:26f0:3500:592::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "7324535d27629ca693bad7fd0da315ea:1591133412.560246"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mcafee.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8764
expires: Mon, 10 Oct 2022 16:03:39 GMT

GET
H/1.1 204
No Content / Show response
api2932.d41.co/sync/ 0
506 B 537ms
116ms Script
text/plain 52.201.98.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api2932.d41.co/sync/

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.98.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-98-245.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 15:03:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
access-control-allow-origin: https://www.mcafee.com
Cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dnb_coretag_v4.min.js Show response
cdn-0.d41.co/tags/ 74 KB
75 KB 71ms
18ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-88.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183

Request headers

Referer: https://www.mcafee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 10 Oct 2022 15:03:15 GMT
Via: 1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Nov 2021 14:57:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 86
ETag: "c5b0d60b7c887bcae6d8897835a15d14"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76079
X-Amz-Cf-Id: kgkJCbYJaOVT6Z-18JHf3zPw3vVEm09zsKxtz_SQOqO3o_Q9wBwJGg==

GET
H3 200 766537420057144 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/766537420057144?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc698829ada2c532110e2d8ceebb401c2938a1559500b5e7660e784d04dc9f10

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: c7BMPvhaevsqTcceZ0foIKWbcMJ8kBLN8TIvQC0yKUkuM/6YmhDRWpFLVqu9ip2FQEujN9MkL/MejsC89edwag==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 25ms
18ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=187610925152304&ev=PageView&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&rl=&if=false&ts=1665414219490&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665414219394.1718698263&it=1665414219236&coo=false&rqm=GET

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK api Show response
api2932.d41.co/ 55 B
605 B 382ms
116ms Fetch
application/json 52.201.98.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api2932.d41.co/api?req=api2932&form=json

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.98.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-98-245.compute-1.amazonaws.com

Software

Resource Hash

24937d7140dbec8f50327bcb6e1cd2c815ddb0b4831ab59b8253ea6838aa8a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 15:03:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
access-control-allow-origin: https://www.mcafee.com
Cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 55
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 76ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-976855902&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57bd7ccf2632d76d484d7c9f1aca765eb5485b0cd68d3c9612b6a7703ae3522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 63959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/ 2 KB
1 KB 96ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/?random=1665414219587&cv=9&fst=1665414219270&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1724f1a24cc337143ebe4f6226df6bce313fa1f2e9bc2ab1199e033c5d109e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 2 KB
1 KB 99ms
36ms Script
text/javascript 2606:4700:4400::ac40:91d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:91d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 15 Oct 2021 14:31:37 GMT
server: cloudflare
age: 430
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1200
cf-ray: 75803e78efde9031-FRA
expires: Mon, 10 Oct 2022 15:06:29 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 245 KB
50 KB 63ms
31ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7a4f6545c815c9e3b697e47de1e576108af1674f30335d4b89af9bb0c8153a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 14:01:58 GMT
server: AkamaiNetStorage
etag: "45604bd520435177bfff87e95955fd13:1664373718.012445"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 50751
expires: Mon, 10 Oct 2022 15:08:39 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 16ms
16ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=766537420057144&ev=PageView&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&rl=&if=false&ts=1665414219592&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665414219394.1718698263&it=1665414219236&coo=false&rqm=GET

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 55ms
37ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.e18d3993.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2217376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 75803e78abd191f3-FRA

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame F694 741 B
655 B 84ms
68ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mcafee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2217376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 75803e78abd491f3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 10 Oct 2022 15:03:39 GMT
etag: W/"2e5-5cc9e128a4c38"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff

GET
H2 200 slider-right-arrow.png
www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/ 1 KB
2 KB 606ms
605ms Image
image/png 64.12.16.2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/slider-right-arrow.png

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/newtheme-style.css?ver=5.6.8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.12.16.2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

fa251403ac153674157ed78351b757b362f9e0be8f6c5d595962b9033e488d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/css/newtheme-style.css?ver=5.6.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 22:06:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/1.1 Kolben,1.1 varnish (Varnish/6.6), HTTP/1.1 Layer0
age: 61002
x-amz-cf-pop: MIA3-P3
x-cache-key: b630bda67f21a0a2fde21299de4e5540835ae47063fbce2c3a1a897b9e6db696
x-cache: Hit from cloudfront
server-timing: layer0-cache;desc="MISS", edge_pop;desc=ber, country;desc=US, xrj;desc="%7B%22path%22%3A%22%2Fblogs%2F%28.%2A%29%3F%22%7D",edge;dur=590
content-length: 1385
x-0-components: eh=0.4.0,ek=0.3.1,c=4.19.2,e=ber,ec=1.9.3,ed=1.4.3,gh=0.4.0,g=fll,gd=1.4.3,b=blogsorigin
x-request-id: 518763019945933398315568302251583889776
x-0-t: eh=556,ek=553,ect=550,ecc=pass,edt=548,edd=0,edf=546,dgpop=fll,gh=35,gct=34,gcc=pass,gdt=30,gdd=0,gdf=28
last-modified: Wed, 20 Jul 2022 06:17:45 GMT
server: ECAcc (frc/4CCC)
etag: "569-5e4368f2cd440"
x-0-cache-hash: b630bda67f21a0a2fde21299de4e5540835ae47063fbce2c3a1a897b9e6db696
vary: accept-encoding, user-agent
content-type: image/png
x-0-status: s=200,eh=200,ek=200,ed=200,gh=200,gd=200
x-0-caching-status: no-max-age
x-matched-routes: 5,83
accept-ranges: bytes
x-0-version: 285 4.19.2 19 2022-10-07T12:52:37.834Z 1.7.0
x-0-surrogate-key
x-amz-cf-id: RMMECdCIfQZwkNBgJg6CL-q2KarPJKIGWh7WbV5QQhA_8fLegFGrlg==
expires: Mon, 07 Nov 2022 12:52:37 GMT

GET
H2 200 utag.currency.js Show response
tags.tiqcdn.com/utag/tiqapp/ 3 KB
2 KB 24ms
21ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.currency.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7158a94519124e54e74cd6b5cc8dec8b51c1678d9855856ada2b4aed4a2c3ad2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 01:00:06 GMT
server: AkamaiNetStorage
etag: "57efe0094963a0a4ee4e7ca871776516:1664845206.980365"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1750
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.276.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 34 KB
5 KB 22ms
20ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.276.js?utv=ut4.39.202207280846
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03cb83fe07a916614f3ce8b33a1727c9b0ae141e1fefbcdc33cd322703e21c84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 06:17:59 GMT
server: AkamaiNetStorage
etag: "af10e0d0150e68ed8f36117e4d6337d0:1658297879.286928"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 5275
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.331.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 6 KB
2 KB 20ms
18ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.331.js?utv=ut4.39.202206151424
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ea2fcfa550c8e004fc94f03166e8d8da9a87e9770b21a30146af7f7297735407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 08:45:24 GMT
server: AkamaiNetStorage
etag: "59b591af9c74eed7eeee7eb9933434aa:1640076324.779275"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2298
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.356.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 106 KB
27 KB 31ms
29ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.356.js?utv=ut4.39.202209281401
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c589952098842e06f3b169d1c5439e1908b241b55644f81cb5a8d9e0e4f0b49e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Fri, 09 Sep 2022 09:36:29 GMT
server: AkamaiNetStorage
etag: "ebcf6f3304a0738c4c256e8ec6b98245:1662716189.608877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 27143
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.444.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 19 KB
6 KB 24ms
23ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.444.js?utv=ut4.39.202204270556
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cc2a9ed4988e65c35ca3723e7b6941441eb3cdffb9c054fd02827e794470675f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 09:32:59 GMT
server: AkamaiNetStorage
etag: "b2cb1df33dd6b8a4f10369db69c7e7dd:1632130379.813891"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 6343
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.476.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 10 KB
3 KB 22ms
21ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.476.js?utv=ut4.39.202006041316
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: afca21f08d9897df9297beb699529b4a5e361fdb2e3ab514cbaea7c0f92d1e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 10:34:56 GMT
server: AkamaiNetStorage
etag: "6b2903b10789da4d6134a59bb1fc8a49:1572518096.337345"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2366
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.515.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 24ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.515.js?utv=ut4.39.202010011046
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 71d42e52ca35bfa15765b9b71e93054a357efb81f54b0bd578285acaeee52c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Thu, 23 Jul 2020 12:04:49 GMT
server: AkamaiNetStorage
etag: "7365d951d30f1fa9668d0437fedeb4e3:1595505889.289423"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1048
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.518.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 4 KB
2 KB 26ms
25ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.518.js?utv=ut4.39.202209131210
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c89216f71c61ef90798e0ca2055716b1ca1b22cbb30b2e8984050ae06acc778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 12:45:08 GMT
server: AkamaiNetStorage
etag: "7cc04aa651cce060d80e6babeafad2bf:1654778708.036164"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2120
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.521.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 10 KB
3 KB 28ms
27ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.521.js?utv=ut4.39.202010011046
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3f1594b4a09de7b05aba88a7e26812cd1f4e178604947531bf76f9d863cbb4c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 10:59:20 GMT
server: AkamaiNetStorage
etag: "c09f093e0e4ce83103416febd13a6294:1594810760.535353"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3237
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.523.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 30ms
29ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.523.js?utv=ut4.39.202201051242
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 27dc4635c254b8aa1eacc62b7819be57d827b663d41793078443ae7531d17f32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 12:46:09 GMT
server: AkamaiNetStorage
etag: "fb30f56886da031845524ee15f427821:1598532369.53687"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1163
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.531.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 10 KB
3 KB 34ms
33ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.531.js?utv=ut4.39.202202081111
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cce031204e7dbe0400e16e76e68fd3c571b8c750eff6e4fcbd5e55f68534c442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 04:25:45 GMT
server: AkamaiNetStorage
etag: "3a9ced3787ddb191062f19331c8d30bd:1606796745.86938"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3239
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H2 200 utag.537.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 3 KB
2 KB 35ms
34ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.537.js?utv=ut4.39.202012161058
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9f5a72ce12e3919467065700621f04a38ee421e307261fb75ba1f71355f01c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 13:17:10 GMT
server: AkamaiNetStorage
etag: "8b5d313be7f848419f47125d0c6664fd:1602681430.396878"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1538
expires: Tue, 25 Oct 2022 15:03:39 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/976855902/ 42 B
64 B 62ms
28ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976855902/?random=1665414219587&cv=9&fst=1665414000000&num=2&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&fmt=3&is_vtc=1&random=3857923733&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976855902/ 42 B
64 B 61ms
27ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976855902/?random=1665414219587&cv=9&fst=1665414000000&num=2&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&fmt=3&is_vtc=1&random=3857923733&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
324 B 437ms
104ms Image
image/gif 206.19.49.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=1259816&version=2.1.1&ref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&r=1665414219776
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 15:03:40 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
Server: Apache/2.4.6 (CentOS)
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 43

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 68ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35949610-14&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976855902&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

336c8868b433ea4d6f95e9a19220cc4b04ecbd4d970da47a0f04ad3b2bd78373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 87ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5471927&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976855902&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

225653df4e8975065b86c8906429d60e04cedd47d629b96778073ce06b17636c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 83ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-597407903&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976855902&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25bae9a3f1178f66a119d0fa96d7783c031c94b8aefbf27dcaba58ccb8eedf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 76ms
43ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976855902&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H2 200 adsct
t.co/i/ 43 B
117 B 131ms
131ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=00a885f5-eeee-4411-9e39-c5b904b6c62d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=400388a3-cad2-4da9-8588-bb02df9dfb80&tw_document_href=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxlgc&type=javascript&version=2.3.27

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 115
date: Mon, 10 Oct 2022 15:03:38 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b93e447df3abdc00
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c5d0fb5c9143240586c586cb675029a02a36de7437efc0a4ba2436f4b9916843
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
117 B 125ms
124ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=00a885f5-eeee-4411-9e39-c5b904b6c62d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=400388a3-cad2-4da9-8588-bb02df9dfb80&tw_document_href=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxlgc&type=javascript&version=2.3.27

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4e73e63bbfc0c25c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e100e79a023333f9ced40016135863790a6f073c31900ed96cf8a1d764f2ddfa
content-length: 43

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 439ms
114ms Script
text/javascript 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.515.js?utv=ut4.39.202010011046
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: 963593d09bdf08f5209b30d3dea02ad057e1b855c2fcfadcbd0a9b20d4b515f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 10 Oct 2022 15:03:40 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5408
Content-Type: text/javascript

POST
H/1.1 201
Created messages Show response
cu1pehnsweb01.servicebus.windows.net/webp32h01/ 0
309 B 693ms
167ms XHR
application/xml 104.208.16.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cu1pehnsweb01.servicebus.windows.net/webp32h01/messages?timeout=60&api-version=2014-01

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.276.js?utv=ut4.39.202207280846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.208.16.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.mcafee.com/
accept-language: de-DE,de;q=0.9
type: entry
Authorization: SharedAccessSignature sr=http%3a%2f%2fcu1pehnsweb01.servicebus.windows.net%2fwebp32h01&sig=egeBP80h1RMGKxIU3lvC2c7N8fqicJTBSJTk9weZQwA%3d&se=2188580224&skn=webp32h01send
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.mcafee.com
Strict-Transport-Security: max-age=31536000
Date: Mon, 10 Oct 2022 15:03:40 GMT
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
cu1pehnsweb01.servicebus.windows.net/webp32h01/ Frame 0
0 545ms
131ms Preflight 104.208.16.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cu1pehnsweb01.servicebus.windows.net/webp32h01/messages?timeout=60&api-version=2014-01

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.208.16.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,type
Access-Control-Request-Method: POST
Origin: https://www.mcafee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type,type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.mcafee.com
Access-Control-Max-Age: 3600
Content-Length: 0
Date: Mon, 10 Oct 2022 15:03:40 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 45ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-614089511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976855902&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62966fff4ca3257242f7a077450e0ad75d6ae00ee40dad9735a591365b0c7f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 57ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-614089511

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.521.js?utv=ut4.39.202010011046

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecbe58caee3c292d5c67f784fed30b772fc615c2a7bf5cd1b2ba6954807e695b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H2 200 star.gif
jelly.mdhv.io/v1/ 43 B
235 B 183ms
124ms Image
image/gif 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly.mdhv.io/v1/star.gif?pid=Fm4ZsumnWdLJITEAOIqxG583lBzi&src=mh&evt=hi&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&_rnd=0.2709077570097971
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2015.1e100.net
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 6994f02878cbee1e62655325cdba620e
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

GET
H3 200 577185772377767 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/577185772377767?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8fb2dd6e45d7c477685ee1cbd387132ef477afe22590abf8019b6d7478722d9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86426
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iSXrNJTrHjDRMyCmjEdWCpEoek32MgApmfYSwDnJxQOd7qCFsf/gAeNsqE57D3EUj1OlQaetO6lfwyhiFls5hA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1eb8bd09b246.js Show response
w.usabilla.com/ Frame 11FD 245 KB
26 KB 143ms
43ms Script
text/javascript 34.254.43.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/1eb8bd09b246.js?lv=1
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.43.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-43-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c5a1a793d0070444a8219d1f5e652d54f9915bc2cacee7cddff002054b020e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "fa9e81f0491022e29b5477a4f1d59702"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 26710

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 53ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-740246542&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976855902&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a6449f039c57f1f5fab1b5dd75c1fc0db4266cb4e5f113a5435eba470a1237b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 62619
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 15:03:39 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 72ms
16ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
etag: "+b0B6ncQDCugPb96DWf2QA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 17 Oct 2022 15:03:39 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
216 B 17ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mcafee/consumer-main/202209281401&cb=1665414219824
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 10 Oct 2022 15:03:39 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 10 Oct 2022 15:13:39 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 16ms
16ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=577185772377767&ev=PageView&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&rl=&if=false&ts=1665414219843&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665414219394.1718698263&it=1665414219236&coo=false&rqm=GET

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 17ms
16ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=577185772377767&ev=ViewContent&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&rl=&if=false&ts=1665414219844&cd[content_type]=product&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665414219394.1718698263&it=1665414219236&coo=false&tm=1&rqm=GET

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 15:03:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/ 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/?random=1665414219882&cv=9&fst=1665414219882&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dpage_view%3Bsent_to%3DUA-35949610-14%3Bcontent_group1%3Dblogs%3Bcontent_group2%3Dother-blogs%3Bcontent_group3%3Dmcafee-labs%3Bcontent_group4%3Dmeet-tox-ransomware-for-the-rest-of-us%3Bauthor%3DMcAfee%20Labs%3BpubDate%3DMay%2023%5C%2C%202015%3BvisitorType%3D&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

730c8c0f3f86dec1e28bd37626f502f289bf3a6187a977d93783f8ef81196824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1206
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-hvA1U3-AR_BCf.js Show response
rules.quantcount.com/ 3 KB
2 KB 72ms
17ms Script
application/javascript 2600:9000:20eb:f600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-hvA1U3-AR_BCf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 399be28131d1a20656566d51786ebbd615d989571a619d09b1c7269d47b662e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:52:41 GMT
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 733
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 26 Aug 2022 15:31:32 GMT
server: AmazonS3
etag: W/"fb62258b2f69b531facfcd8ad28c5147"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: XcCQicV_6xqNhyfbt4GtkI4U1kwZJOY8Yz4HTM8j4mQsbwGzhyc68Q==

GET
H2 200 pixel;r=2047979493;source=TLM;rf=3;a=p-hvA1U3-AR_BCf;url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us;uht=2;fpan=1;fpa=P0-1026004482-166...
pixel.quantserve.com/ 35 B
372 B 53ms
19ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2047979493;source=TLM;rf=3;a=p-hvA1U3-AR_BCf;url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us;uht=2;fpan=1;fpa=P0-1026004482-1665414219890;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=mcafee.com;dst=0;et=1665414219890;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Meet%20'Tox'%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog%2Cdescription.Similar%20to%20other%20threats%252C%20ransomware%20has%20now%20appeared%20in%20an%20easy-to-deploy%20cyber%2Curl.https%3A%2F%2Fwww%252Emcafee%252Ecom%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the%2Csite_name.McAfee%20Blog%2Cimage.https%3A%2F%2Fsecuringtomorrow%252Emcafee%252Ecom%2Fwp-content%2Fuploads%2Ftoxlogo-300x111%252Epng;ses=dd2fc0a0-2d64-42df-9699-8112ccf71c98

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/ 2 KB
1 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/?random=1665414219911&cv=9&fst=1665414219911&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6db9b9217f47a33b3e2cecfff64756760b85311e2382d782b62235524047957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8A43 0
15 B 16ms
15ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.mcafee.com
Referer: https://www.mcafee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.mcafee.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 15:03:39 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35949610-14&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 15:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 10 Oct 2022 17:01:59 GMT

GET
H2

200

dc_pre=CKmH9bf31foCFflIHgId7Q8Jyw;src=5471927;type=;cat=;gtm=2oda50;auiddc=*;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=5471927;type=;cat=;gtm=2oda50;auiddc=1174185438.1665414220;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-t...
https://ad.doubleclick.net/activity;dc_pre=CKmH9bf31foCFflIHgId7Q8Jyw;src=5471927;type=;cat=;gtm=2oda50;auiddc=1174185438.1665414220;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafe...
https://adservice.google.com/ddm/fls/z/dc_pre=CKmH9bf31foCFflIHgId7Q8Jyw;src=5471927;type=;cat=;gtm=2oda50;auiddc=*;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox...

42 B
494 B

96ms
51ms

Image
image/gif

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKmH9bf31foCFflIHgId7Q8Jyw;src=5471927;type=;cat=;gtm=2oda50;auiddc=*;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CKmH9bf31foCFflIHgId7Q8Jyw;src=5471927;type=;cat=;gtm=2oda50;auiddc=*;~oref=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/614089511/ 2 KB
1 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/614089511/?random=1665414219973&cv=9&fst=1665414219973&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3beb2f356d5477f807eeac0e53e226b34636732156725fe120779fa2fcca997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/597407903/ 3 KB
1 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597407903/?random=1665414219982&cv=9&fst=1665414219982&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dpage_view%3Bsent_to%3DUA-35949610-14%3Bcontent_group1%3Dblogs%3Bcontent_group2%3Dother-blogs%3Bcontent_group3%3Dmcafee-labs%3Bcontent_group4%3Dmeet-tox-ransomware-for-the-rest-of-us%3Bauthor%3DMcAfee%20Labs%3BpubDate%3DMay%2023%5C%2C%202015%3BvisitorType%3D&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7691897963f000d5bce82a792d3892ca5ad1f6e2fc99d6e574bef28705b89dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/ 2 KB
1 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=1665414219984&cv=9&fst=1665414219984&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b1d8b5ad13993a15df60c3abb8a2acb31414e12bfccff142fbb1e2c9303f910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/ 2 KB
1 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=1665414219985&cv=9&fst=1665414219985&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbde8adcf9baf1fdc811129d4d9c05e320bc8245cb1aaacca904404b8881dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/976855902/ 42 B
64 B 31ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976855902/?random=1665414219882&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dpage_view%3Bsent_to%3DUA-35949610-14%3Bcontent_group1%3Dblogs%3Bcontent_group2%3Dother-blogs%3Bcontent_group3%3Dmcafee-labs%3Bcontent_group4%3Dmeet-tox-ransomware-for-the-rest-of-us%3Bauthor%3DMcAfee%20Labs%3BpubDate%3DMay%2023%5C%2C%202015%3BvisitorType%3D&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=4033431360&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976855902/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976855902/?random=1665414219882&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dpage_view%3Bsent_to%3DUA-35949610-14%3Bcontent_group1%3Dblogs%3Bcontent_group2%3Dother-blogs%3Bcontent_group3%3Dmcafee-labs%3Bcontent_group4%3Dmeet-tox-ransomware-for-the-rest-of-us%3Bauthor%3DMcAfee%20Labs%3BpubDate%3DMay%2023%5C%2C%202015%3BvisitorType%3D&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=4033431360&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
548 B 70ms
15ms Image
image/gif 2600:9000:20eb:a400:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=903152062;fpan=0;fpa=P0-1026004482-1665414219890;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=mcafee.com;dst=0;et=1665414219992;tzo=0;url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us;ogl=locale.en_US%2Ctype.article%2Ctitle.Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog%2Cdescription.Similar%20to%20other%20threats%252C%20ransomware%20has%20now%20appeared%20in%20an%20easy-to-deploy%20cyber%2Curl.https%3A%2F%2Fwww%252Emcafee%252Ecom%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the%2Csite_name.McAfee%20Blog%2Cimage.https%3A%2F%2Fsecuringtomorrow%252Emcafee%252Ecom%2Fwp-content%2Fuploads%2Ftoxlogo-300x111%252Epng

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:a400:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:01:57 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C1
age: 46904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: oY0yaKXsHq_aAYE0HR0eI-9no_EONN_y5XY4iwpRq-z-oCVd57O9tQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/976855902/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976855902/?random=1665414219911&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1192284314&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976855902/ 42 B
64 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976855902/?random=1665414219911&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1192284314&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/ 2 KB
1 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/?random=1665414220009&cv=9&fst=1665414220009&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7908ab4142618119b4b0251af1eae1c2f647cd5df56bafd53616f6d5a0a8f4b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/ 2 KB
1 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=1665414220016&cv=9&fst=1665414220016&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8e9740b247c9eda5f786d8bbfb93c336bb6d1848ac9e80ffc65cf38f37454bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0E8F 0
15 B 17ms
16ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.mcafee.com
Referer: https://www.mcafee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.mcafee.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 15:03:40 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 54ms
23ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1871457668&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&ul=en-us&de=UTF-8&dt=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUABBAAAACAAI~&jid=982228207&gjid=4465323&cid=262455932.1665414220&tid=UA-35949610-14&_gid=574775106.1665414220&_r=1&gtm=2oua50&cd1=na&cd2=us&cd3=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&cd9=&cd10=meet-tox-ransomware-for-the-rest-of-us&cd13=&cd16=McAfee%20Labs&cd17=May%2023%2C%202015&cg1=blogs&cg2=other-blogs&cg3=mcafee-labs&cg4=meet-tox-ransomware-for-the-rest-of-us&z=998845515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mcafee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mcafee.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
mcafeeinc.demdex.net/ Frame ABC4 7 KB
3 KB 1045ms
167ms Document
text/html 52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcafeeinc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mcafee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v044-0f3529585.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: GdBzVqKIQ40=
content-encoding: gzip
date: Mon, 10 Oct 2022 15:03:41 GMT
last-modified: Thu, 29 Sep 2022 16:18:55 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.mcafee.com/ 48 B
456 B 1709ms
159ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.mcafee.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=A729776A5245B1590A490D44%40AdobeOrg&mid=71722430509104214510917524073726512004&ts=1665414220038

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c6095a580b92df14dd13b642752146e45a89e10fd0673a1986be8deda0e23b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mcafee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Oct 2022 15:03:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.mcafee.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y0Q0TAAAAEdp0wOY
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=75450410271991590300542121439103635641
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0Q0TAAAAEdp0wOY

42 B
942 B

124ms
124ms

Image
image/gif

52.30.140.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0Q0TAAAAEdp0wOY

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

HTTP/1.1

Server

52.30.140.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-140-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0eb4cc283.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MnD2kQm1Q7I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0Q0TAAAAEdp0wOY
Date: Mon, 10 Oct 2022 15:03:40 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 /
www.google.com/pagead/1p-user-list/614089511/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/614089511/?random=1665414219973&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1996543532&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/614089511/ 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/614089511/?random=1665414219973&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1996543532&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740246542/ 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740246542/?random=1665414219985&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1665457913&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740246542/ 42 B
64 B 42ms
42ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740246542/?random=1665414219985&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1665457913&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/597407903/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/597407903/?random=1665414219982&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dpage_view%3Bsent_to%3DUA-35949610-14%3Bcontent_group1%3Dblogs%3Bcontent_group2%3Dother-blogs%3Bcontent_group3%3Dmcafee-labs%3Bcontent_group4%3Dmeet-tox-ransomware-for-the-rest-of-us%3Bauthor%3DMcAfee%20Labs%3BpubDate%3DMay%2023%5C%2C%202015%3BvisitorType%3D&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=4101710795&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/597407903/ 42 B
64 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/597407903/?random=1665414219982&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dpage_view%3Bsent_to%3DUA-35949610-14%3Bcontent_group1%3Dblogs%3Bcontent_group2%3Dother-blogs%3Bcontent_group3%3Dmcafee-labs%3Bcontent_group4%3Dmeet-tox-ransomware-for-the-rest-of-us%3Bauthor%3DMcAfee%20Labs%3BpubDate%3DMay%2023%5C%2C%202015%3BvisitorType%3D&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=4101710795&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740246542/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740246542/?random=1665414219984&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=2917873119&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740246542/ 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740246542/?random=1665414219984&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=2917873119&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 92ms
30ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35949610-14&cid=262455932.1665414220&jid=982228207&gjid=4465323&_gid=574775106.1665414220&_u=4GBACUAABAAAACAAI~&z=1889731476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mcafee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 10 Oct 2022 15:03:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mcafee.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/ 2 KB
1 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/?random=1665414220102&cv=9&fst=1665414220102&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7ce9895e293e7cf1beb52a5f10f4287ece491cfae2bd35f9017cae18d9177ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/ 2 KB
1 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=1665414220107&cv=9&fst=1665414220107&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b845f8e3fcdf6544e5c03d9e3313ff15a736342aaf3ae1aad18a84ee290333d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 303F 0
15 B 17ms
15ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.mcafee.com
Referer: https://www.mcafee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.mcafee.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 15:03:40 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 /
www.google.com/pagead/1p-user-list/976855902/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976855902/?random=1665414220009&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=3218251288&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976855902/ 42 B
64 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976855902/?random=1665414220009&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=3218251288&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740246542/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740246542/?random=1665414220016&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=2621407359&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740246542/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740246542/?random=1665414220016&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=2621407359&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35949610-14&cid=262455932.1665414220&jid=982228207&_u=4GBACUAABAAAACAAI~&z=592254119

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35949610-14&cid=262455932.1665414220&jid=982228207&_u=4GBACUAABAAAACAAI~&z=592254119

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740246542/ 42 B
64 B 31ms
29ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740246542/?random=1665414220107&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=3032886438&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740246542/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740246542/?random=1665414220107&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=3032886438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/976855902/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976855902/?random=1665414220102&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=3663121693&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976855902/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976855902/?random=1665414220102&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=3663121693&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 106ms
106ms Stylesheet
text/css 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: 74e8e82b9965ea90fc0b6ca79e6bf466f9eecc9e14ce9b51d43e6ce5a066feb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 10 Oct 2022 15:03:40 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 424ms
106ms Fetch
image/jpeg 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 10 Oct 2022 15:03:40 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/ 2 KB
1 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976855902/?random=1665414220355&cv=9&fst=1665414220355&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb672f1c8b08afd23ab4e6a0e80333fc6192cbcb81df02c8213ee0d0f6a5af0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/ 2 KB
1 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=1665414220359&cv=9&fst=1665414220359&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&auid=1174185438.1665414220&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d65cfd62add018801e59bf150cd33c09604cb967733095825892ae73266be8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8BBB 0
15 B 16ms
16ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.mcafee.com
Referer: https://www.mcafee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.mcafee.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 15:03:40 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 /
www.google.com/pagead/1p-user-list/976855902/ 42 B
64 B 32ms
32ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976855902/?random=1665414220355&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1093228851&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976855902/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976855902/?random=1665414220355&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=1093228851&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740246542/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740246542/?random=1665414220359&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=2038531395&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740246542/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740246542/?random=1665414220359&cv=9&fst=1665414000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&tiba=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&async=1&fmt=3&is_vtc=1&random=2038531395&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 141 B
444 B 126ms
126ms XHR
text/plain 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=uSyobPfzhDJe2LRnhI_IVA&is_js=true&landing_url=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&t=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&tip=Ky6Uva8dXK0rKyTMOwfZBV9Gz9pMGzd52zeVb5husVI&host=https://www.mcafee.com&sa_conv_data_css_value=%20%220-d862d143-92e5-4d44-4600-fc37cc0d14f0%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd96cef3b33ef50485a4ad3a9a72ad271d2d9409744&sa-user-id-v2=s%253A0-d862d143-92e5-4d44-4600-fc37cc0d14f0%2524ip%2524217.64.151.68.M96bOqVhByxQjhPwIuppowN6OO3N3VDhDlMJ%252BLRp4FA&sa-user-id=s%253A0-d862d143-92e5-4d44-4600-fc37cc0d14f0.sa%252FZHlMAFWL5lnxgas081%252Fs1RK7gkPa%252FwoPnH1kqeg8
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: 597b7ac8d3516dea5bcb9a2820cb005616de5ccfdc990d09fed05472e9b763b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 15:03:40 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.mcafee.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 141

GET
H2 200 RC4fa51485b5894d1cb92974356ae0fc00-source.min.js Show response
assets.adobedtm.com/97913309b792/00f161500c52/07eb4e49d341/ 828 B
708 B 69ms
69ms Script
application/x-javascript 2a02:26f0:3500:592::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/97913309b792/00f161500c52/07eb4e49d341/RC4fa51485b5894d1cb92974356ae0fc00-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e02c6dc391e7e999f146bc443a116e1f35609f4faecbafedd55aaa3a0c7f234d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:41 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 21:15:51 GMT
server: AkamaiNetStorage
etag: "ab1faf76266ac8bdf276f0bda62d7148:1648761351.579427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mcafee.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 443
expires: Mon, 10 Oct 2022 16:03:41 GMT

GET
H/1.1 200
OK mcafee-consumer-button-1944989b2cb625c962c6ef510fb08a96.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 6084 3 KB
3 KB 74ms
17ms Image
image/png 13.225.84.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/mcafee-consumer-button-1944989b2cb625c962c6ef510fb08a96.png
Requested by: Host: www.mcafee.com
URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-53.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f12048dcefe9bc239ae8d17fc0977bb7a704c86d72fab2a17393a056a20bebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 02 Sep 2022 01:42:11 GMT
x-amz-version-id: e0DDjde5j886.zf5qCShAnB86PP.hmFt
Via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Oct 2021 16:35:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 3331291
ETag: "1944989b2cb625c962c6ef510fb08a96"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2675
X-Amz-Cf-Id: _NOXJZRw3CNvRgNIJbntQR1P_mOsWaSLrNXb-WeS_erQ6c6-mtxq_Q==

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame ABC4 0
98 B 66ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=75450410271991590300542121439103635641
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcafeeinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 15:03:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 s51142615772922 Show response
smetrics.mcafee.com/b/ss/mcafeeenterprise/10/JS-2.20.0-LBWB/ 491 B
801 B 137ms
137ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.mcafee.com/b/ss/mcafeeenterprise/10/JS-2.20.0-LBWB/s51142615772922?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=10%2F9%2F2022%2015%3A3%3A41%201%200&d.&nsid=0&jsonv=1&.d&sdid=608B0C46BC78A6C8-5DD88BD1A48DCDF0&mid=71722430509104214510917524073726512004&aamlh=6&ce=UTF-8&pageName=other-blogs%3Amcafee-labs%3Ameet-tox-ransomware-for-the-rest-of-us&g=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&cc=USD&ch=other-blogs&server=www.mcafee.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3DpageName&v1=D%3DpageName&c5=D%3Dv5&v5=other-blogs&c6=D%3Dv6&v6=mcafee-labs&c8=D%3Dv153&c16=McAfee%20Labs&c26=D%3Dg&v26=D%3Dg&c51=%7C&c52=May%2023%2C%202015&c56=D%3Dv159&c57=D%3Dv160&c58=D%3Dv161&c59=D%3Dv180&c60=New&c62=D%3Dr&c75=D%3Dv190&v98=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F106.0.5249.91%20Safari%2F537.36&v100=2.20.0&v153=www.mcafee.com&v154=us&v155=english&v166=%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C403%7C&v180=year%3D2022%20%7C%20month%3DOctober%20%7C%20date%3D10%20%7C%20day%3DMonday%20%7C%20time%3D8%3A03%20AM&v181=New&v184=D%3Dmid&v185=Direct%2FBookmarked&v187=na&v188=Meet%20%27Tox%27%3A%20Ransomware%20for%20the%20Rest%20of%20Us%20%7C%20McAfee%20Blog&v190=meet-tox-ransomware-for-the-rest-of-us&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A729776A5245B1590A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c3aeb9ce6b58880fb69b563bd368b24a038863195ba95323e2f8ba5156caa9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-aam-tid: eivACUtSQfI=
date: Mon, 10 Oct 2022 15:03:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 491
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v044-07a02cb5f.edge-irl1.demdex.com 7 ms
pragma: no-cache
last-modified: Tue, 11 Oct 2022 15:03:41 GMT
server: jag
etag: 3576449808262725632-4619733149392154141
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 09 Oct 2022 15:03:41 GMT

GET
H2 200 s56827377006288
smetrics.mcafee.com/b/ss/mcafeewwconsumermain/1/JS-2.9.0/ 43 B
242 B 163ms
163ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.mcafee.com/b/ss/mcafeewwconsumermain/1/JS-2.9.0/s56827377006288?AQB=1&ndh=1&pf=1&t=10%2F9%2F2022%2015%3A3%3A41%201%200&sdid=608B0C46BC78A6C8-5DD88BD1A48DCDF0&mid=71722430509104214510917524073726512004&aamlh=6&ce=UTF-8&ns=mcafeeconsumer&g=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&events=event120%2Cevent1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=%5Bconsumer%3Aweb%5D%7Cother-blogs%7Cmcafee-labs&v1=%5Bconsumer%3Aweb%5D%7Cother-blogs%7Cmcafee-labs&c5=%5Bconsumer%3Aweb%5Dother-blogs&v5=%5Bconsumer%3Aweb%5Dother-blogs&c6=%5Bconsumer%3Aweb%5Dmcafee-labs&v6=%5Bconsumer%3Aweb%5Dmcafee-labs&c7=Page%20Name-%5Bconsumer%3Aweb%5D%7Cother-blogs%7Cmcafee-labs&c8=www.mcafee.com&v8=new&c9=en-us&v9=en-us&v13=%3A&v14=direct&c15=consumer&v15=consumer&v20=na&v21=united%20states&v23=8%3A00AM&v24=Monday&c26=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&v26=https%3A%2F%2Fwww.mcafee.com%2Fblogs%2Fother-blogs%2Fmcafee-labs%2Fmeet-tox-ransomware-for-the-rest-of-us&c33=web&v33=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A729776A5245B1590A490D44%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mcafee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 15:03:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 15:03:41 GMT
server: jag
etag: 3576449808490299392-4619600228207542229
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 15:03:41 GMT

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mcafee.com/blogs/other-blogs/mcafee-labs	1969-12-31 23:59:59	Name: local-user-context Value: null
www.mcafee.com/blogs/other-blogs/mcafee-labs	1969-12-31 23:59:59	Name: dnbDetails Value: \|\|\|\|\|\|\|\|\|\|403\|
www.mcafee.com/	1970-01-20 16:12:54	Name: layer0_bucket Value: 22
www.mcafee.com/	1969-12-31 23:59:59	Name: layer0_destination Value: default
www.mcafee.com/	1969-12-31 23:59:59	Name: layer0_environment_id_info Value: dc145a1d-f642-432a-b56e-6ef448998cfa
.mcafee.com/	1970-01-20 08:46:30	Name: _fbp Value: fb.1.1665414219394.1718698263
.t.co/	1970-01-20 16:12:54	Name: muc_ads Value: a3eb30ee-d012-45a4-b31b-6860a07564a4
.twitter.com/	1970-01-20 16:12:54	Name: personalization_id Value: "v1_Z0358te/nHT4OvLjGBVrIg=="
.facebook.com/	1970-01-20 08:46:30	Name: fr Value: 0iOgStqtgfrulafTP..BjRDRL...1.0.BjRDRL.
.linkedin.com/	1970-01-20 07:20:06	Name: UserMatchHistory Value: AQKGVQW-CBtY4wAAAYPCbEbZJCjrZU8rKG-tMht2_-DNAhO2c2RvyWUP7KmAQBQPeIok3yZdoBWf4Q
.linkedin.com/	1970-01-20 07:20:06	Name: AnalyticsSyncHistory Value: AQLsnWgQR9s4GgAAAYPCbEbZcATW5FOR9qsdhUEbGu6TKGX0CVPCt-XMYxNe-ziBYFkln1iXTSaljsGMR93Yyw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:22:30	Name: bcookie Value: "v=2&517cfb9d-b571-4bb4-8c8e-671ca2916407"
.linkedin.com/	1970-01-20 06:38:20	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2421:u=1:x=1:i=1665414219:t=1665500619:v=2:sig=AQHEO1fwNcJKoulJf87cSM-bisycf147"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:22:30	Name: bscookie Value: "v=1&20221010150339522f23fd-0e05-4410-87be-8deb499d2c9cAQEXjN7kL6aPTBEbN-Qx-GnbrrhkCQP2"
.linkedin.com/	1970-01-20 10:56:06	Name: li_gc Value: MTswOzE2NjU0MTQyMTk7MjswMjFkZBO0+SElvxSxXQi/dEIg7sK48b3WyYjcGgjnOF9P5Q==
.doubleclick.net/	1970-01-20 15:58:30	Name: IDE Value: AHWqTUnsVFX0XXPnTe2E6Upz4hj9P3v7FuJxWbf6s3RML1cb58LAPGmRCIAJ2mqM
.techtarget.com/	1970-01-20 06:36:56	Name: __cf_bm Value: IfLLc7QDaV3sqi7eooceM2dpcz.Iy2fenZxjQUOqpyc-1665414219-0-AUpPbLqj8s6LJvT1PbtTtwU/H1mdZ/T3ECWn4vp2OtTCGomuADNhee8XWhvnHZ5IWa1bf8JSZMVd6bgJElGdkmk=
.mcafee.com/	1970-01-20 08:46:30	Name: _gcl_au Value: 1.1.1174185438.1665414220
.mcafee.com/	1970-01-20 16:12:54	Name: run_fs_for_user Value: false
.mcafee.com/	1970-01-20 15:22:30	Name: utag_main Value: v_id:0183c26c47a500204c7b07b9205c03073005b06b00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1665416019685$ses_id:1665414219685%3Bexp-session$vapi_domain:mcafee.com
www.mcafee.com/	1970-01-20 16:01:23	Name: qcSxc Value: 1665414219891
.quantserve.com/	1970-01-20 16:07:08	Name: mc Value: 6344344b-e4f13-aa84a-7ab97
.mcafee.com/	1970-01-20 16:01:23	Name: __qca Value: P0-1026004482-1665414219890
.demdex.net/	1970-01-20 10:56:06	Name: demdex Value: 75450410271991590300542121439103635641
.mcafee.com/	1970-01-20 16:12:54	Name: _ga Value: GA1.2.262455932.1665414220
.mcafee.com/	1970-01-20 06:38:20	Name: _gid Value: GA1.2.574775106.1665414220
.mcafee.com/	1970-01-20 06:36:54	Name: _gat_gtag_UA_35949610_14 Value: 1
.mcafee.com/	1969-12-31 23:59:59	Name: AMCVS_A729776A5245B1590A490D44%40AdobeOrg Value: 1
tags.srv.stackadapt.com/	1970-01-20 15:22:30	Name: sa-user-id Value: s%3A0-d862d143-92e5-4d44-4600-fc37cc0d14f0.sa%2FZHlMAFWL5lnxgas081%2Fs1RK7gkPa%2FwoPnH1kqeg8
.srv.stackadapt.com/	1970-01-20 15:22:30	Name: sa-user-id-v2 Value: s%3A2GLRQ5LlTURGAPw3zA0U8NlAl0Q.sKUC2E%2B9L%2F4tXZY2axWERPh2uQsxhgTN9Of5%2BaIurus
www.mcafee.com/	1970-01-20 15:22:30	Name: sa-user-id Value: s%253A0-d862d143-92e5-4d44-4600-fc37cc0d14f0.sa%252FZHlMAFWL5lnxgas081%252Fs1RK7gkPa%252FwoPnH1kqeg8
www.mcafee.com/	1970-01-20 15:22:30	Name: sa-user-id-v2 Value: s%253A0-d862d143-92e5-4d44-4600-fc37cc0d14f0%2524ip%2524217.64.151.68.M96bOqVhByxQjhPwIuppowN6OO3N3VDhDlMJ%252BLRp4FA
.everesttech.net/	1970-01-20 15:22:30	Name: everest_g_v2 Value: g_surferid~Y0Q0TAAAAEdp0wOY
.dpm.demdex.net/	1970-01-20 10:56:06	Name: dpm Value: 75450410271991590300542121439103635641
www.mcafee.com/	1969-12-31 23:59:59	Name: usbls Value: 1
.demdex.net/	1970-01-20 10:56:06	Name: dextp Value: 60-1-1665414221115
.mcafee.com/	1970-01-20 16:12:54	Name: s_ecid Value: MCMID%7C71722430509104214510917524073726512004
.mcafee.com/	1970-01-20 06:36:56	Name: s_gpv Value: %5Bconsumer%3Aweb%5D%7Cother-blogs%7Cmcafee-labs
.mcafee.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.mcafee.com/	1970-01-20 15:22:30	Name: s_nr Value: 1665414221757-New
.mcafee.com/	1970-01-20 06:36:56	Name: gpv Value: other-blogs%3Amcafee-labs%3Ameet-tox-ransomware-for-the-rest-of-us
.mcafee.com/	1969-12-31 23:59:59	Name: tp Value: 10462
.mcafee.com/	1969-12-31 23:59:59	Name: s_ppv Value: other-blogs%253Amcafee-labs%253Ameet-tox-ransomware-for-the-rest-of-us%2C11%2C11%2C1200
.mcafee.com/	1970-01-20 16:12:54	Name: AMCV_A729776A5245B1590A490D44%40AdobeOrg Value: -408604571%7CMCIDTS%7C19276%7CMCMID%7C71722430509104214510917524073726512004%7CMCAAMLH-1666019020%7C6%7CMCAAMB-1666019020%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665421421s%7CNONE%7CMCSYNCSOP%7C411-19283%7CMCAID%7CNONE%7CvVersion%7C4.6.0
.mcafee.com/	1970-01-20 07:20:06	Name: Target_Test Value: seg%3D13216020%2C13216019%2C13216018%2C13216017%2C13306012%2C13306015%2C13306029%2C13306030%2C13306033%2C13306034%2C13306035%2C13306037%2C13306040
.mcafee.com/	1970-01-20 09:00:54	Name: aam_uuid Value: 75450410271991590300542121439103635641

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us(Line 1713) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googleadservices.com/pagead/conversion.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us(Line 1713) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googleadservices.com/pagead/conversion.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googleadservices.com/pagead/conversion.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/launch-ENc117a6a508e14a879398dd6f37ed54a3.min.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googleadservices.com/pagead/conversion.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=75450410271991590300542121439103635641 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
analytics.twitter.com
api2932.d41.co
apt.techtarget.com
assets.adobedtm.com
blogs.mcafee.com
cdn-0.d41.co
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
cu1pehnsweb01.servicebus.windows.net
d6tizftlrpuof.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
jelly.mdhv.io
mcafeeinc.demdex.net
pixel.quantserve.com
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.qccerttest.com
rules.quantcount.com
secure.quantserve.com
smetrics.mcafee.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
tags.tiqcdn.com
trk.techtarget.com
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.mcafee.com
104.208.16.0
104.244.42.133
104.244.42.3
104.75.88.194
13.107.42.14
13.225.78.88
13.225.84.53
13.36.218.177
142.250.185.102
142.250.185.98
161.69.25.99
199.232.136.157
206.19.49.24
216.239.32.21
2600:9000:20eb:a400:11:615:7240:93a1
2600:9000:20eb:f600:6:44e3:f8c0:93a1
2606:4700:10::ac43:2794
2606:4700:4400::ac40:91d9
2606:4700::6810:5914
2606:4700::6811:180e
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9c
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:592::1e80
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.251.26.3
34.254.43.202
35.244.174.68
52.201.98.245
52.30.136.248
52.30.140.233
52.44.206.121
64.12.16.2
003c5212fe084a97fd7fd753297fe409de81f1be36fa96caced384c844d3d361
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
03cb83fe07a916614f3ce8b33a1727c9b0ae141e1fefbcdc33cd322703e21c84
0c5d12f7f623ddaea002928a5e8aa1126cccf4cb80b58a4ed180d675a339efcc
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d66fa6c68f151d974336b6ba4fbc234568f3c3fd9e17f23310f78ff9d983bd7
0f12048dcefe9bc239ae8d17fc0977bb7a704c86d72fab2a17393a056a20bebd
1724f1a24cc337143ebe4f6226df6bce313fa1f2e9bc2ab1199e033c5d109e5c
1bbde8adcf9baf1fdc811129d4d9c05e320bc8245cb1aaacca904404b8881dc5
2170edf920df8db1736b378cacb7cbbb19d9693f32a60348d31e285ab9744591
218d05d13fe4ec02c43381f56d55867da02dbb5ed32c417c2584a44fbbfc8c2a
225653df4e8975065b86c8906429d60e04cedd47d629b96778073ce06b17636c
23df0fa91ea2aeca2b1db40ad0dec5d84e9b91787e2a4fd3ec27aa2354e9a6d7
2433290762f14878390667a857add6770254f0ce19676e8d790eeddfe16b082f
2458c6e69ec960015408bcff5b6e3c679da9a9e7cb3149cc810ef75158c0acf1
24937d7140dbec8f50327bcb6e1cd2c815ddb0b4831ab59b8253ea6838aa8a5e
25bae9a3f1178f66a119d0fa96d7783c031c94b8aefbf27dcaba58ccb8eedf4d
25ee50380a78316f90371f2836a861dd57be75f2fa6ad98f562694adfdd0901c
27dc4635c254b8aa1eacc62b7819be57d827b663d41793078443ae7531d17f32
2b2584c0ca6ddbc47c0aa30d55c12aaab9230b50780e82e20a6bdfede185a6ee
2c89216f71c61ef90798e0ca2055716b1ca1b22cbb30b2e8984050ae06acc778
2d94147f908f660d451621484e774388b2b9e3a01592bfafe9c1a6b7f15aa95a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8af6374a001a941e7eea578da32e139e8c9a659ffab78acd97fa160876efee
30d43129b574f4fac7b014c9d2bfa306278e2898863420c5570b7a55610257e8
336c8868b433ea4d6f95e9a19220cc4b04ecbd4d970da47a0f04ad3b2bd78373
33f4cfce31eb8bdf380d7ab022c7f25fe8bac13f3a4607eac724d75fa74a65e2
36925e7859abeeb8681d694d702e00b1fbba6f37ac49b11e8f863ed24507ca6a
399be28131d1a20656566d51786ebbd615d989571a619d09b1c7269d47b662e3
3a6449f039c57f1f5fab1b5dd75c1fc0db4266cb4e5f113a5435eba470a1237b
3f1594b4a09de7b05aba88a7e26812cd1f4e178604947531bf76f9d863cbb4c2
3fc414a0ae1021464164ee20393fbd17ab0046edf8be7aeec6e186a5f986cea7
414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
42d305b1bb8127c61d5f9ba48f1cceeae017697e7bd476fab1d7444de102d423
44a6addb012e85ee247ae07452582489aaa2a0054e45b0810a95108c68f744a5
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
49bb1710089118878b85269bc29493940781332955c32b2714f94aaf664dc818
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50c8022116d8105e7c9af1cb08f1e21c26f3f8516875bba1013fe4cbdd166a8d
52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
57bd7ccf2632d76d484d7c9f1aca765eb5485b0cd68d3c9612b6a7703ae3522d
597b7ac8d3516dea5bcb9a2820cb005616de5ccfdc990d09fed05472e9b763b2
5a5ca36882d71fe5b91eabe8e1c1f2ff0fe90eb0a578352fe171a04cb40c29a8
5b1d8b5ad13993a15df60c3abb8a2acb31414e12bfccff142fbb1e2c9303f910
5d4ac009da7f99e32023b5d21c87939275d1561bf80e4737aa5d61beba675f29
62966fff4ca3257242f7a077450e0ad75d6ae00ee40dad9735a591365b0c7f27
656955dd522a5ad6e4854b1ae8cc510c8eafab407ce64ec7957b5c23a8014bd1
678e4443e87259063b8fd75aadfe00332e64993b3829693fd69f6b190321042f
67b627b9d8b3bcd88516b64398532e4303657c479beec058b26646250fe9791c
6d4d659f4b34d65df2bfac351dda22f2a050352cbebf8f5df3fcb109018f945e
6d65cfd62add018801e59bf150cd33c09604cb967733095825892ae73266be8d
7158a94519124e54e74cd6b5cc8dec8b51c1678d9855856ada2b4aed4a2c3ad2
71d42e52ca35bfa15765b9b71e93054a357efb81f54b0bd578285acaeee52c1f
730c8c0f3f86dec1e28bd37626f502f289bf3a6187a977d93783f8ef81196824
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
74e8e82b9965ea90fc0b6ca79e6bf466f9eecc9e14ce9b51d43e6ce5a066feb3
75b43df6930d03341e76a75dcd100473926121ac0e707825a0e73e5666d7ff97
7691897963f000d5bce82a792d3892ca5ad1f6e2fc99d6e574bef28705b89dec
76e492344b7da6c17b6cfb90fd603bce68e20de9f1d2751d93eef85ee0137d74
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7908ab4142618119b4b0251af1eae1c2f647cd5df56bafd53616f6d5a0a8f4b8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a4f6545c815c9e3b697e47de1e576108af1674f30335d4b89af9bb0c8153a04
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c48971a72486c60216251e89061d7c2b8b03fa57551e0a6be0b7f0f9ab6254c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7f220e2dc4fd32bcb6097a7d0990c19966d769f3c2483a513ad3b6f9d3742d9b
82c52b937868d2d0afb2abccadf9b697f20c73c3c30ad9204dad4884878a7f0c
8474952f856a73d936c67fc73c4b330547430caec755cab2ee773a626ec03988
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f9a306434e8ed7d91e8ee0ee03ca08c58d61b4d41511b51d6e8ee243a3f2ba
8b845f8e3fcdf6544e5c03d9e3313ff15a736342aaf3ae1aad18a84ee290333d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
963593d09bdf08f5209b30d3dea02ad057e1b855c2fcfadcbd0a9b20d4b515f8
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834
9da2750af4886578418ae46988324591e00ddc2e34749dd929d54fe7d1f78352
9dee9f7724ca98ec632aadeee67d695806122f2ceae9b874dbc47f4535345ce9
9f5a72ce12e3919467065700621f04a38ee421e307261fb75ba1f71355f01c05
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a6db9b9217f47a33b3e2cecfff64756760b85311e2382d782b62235524047957
a8e9740b247c9eda5f786d8bbfb93c336bb6d1848ac9e80ffc65cf38f37454bd
a982c540f8f384f11cce36732cc23b9f3e9bf9dbee0c854c663f99b27f035969
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afca21f08d9897df9297beb699529b4a5e361fdb2e3ab514cbaea7c0f92d1e7b
b08faf373c3f1c8247d01a6ac23353ae7a36a7bbf40d7591814920c11196bedf
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5ef1c00425aca5499c3fa6e3ae78cecaa4682508e587b952780fccc7e8a2475
b63f011bf81f6548e73fe3c4f2edf35d97ca29054a35969373953a4ba382d782
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b7f2b6d7c3510789980ed6b0ee7741dc21ffed3a13a2ba7bb4566b569a49c598
b8fb2dd6e45d7c477685ee1cbd387132ef477afe22590abf8019b6d7478722d9
b964f75cb8c613e484743bf4daaac6efc65c74156fca95cd76ca15d742555d1d
c3aeb9ce6b58880fb69b563bd368b24a038863195ba95323e2f8ba5156caa9fe
c47380f71c3bdb3ebf92f494d7a6b8c1525f1ce8331fdb50398c22f59eea3936
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c589952098842e06f3b169d1c5439e1908b241b55644f81cb5a8d9e0e4f0b49e
c5a1a793d0070444a8219d1f5e652d54f9915bc2cacee7cddff002054b020e74
c6095a580b92df14dd13b642752146e45a89e10fd0673a1986be8deda0e23b8a
c64a0dd00d685de6eb7d2053110e20e2515ec436f262e5d36896a03b390f917a
c85b89d6b7d92272f7fb5946e61282a75b946883176c9ff73eac557dde75c724
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85
cc2a9ed4988e65c35ca3723e7b6941441eb3cdffb9c054fd02827e794470675f
cc698829ada2c532110e2d8ceebb401c2938a1559500b5e7660e784d04dc9f10
cce031204e7dbe0400e16e76e68fd3c571b8c750eff6e4fcbd5e55f68534c442
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d051f3c16ae61275a06cdf30938b3492e1bc6d89b9e7d67e2d175cec4e44df8a
d3704d9797dce227e5032123ba2c7744319bf51460b1f5a54e21ec3d9952004e
d585297c70c75e9cc83fa3f363b5e833b645c3fc25f858765aeec296d4d4dac1
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d878c25499f6df68615bca8b85c8ea900050d40fcc1453c4facf0bdf133aaec8
d9d2ee43226d548a07aa97187eec754b899087dc58c1bb601f2ea6dd4151ed53
dc043f2a44778d31ee700ab78a3805cfb4756f91fa34ef29919541488c9de674
dd0f5b1254d79cce10a7cb18c74a7b5f85d8943374e7412d6f261b9bc246f880
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e02c6dc391e7e999f146bc443a116e1f35609f4faecbafedd55aaa3a0c7f234d
e1e5bc8d022de6eb901d993242b63168860635b238b3f255b39fb83a549b81ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d47d41ed2bfca38c08c546c985599e8bee738a54d3e680d38b58e9f737e520
ea2fcfa550c8e004fc94f03166e8d8da9a87e9770b21a30146af7f7297735407
ecbe58caee3c292d5c67f784fed30b772fc615c2a7bf5cd1b2ba6954807e695b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
f3beb2f356d5477f807eeac0e53e226b34636732156725fe120779fa2fcca997
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7ce9895e293e7cf1beb52a5f10f4287ece491cfae2bd35f9017cae18d9177ac
f7e248392cea6eed6651423f5b9a4adafec5b15921a2f16ec54e1012be0aaee5
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fa251403ac153674157ed78351b757b362f9e0be8f6c5d595962b9033e488d48
fb672f1c8b08afd23ab4e6a0e80333fc6192cbcb81df02c8213ee0d0f6a5af0f
fbf8bdaf628a1b8270b0cb16c7d6fde31e6caa75b42e74ac78ce5d4f29003a3d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff4f1d3b83b386fe368a36112d66e193f81a07d24e2d4f98312fcfb53360d5e0

www.mcafee.com Open in urlscan Pro 64.12.16.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

98 %HTTPS

49 %IPv6

34 Domains

45 Subdomains

39 IPs

5 Countries

2911 kBTransfer

6309 kBSize

48 Cookies

30 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mcafee.com Open in urlscan Pro
64.12.16.2 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

98 %
HTTPS

49 %
IPv6

34
Domains

45
Subdomains

39
IPs

5
Countries

2911 kB
Transfer

6309 kB
Size

48
Cookies

197 HTTP transactions
0 data transactions