www.bankinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medi...
Submission: On October 08 via api (October 8th 2020, 1:32:14 am UTC) from SG

Summary HTTP 242 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 35 domains to perform 242 HTTP transactions. The main IP is 50.56.167.254, located in San Antonio, United States and belongs to RMH-14, US. The main domain is www.bankinfosecurity.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 16th 2020. Valid for: a year.

This is the only time www.bankinfosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	50.56.167.254 50.56.167.254	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
80	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	104.130.251.6 104.130.251.6	33070 (RMH-14) (RMH-14)
18	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
1 6	54.77.58.217 54.77.58.217	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:2b0... 2a02:26f0:2b00:79b::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.20.4.43 104.20.4.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.245.163 99.86.245.163	16509 (AMAZON-02) (AMAZON-02)
3	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
16	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	34.202.64.133 34.202.64.133	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.50.67.81 52.50.67.81	16509 (AMAZON-02) (AMAZON-02)
2 2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	34.246.29.23 34.246.29.23	16509 (AMAZON-02) (AMAZON-02)
2 2	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
1 2	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1 4	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
242	39

31 50.56.167.254 (San Antonio, United States)

ASN33070 (RMH-14, US)

www.bankinfosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2.18.233.88 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.130.251.6 (San Antonio, United States)

ASN33070 (RMH-14, US)

worker.ismgcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bankinfosecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.77.58.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-58-217.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2b00:79b::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.20.4.43 (United States)

ASN13335 (CLOUDFLARENET, US)

chatserver.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vue.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chatserver3.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.245.163 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-163.vie50.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

051-zxi-237.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.64.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-64-133.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.67.81 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-67-81.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.29.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-29-23.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.248.240 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.178.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

139c7dc2c025f4ebdd6719717994e1ad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.25 (Southampton, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	rackcdn.com 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	9 MB
32	googlesyndication.com 139c7dc2c025f4ebdd6719717994e1ad.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	640 KB
31	bankinfosecurity.com www.bankinfosecurity.com	462 KB
17	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	120 KB
9	googletagservices.com www.googletagservices.com	243 KB
7	ml314.com 1 redirects ml314.com in.ml314.com	16 KB
6	google.com adservice.google.com www.google.com	890 B
5	comm100.com chatserver.comm100.com vue.comm100.com chatserver3.comm100.com	249 KB
5	gstatic.com fonts.gstatic.com	46 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	twitter.com platform.twitter.com	31 KB
3	sitescout.com pixel.sitescout.com	458 B
3	disquscdn.com c.disquscdn.com	223 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	twimg.com pbs.twimg.com	6 KB
3	disqus.com bankinfosecurity.disqus.com disqus.com	30 KB
3	addthis.com s7.addthis.com m.addthis.com	114 KB
2	basis.net 1 redirects cdn01.basis.net pixel-a.basis.net	1 KB
2	eyeota.net 1 redirects ps.eyeota.net	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1007 B
2	adsrvr.org 2 redirects match.adsrvr.org	931 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	802 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	mktoresp.com 051-zxi-237.mktoresp.com	622 B
2	googletagmanager.com www.googletagmanager.com	71 KB
2	marketo.net munchkin.marketo.net	7 KB
1	google.de adservice.google.de	890 B
1	crazyegg.com script.crazyegg.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	addthisedge.com v1.addthisedge.com	325 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	821 B
1	bizographics.com sjs.bizographics.com	761 B
1	moatads.com z.moatads.com	1 KB
1	ismgcorp.com worker.ismgcorp.com	405 B
1	googleapis.com fonts.googleapis.com	1 KB
242	35

	Domain	Requested by
31	www.bankinfosecurity.com	www.bankinfosecurity.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
20	130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bankinfosecurity.com
14	dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
13	75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
10	0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
9	www.googletagservices.com	www.bankinfosecurity.com securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
6	ml314.com	1 redirects www.bankinfosecurity.com ml314.com
6	6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
5	www.google.com	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.bankinfosecurity.com www.google-analytics.com
4	platform.twitter.com	www.bankinfosecurity.com platform.twitter.com
4	21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
4	fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
4	4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
3	pixel.sitescout.com	www.bankinfosecurity.com
3	chatserver3.comm100.com	vue.comm100.com
3	c.disquscdn.com	bankinfosecurity.disqus.com
3	pbs.twimg.com	www.bankinfosecurity.com
3	dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
2	disqus.com	bankinfosecurity.disqus.com
2	ps.eyeota.net	1 redirects www.bankinfosecurity.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dpm.demdex.net	1 redirects www.bankinfosecurity.com
2	051-zxi-237.mktoresp.com	munchkin.marketo.net
2	px.ads.linkedin.com	1 redirects www.bankinfosecurity.com
2	www.googletagmanager.com	www.bankinfosecurity.com
2	munchkin.marketo.net	www.bankinfosecurity.com munchkin.marketo.net
2	f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
2	s7.addthis.com	www.bankinfosecurity.com s7.addthis.com
1	pixel-a.basis.net	1 redirects
1	cdn01.basis.net	www.googletagmanager.com
1	139c7dc2c025f4ebdd6719717994e1ad.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	vue.comm100.com	chatserver.comm100.com
1	script.crazyegg.com	dnn506yrbagrg.cloudfront.net
1	in.ml314.com	ml314.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	snap.licdn.com	sjs.bizographics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	dnn506yrbagrg.cloudfront.net	www.bankinfosecurity.com
1	chatserver.comm100.com	www.bankinfosecurity.com
1	sjs.bizographics.com	www.bankinfosecurity.com
1	bankinfosecurity.disqus.com	www.bankinfosecurity.com
1	z.moatads.com	s7.addthis.com
1	worker.ismgcorp.com	www.bankinfosecurity.com
1	fonts.googleapis.com	www.bankinfosecurity.com
242	55

This site contains links to these domains. Also see Links.

Domain
www.cuinfosecurity.com
www.govinfosecurity.com
www.healthcareinfosecurity.com
www.inforisktoday.com
www.careersinfosecurity.com
www.databreachtoday.com
www.devicesecurity.io
www.fraudtoday.io
www.paymentsecurity.io
www.bankinfosecurity.co.uk
www.bankinfosecurity.eu
www.bankinfosecurity.in
www.bankinfosecurity.asia
ffiec.bankinfosecurity.com
omnibus.healthcareinfosecurity.com
ddos.inforisktoday.com
ransomware.databreachtoday.com
gdpr.inforisktoday.com
covid19.inforisktoday.com
www.facebook.com
twitter.com
www.linkedin.com
events.ismg.io
www.twitter.com
www.coveware.com
www.nomoreransom.org
www.kpn.com
www.bleepingcomputer.com
t.co
www.databreachtoday.asia
securityintelligence.inforisktoday.com
ismg.io

Subject Issuer	Validity	Valid
ismg.io Go Daddy Secure Certificate Authority - G2	`2020-04-16` - `2021-07-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-04-19` - `2021-07-19`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
worker.ismgcorp.com Go Daddy Secure Certificate Authority - G2	`2020-02-13` - `2021-04-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2020-03-23` - `2022-03-28`	2 years	crt.sh
*.comm100.com DigiCert SHA2 Secure Server CA	`2020-02-12` - `2022-04-15`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
cdn01.basis.net Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2021-06-12`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh

This page contains 16 frames:

Primary Page: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Frame ID: A22F87853195127589F5A3A1C2255CD9
Requests: 173 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1B987AAF763113F9DDFD300D4DA36E57
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 29B710CE315525236BBA0B6C6746FE62
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.bankinfosecurity.com
Frame ID: CDA10ACD826B23BD4D56897D096FECE8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1216351931020476417&lang=en&origin=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Frame ID: F984FD5D9CC9F45E1B4DBF89E6177207
Requests: 1 HTTP requests in this frame

Frame: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Frame ID: 63733E3BF8811140851C3C2CDC9EB08B
Requests: 4 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&t_d=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&t_t=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&s_o=default
Frame ID: 162882122F91C3A4C455DE691F28B63D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhcNocaVCeDK2CAHp94Jn7TE3sq3r8bUI0pCuFz9Y8jSlhMUHQxN0qU00ikK61Y13lABicDkqyV4_ZTvnJ1suvIZPNOyhHWZXKKNN0z3qWM0FZPpj1vkOaP9Ub__p8OvJux0slvIOynZQqo1gVM7OPZWRRwxHnxeT96a51B14DxxZzVrInFscAuPLpGmqoSqCD_t3hH0biA7Q-LeYgBTrICFmpzxoRNcOoIWs4UdQlpnR3jY6kAsewOMLPLsyA6uoFLdRT8PMhpsEuKt1IhJQ&sai=AMfl-YQTUrFVx2Zc8xmPfaxrsYtbapmQvYPm-sHAUi89MDvmLBGTQaUZr816MvN-au2mrFYbigFZsVW0kYvmz3rdU5vqMsR6sexs5RsIwfTprVSMEHEM9C78EwIWRMHhi4g&sig=Cg0ArKJSzJ07fuO7236WEAE&adurl=
Frame ID: 9DC91D655F23DBA4A003F669D65B74AB
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEI1QN9I1zWLQ3nLKIuKv8kzLDIV_1OCCyt_aUViuNisDtCy-Gy2RpxuChxHDnTGe7jX0Gd6dySLmB2RdXUH3yrOuc8aXZQFRih63ul0qxMR04DosqTovYE70CZ_oqsxmEOGt5hXJuw3f3Fvs8x9buGxfmQM_4qhVC_NkA9jiHcZO11yFIFoQJ4BVua5ymD3F2bMCVW1RGJWOR3G6VyJqmA9-ExweewA96a2BWbOuE6zr_x3dLFMOOYOTgdrCmTbY559UeJzt5FfYfsPZM5_ijFd3j&sai=AMfl-YRIkk9QP3dpAI8u_XpLuIzeYqsfe9CmpKequtT4DZFFD1n9Fx6BhDeowBRX3hzZHk3ILvQXKBvwCyIqyXStRLayoOu1hF7ul2D6WStkUv5WPfFByKzYuplRIX1Zu5o&sig=Cg0ArKJSzKiNuEA86IucEAE&adurl=
Frame ID: 80A0B982839A7C1E2499B028BCED99DF
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstP5eLIyX_h8a28FtTivogp0kq8PTnjtepDnT_QitbGRQOQFWtCrd4n6Fio7QES4XxPNhLK9SEkDXahJ7YIJkN2PKZH3sjf9RpvpFUPlPjBatUQ3nsNPdJMzbdKkpM9rll9ay5PorQa8eVqZL5BiW5YF5NWolA9X_8Pni390JQvH19bET2Byhp41HeiAybqMz5dTG5a1lm2p23eQlUjsxNMV6tgZHOJRBN4bE087Goqn6q0UFuh852vbp378CxFZHzz7tD7MjGnhXxsI99YAjK98JYw0dg&sai=AMfl-YRrqUrD9We6QL4s9IbpkvHtyMSE4W6kVE4yUfRmIx_ei7Ojr8pZ6MTJCNy3YMnPXZNshAuKoENqRCMYQSxlwP-nJZyXITege-FMR3ddsq2ZGD_wM3kqRFS5daA-69A&sig=Cg0ArKJSzLYnaPwYQAwfEAE&adurl=
Frame ID: 22C30339277AF47830E61E2D46DB7B2B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRv0XokEcJPeGlngVaN0vG1C06ycca8jcpk-c5Nab_1ryWlzWkZvd3P-BQjafGRSMFEXhhkl_4yNZd-6DmkT-aPbqjTBOrQ3gcqitY1wvn_KnupDI9wMjGNdq7cjChavqfFsaFHf98MgmvfBgbrh2YgV46dqzq_L0BnaXysp4yzjXTuR6lzs5QWGfrbNWrKhjoeiLUrG3PbL2fUpZMI1i6KyS3x5fA2Qc36I6cLcO2TwTU24LFafYMFBp9TWjdbRZycF_gWEC6GElVkQX8UXI45ggE&sai=AMfl-YQjSOd4NZiklR3YYn9g-nmA1aXZ7ZOlYdQMLekkPH1F-k7WSzQmEl7pYQsa12d4YTQF_ADbF0QhCzZyW9pBDN9WXhs_aumax41wjcYfCPyjrWynPH0seTHQoC_5-HQ&sig=Cg0ArKJSzG76zRF_fiTyEAE&adurl=
Frame ID: BD6DF33E7EC121CFAD2CC524D1DF849E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIc_aS4TSg4qQ6m7925MVv3R8WMZz40CyvG2So3dyNr3qQg0qdzd_rNnS3X7nTeXcNwQd1u7Aguc4sxnLp6ydTc6siR7lmYM26mhl2iiv8y7nQjHEeO5hOQvV1Y-WILtsrZ48NAKp4R9BUegwM-PGM_8ZHPWfPiI1B5OoDCrGqBtUDnSx_Nu7yIqBAsfF5rQZXeAUBDgJqRhPNHWcKyiFcPEbu3XGfj2bIjpG1y7LPqqxRjtouUxY1fl1sVqkvtCm4LFxe0_bhHET7g-IPBmIdNvo&sai=AMfl-YQtzuMpD01vQQdjSGiMnzOrBJzuEp6bNTq_N4u58SPI_bsl5ov6myqf9U8W5rcMpLbK7fz_N01_7VtMrWV4TvePg3N3x28HeVpEZf84BDMbZjYfG-k2ccvBhjQPsAg&sig=Cg0ArKJSzGdS_nFJ4lMNEAE&adurl=
Frame ID: BBC6AB61D8062A23F17266888FB9458A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuWTFc5xiFrREPHGFvmHonVfMmFP-IpA1ZSTFxIzm3fH5uNwKBdjNVegMWKpM15K_TqadHOk6NQhracknuIISue9lZRwSFRUkkg-lZENczEex1fQQwt9nGGZqQTZI-0xf_mB4cTvnCJ0wGvFW274ZPitt4d6klDxHam8Z4qpkrTIZzRlO5HafKXh9UipaBQ9UPbz2R202kxmsGf6ODeEZGMR-OSeECkhzMkvCDcSvwlCRlaIaLcowZnbItB66cLpqcuJIZIJxNTpLEVlpZgXLM5A&sai=AMfl-YSpF41Pt2DgfKjOuGfoWyp-N_EzRIvwCef9CFVLIDFqzvfH5nMhoofEWnKEhXJHTEFo6URdkJ73RYmnOX2SuBlQI47O3h_4tk-Wz8hphflN2yaoDV53wP4jytE-EEc&sig=Cg0ArKJSzJCfSImkBFzrEAE&adurl=
Frame ID: 203C9E0631A0EBC971A583B7FA5B3C02
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-VE1yEUbTVFmnu72roDA1xTMpAUd_4zgTuLtBOPMO09VuPcBNXnZoNT-AaoOOHN7cajbFu0N1_g2ymKsUY0IrucCtayfzMlBv2TmfzEvJ12V6X4jBQVUE2fG8c5t3hpdQmTDAf7oS9q-tUzc8gaWwfxmxmh1eb-p5IVR8EignkogIKRqLocbJNzUWZ5wiGmi7CeU4crUDxzcuiD21Z3wxheCnjjOryl27k5VELZHA4Bz9T-gToy3EpMaESMpRqUJUseVk5YxsIhFCZkY&sai=AMfl-YSRVkzCgJcWQskoVQzdG3ef75QyWTV5GpBD8Q8MXdRIxdrkDythQR61fCuadbG5ailsOM9GqGAWtU6imnewxkWevy4Lp-_LkYM7dyUJEA8yxg14GCYgi6Qwypov-g4&sig=Cg0ArKJSzCThldfIQx7wEAE&adurl=
Frame ID: C2580D3D7FB9E75D0CF1E99E6AAB617D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 8B6129A3ADCA48A04E8AF4D749F0551F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0D6239DF98EC3932787DDB7FFEEA9A44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

242
Requests

96 %
HTTPS

50 %
IPv6

35
Domains

55
Subdomains

39
IPs

8
Countries

11072 kB
Transfer

18041 kB
Size

13
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cuinfosecurity.com/
Title: CUInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.govinfosecurity.com/
Title: GovInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/
Title: HealthcareInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.inforisktoday.com/
Title: InfoRiskToday

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/
Title: CareersInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/
Title: DataBreachToday

Search URL Search Domain Scan URL

URL: https://www.devicesecurity.io/
Title: DeviceSecurity

Search URL Search Domain Scan URL

URL: https://www.fraudtoday.io/
Title: FraudToday

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/
Title: PaymentSecurity

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.co.uk/
Title: UK

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.eu/
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/
Title: Asia

Search URL Search Domain Scan URL

URL: https://ffiec.bankinfosecurity.com/
Title: FFIEC

Search URL Search Domain Scan URL

URL: https://omnibus.healthcareinfosecurity.com/
Title: HIPAA Omnibus

Search URL Search Domain Scan URL

URL: https://ddos.inforisktoday.com/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://ransomware.databreachtoday.com/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://gdpr.inforisktoday.com/
Title: GDPR

Search URL Search Domain Scan URL

URL: https://covid19.inforisktoday.com/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/mobile-wallets-emerging-fraud-w-1074

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/mobile-payments-byod-vulnerabilities-threats-remedies-w-852

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/emerging-payment-channels-technologies-infrastructures-ensuring-robust-w-826

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/visa-on-future-payment-card-security-w-746

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/webinars/rise-cryptocurrency-malware-w-1780

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/employer-center
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/bankinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/BnkInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/information-security-media-group-corp-ismg/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-chicago-il-2020/?rf=trending
Title: Virtual Cybersecurity & Fraud Summit Chicago - Oct. 13

Search URL Search Domain Scan URL

URL: https://www.twitter.com/euroinfosec
Title: euroinfosec

Search URL Search Domain Scan URL

URL: https://www.coveware.com/blog/2020/1/22/ransomware-costs-double-in-q4-as-ryuk-sodinokibi-proliferate
Title: Coveware says

Search URL Search Domain Scan URL

URL: https://www.nomoreransom.org/
Title: No More Ransom

Search URL Search Domain Scan URL

URL: https://www.kpn.com/security-blogs/Tracking-REvil.htm
Title: KPN's security team

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/ryuk-ransomware-uses-wake-on-lan-to-encrypt-offline-devices/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: https://twitter.com/VK_Intel/status/1216351931020476417
Title: Vitali Kremez

Search URL Search Domain Scan URL

URL: https://twitter.com/euroinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/cybersec_feeds
Title: cybersec_feeds

Search URL Search Domain Scan URL

URL: http://twitter.com/jamesvgingerich
Title: @jamesvgingerich

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23CyberSecurity
Title: #CyberSecurity

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313999483454320640
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23COVID
Title: #COVID

Search URL Search Domain Scan URL

URL: https://t.co/oUHtur7KvP
Title: https://t.co/oUHtur7KvP

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313995251456057345
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/Hypori_VM
Title: @Hypori_VM

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313995124720967681
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/Seceon_Inc
Title: Seceon_Inc

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23aiSIEM
Title: #aiSIEM

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23aiXDR
Title: #aiXDR

Search URL Search Domain Scan URL

URL: https://t.co/tIg8cSHelc
Title: https://t.co/tIg8cSHelc

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313994409432805379
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/DataBreachToday
Title: DataBreachToday

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23phishing
Title: #phishing

Search URL Search Domain Scan URL

URL: https://t.co/zlsV6kWVjN
Title: https://t.co/zlsV6kWVjN

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313994013532250112
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/search/realtime?q=bankinfosecurity%20OR%20inforisktoday%20OR%20healthcareinfosecurity%20OR%20govinfosecurity%20OR%20careersinfosecurity%20OR%20databreachtoday%20OR%20cuinfosecurity%20OR%20from:euroinfosec%20OR%20from:ISMG_asia%20OR%20from:bnkinfosecurity%20OR%20from:cuinfosecurity%20OR%20from:fraudblogger%20OR%20from:govinfosecurity%20OR%20from:mariannemcgee%20OR%20from:gen_sec%20OR%20from:securityeditor%20OR%20from:healthinfosec%20OR%20from:careersinfosec%20OR%20from:databreachtoday%20OR%20from:inforisktoday%20OR%20from:ISMG_news%20OR%20from:ismg_press&src=hash
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/operational-risk-management-governance-vp-bank-china-new-york-ny-new-york-i-1902350
Title: Operational Risk Management Governance VP - Bank of China - New York, NY

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/chief-privacy-officer-vp-legal-gravy-analytics-sterling-va-sterling-i-1906694
Title: Chief Privacy Officer & VP Legal - Gravy Analytics - Sterling, VA

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/financial-queries-investigations-lead-analyst-vp-citi-tampa-fl-tampa-i-1900460
Title: Financial Queries & Investigations Lead Analyst, VP - Citi - Tampa, FL

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/mss-risk-controls-analyst-svp-citi-new-york-ny-new-york-i-1900449
Title: MSS Risk & Controls Analyst (SVP) - Citi - New York, NY

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/vp-digital-product-risk-compliance-peoples-united-bank-bridgeport-ct-i-1899607
Title: VP, Digital Product Risk and Compliance - People's United Bank - Bridgeport, CT

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/roger-severino-lead-hipaa-enforcer-on-fighting-hackers-i-4777
Title:

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.asia/interviews/5-key-features-ransomware-mitigation-i-4767
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-are-darknet-markets-here-to-stay-i-4769
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/panel-discussion-securing-digital-payments-i-4778
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-chinese-database-exposure-cause-for-concern-i-4768
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/digital-identity-gaining-momentum-i-4776
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/achieving-scalable-ddos-protection-managed-services-i-4770
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-mcafees-planned-ipo-i-4775
Title:

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/compliance-2-new-health-data-regs-avoiding-pitfalls-i-4772
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/how-virtual-cards-could-mitigate-merchant-fraud-risk-i-4771
Title:

Search URL Search Domain Scan URL

URL: https://securityintelligence.inforisktoday.com/
Title: Security Intelligence

Search URL Search Domain Scan URL

URL: https://ismg.io/
Title: Information Security Media Group, Corp.

Search URL Search Domain Scan URL

URL: https://ismg.io/about-us
Title: About ISMG

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 146

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120716424&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%20Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1602120716424%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%252Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%253Futm_campaign%253DEvent%2BPromotions%2526utm_medium%253Demail%2526_hsmi%253D96683910%2526_hsenc%253Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%2526utm_content%253D96683910%2526utm_source%253Dhs_email%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120716424&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent+Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&liSync=true

Request Chain 152

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3613665845468725263&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665845468725263&redir=

Request Chain 153

https://idsync.rlcdn.com/395886.gif?partner_uid=3613665845468725263 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMzY2NTg0NTQ2ODcyNTI2MxAAGg0IjNj5-wUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=22f46c9a4f8b5f771fbaf9359f9f1da9474a5f5761585ddc0974ef0105db1c62f4cb09cee1a4f8eb&person_id=3613665845468725263&eid=50082

Request Chain 154

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=5afe7577-521d-4d74-943b-f7f44362a2cb HTTP 302
https://ml314.com/csync.ashx?fp=5afe7577-521d-4d74-943b-f7f44362a2cb&person_id=3613665845468725263&eid=53819

Request Chain 155

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665845468725263 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665845468725263 HTTP 302
https://ml314.com/csync.ashx?fp=857a3e788c7ab5af735696d8ea26bbb7&eid=50146&person_id=3613665845468725263

Request Chain 156

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

Request Chain 230

https://pixel-a.basis.net/iap/64ead273d1f41aa7 HTTP 301
https://pixel.sitescout.com/iap/64ead273d1f41aa7

242 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654 Show response
www.bankinfosecurity.com/ 377 KB
56 KB 769ms
276ms Document
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

28676947b76280b0cdfa4db3d6a2e4709230eb258b557dd9bb74c3018511a95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: www.bankinfosecurity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:53 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=2ferh50rmr12fvj2ucovu2v5e0; expires=Thu, 08-Oct-2020 05:31:53 GMT; Max-Age=14400; path=/ _advert=false; expires=Fri, 09-Oct-2020 01:31:53 GMT; Max-Age=86400; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery-ui.min.css
www.bankinfosecurity.com/css-responsive/vendor/ 25 KB
5 KB 312ms
163ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/jquery-ui.min.css?s=1602120713.9265

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4896

GET
H/1.1 200
OK mediaelementplayer-updated.css
www.bankinfosecurity.com/css-responsive/vendor/ 11 KB
3 KB 474ms
161ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/mediaelementplayer-updated.css?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2622

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 18ms
14ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Oct 2020 23:55:51 GMT
server: ESF
date: Thu, 08 Oct 2020 01:31:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Oct 2020 01:31:54 GMT

GET
H/1.1 200
OK main.css
www.bankinfosecurity.com/css-responsive/ 231 KB
42 KB 493ms
170ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/main.css?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43006

GET
H/1.1 200
OK prettyPhoto.css
www.bankinfosecurity.com/css-responsive/ 21 KB
3 KB 497ms
166ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/prettyPhoto.css?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2840

GET
H/1.1 200
OK bis-hdr.desktop.r2.css
www.bankinfosecurity.com/css-responsive/vendor/ 8 KB
2 KB 497ms
166ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.desktop.r2.css?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1956

GET
H/1.1 200
OK bis-hdr.mobile.r2.css
www.bankinfosecurity.com/css-responsive/vendor/ 9 KB
2 KB 497ms
165ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.mobile.r2.css?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2133

GET
H/1.1 200
OK font-awesome.min.css
www.bankinfosecurity.com/css-responsive/vendor/ 22 KB
5 KB 520ms
182ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5049

GET
H/1.1 200
OK jquery.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 91 KB
33 KB 639ms
166ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 33094

GET
H/1.1 404
Not Found modernizr.js
www.bankinfosecurity.com/javascripts-responsive/vendor/ 0
0 709ms
212ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/modernizr.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 35 KB
9 KB 665ms
167ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/bootstrap.min.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9328

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 21 KB
7 KB 664ms
166ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.min.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6689

GET
H/1.1 200
OK mediaelement-and-player-updated.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 154 KB
38 KB 694ms
175ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/mediaelement-and-player-updated.min.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 38476

GET
H/1.1 200
OK tinymce.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 295 KB
101 KB 807ms
170ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/tinymce.min.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.validate.bootstrap.popover.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 810ms
161ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.bootstrap.popover.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 926

GET
H/1.1 200
OK jquery.placeholder.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 832ms
165ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.placeholder.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 922

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 222 KB
60 KB 843ms
175ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery-ui.min.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 61345

GET
H/1.1 200
OK crypt_des.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 9 KB
3 KB 972ms
162ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/crypt_des.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2857

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 147ms
49ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 08 Oct 2020 01:31:55 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H/1.1 200
OK headerlogo-bis.png
www.bankinfosecurity.com/images-responsive/logos/ 2 KB
2 KB 166ms
166ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logos/headerlogo-bis.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1682

GET
H/1.1 200
OK dhs-russia-poses-greatest-threat-to-election-showcase_image-9-a-15132.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 344 KB
344 KB 181ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/dhs-russia-poses-greatest-threat-to-election-showcase_image-9-a-15132.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c4accf30afc031dcb451116c98478ec576f272fd4c3a2238e75de4a9de4783c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 07 Oct 2020 20:49:43 GMT
X-Trans-Id: txd540292ad05e41dcadfc0-005f7e2ee2dfw1
ETag: a0ef8abce71b7e37743b0ed4c6be2c3f
Content-Type: image/jpeg
X-Timestamp: 1602103782.12570
Cache-Control: public, max-age=70775
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 352306
Expires: Thu, 08 Oct 2020 21:11:30 GMT

GET
H/1.1 200
OK microsoft-warns-iranian-hackers-exploiting-zerologon-flaw-showcase_image-2-a-15128.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 97 KB
97 KB 181ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/microsoft-warns-iranian-hackers-exploiting-zerologon-flaw-showcase_image-2-a-15128.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6699f01143db728abd2c63ea26e7d067b8908bf6cb84059653757aff1dd885d6

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 07 Oct 2020 14:38:27 GMT
X-Trans-Id: tx4e068d5e2968491e90060-005f7dd6b1dfw1
ETag: 00dd6468a532309ebbc74ef2445f7f84
Content-Type: image/jpeg
X-Timestamp: 1602081506.06658
Cache-Control: public, max-age=48123
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98818
Expires: Thu, 08 Oct 2020 14:53:58 GMT

GET
H/1.1 200
OK heh-botnet-targets-telnet-on-iot-devices-showcase_image-5-a-15127.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 189 KB
189 KB 181ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/heh-botnet-targets-telnet-on-iot-devices-showcase_image-5-a-15127.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ccfdf42877037670930e65c205ea0353531575475d29d62ff8f459b72531e17

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 07 Oct 2020 02:59:39 GMT
X-Trans-Id: txa9ca44f75fca4338be81f-005f7dbdb9dfw1
ETag: f4908da9f07a230faa0e9b869ba6837f
Content-Type: image/jpeg
X-Timestamp: 1602039578.87072
Cache-Control: public, max-age=41662
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 193390
Expires: Thu, 08 Oct 2020 13:06:17 GMT

GET
H/1.1 200
OK fileless-malware-injected-in-windows-error-reporting-service-showcase_image-4-a-15129.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 175 KB
176 KB 193ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/fileless-malware-injected-in-windows-error-reporting-service-showcase_image-4-a-15129.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7bd0b1c71678463acb8f96f3a6cd4eeda6ee0c196ded8bf557ac5b2b5ae864a

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 07 Oct 2020 14:50:10 GMT
X-Trans-Id: tx55dcce0ffc7d470a9ef75-005f7dd9c2dfw1
ETag: 704189cfe73c7b6ffdec234718868073
Content-Type: image/jpeg
X-Timestamp: 1602082209.21098
Cache-Control: public, max-age=48968
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179403
Expires: Thu, 08 Oct 2020 15:08:03 GMT

GET
H/1.1 200
OK digital-identity-gaining-momentum-showcase_image-10-i-4776.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 88 KB
88 KB 182ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/digital-identity-gaining-momentum-showcase_image-10-i-4776.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8a3f3e789888cc4d06c6168c575b44481339a6cf22395a0f1ae232090937af9

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 05 Oct 2020 15:12:46 GMT
X-Trans-Id: txec3838cfa08841c88059f-005f7b3ec1dfw1
ETag: 00579821632cf1bfdf0b03665711cb2e
Content-Type: image/jpeg
X-Timestamp: 1601910765.81193
Cache-Control: public, max-age=35043
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89699
Expires: Thu, 08 Oct 2020 11:15:58 GMT

GET
H/1.1 200
OK analysis-mcafees-planned-ipo-showcase_image-5-i-4775.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 87 KB
88 KB 220ms
106ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-mcafees-planned-ipo-showcase_image-5-i-4775.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8388d38e2cc888f21ec1c50862c6565f1305d98f75a4e86989df4e27a3028a0d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Thu, 01 Oct 2020 15:39:32 GMT
X-Trans-Id: tx4cb54743ed364137b88bb-005f76e74fdfw1
ETag: 7cd51ce6ee5fc8a8bbf6eadf038faeb6
Content-Type: image/jpeg
X-Timestamp: 1601566771.40359
Cache-Control: public, max-age=66596
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89482
Expires: Thu, 08 Oct 2020 20:01:51 GMT

GET
H/1.1 200
OK how-virtual-cards-could-mitigate-merchant-fraud-risk-showcase_image-7-i-4771.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 135 KB
136 KB 191ms
76ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/how-virtual-cards-could-mitigate-merchant-fraud-risk-showcase_image-7-i-4771.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf6005f6e5e8f5fbecf055ce4e63dfc6096b584acf0973e4da11a5ce408fd414

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 28 Sep 2020 11:16:49 GMT
X-Trans-Id: tx4299325e6d00429bae3b3-005f71f268dfw1
ETag: 59f4054e0f5eb557f35b43cb5c23f4da
Content-Type: image/jpeg
X-Timestamp: 1601291808.41505
Cache-Control: public, max-age=53718
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138381
Expires: Thu, 08 Oct 2020 16:27:13 GMT

GET
H/1.1 200
OK analysis-are-darknet-markets-here-to-stay-showcase_image-3-i-4769.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 99 KB
100 KB 191ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-are-darknet-markets-here-to-stay-showcase_image-3-i-4769.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f39f33327378cf5aad8b1d72b7f2c5ced2f64686ee86cd18c2a7dea386151963

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Thu, 24 Sep 2020 14:18:01 GMT
X-Trans-Id: tx6c2e1bd66ee84fc2a4f11-005f6dac41dfw1
ETag: 592cc1e056bf2756a05fc2435de1299f
Content-Type: image/jpeg
X-Timestamp: 1600957080.59637
Cache-Control: public, max-age=15224
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101694
Expires: Thu, 08 Oct 2020 05:45:39 GMT

GET
H/1.1 200
OK unable-to-throw-book-at-snowden-us-grabs-royalties-showcase_image-7-p-2950.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 103 KB
103 KB 176ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/unable-to-throw-book-at-snowden-us-grabs-royalties-showcase_image-7-p-2950.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 35f2ec4ccf6ffe8eb7d38a99ed8a62168cdbd62b6abe4190ed2f8acbd1e550cf

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 02 Oct 2020 11:11:46 GMT
X-Trans-Id: txc05dbe2228044459b26f3-005f771a53dfw1
ETag: 6c6d226a2a0bd02eae6be7e2cd05f386
Content-Type: image/jpeg
X-Timestamp: 1601637105.84973
Cache-Control: public, max-age=85502
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105083
Expires: Fri, 09 Oct 2020 01:16:57 GMT

GET
H/1.1 200
OK does-trumps-covid-19-test-result-portend-cyber-chaos-showcase_image-6-p-2951.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 55 KB
56 KB 174ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/does-trumps-covid-19-test-result-portend-cyber-chaos-showcase_image-6-p-2951.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d78489fc36dabb005c4aa9088e8bf675dbba88db0a40b22b2d6163ac2f693fac

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 02 Oct 2020 14:51:51 GMT
X-Trans-Id: tx16d664eb5f2645bcb5f59-005f775d9adfw1
ETag: 0d6fe6ace891e98b18cd3ba3267e5631
Content-Type: image/jpeg
X-Timestamp: 1601650310.06619
Cache-Control: public, max-age=15844
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56676
Expires: Thu, 08 Oct 2020 05:55:59 GMT

GET
H/1.1 200
OK how-phishing-readiness-test-goes-very-wrong-showcase_image-2-p-2948.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 181 KB
181 KB 192ms
86ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/how-phishing-readiness-test-goes-very-wrong-showcase_image-2-p-2948.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f49eaccc717300154b7e0b0ddb63a95b28cb427335e3714472eb4936cc33e8b6

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 25 Sep 2020 04:52:20 GMT
X-Trans-Id: txa105213ee56e48318e384-005f6ded52dfw1
ETag: c8071ae690780e25ca16788b46bbde47
Content-Type: image/jpeg
X-Timestamp: 1601009539.15592
Cache-Control: public, max-age=28185
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185039
Expires: Thu, 08 Oct 2020 09:21:40 GMT

GET
H/1.1 200
OK encrypted-chat-apps-arent-replacing-darknet-markets-showcase_image-9-p-2949.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 74 KB
74 KB 189ms
85ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/encrypted-chat-apps-arent-replacing-darknet-markets-showcase_image-9-p-2949.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7992bf4c67b2c0209562ea69a0788e115c7ff3ddbbb955e77be3d0311d87f058

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 25 Sep 2020 16:08:35 GMT
X-Trans-Id: tx8645d44c958041ef8f940-005f6e270bdfw1
ETag: ef6771654872051b61ce2794882f9976
Content-Type: image/jpeg
X-Timestamp: 1601050114.94117
Cache-Control: public, max-age=43921
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75593
Expires: Thu, 08 Oct 2020 13:43:56 GMT

GET
H/1.1 200
OK cyber-resilience-programs-are-so-critical-showcase_image-6-a-15119.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 38 KB
38 KB 51ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/cyber-resilience-programs-are-so-critical-showcase_image-6-a-15119.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b09605e93ea31f8a56878c649fd3d75a316485ad6485aa1c9bcfc5aae121c70f

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 06 Oct 2020 15:23:04 GMT
X-Trans-Id: tx4624e795a6fa42b38e744-005f7c9364dfw1
ETag: 3ac8b61fde3be4592d73fc8ce7929735
Content-Type: image/jpeg
X-Timestamp: 1601997783.65425
Cache-Control: public, max-age=43161
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38442
Expires: Thu, 08 Oct 2020 13:31:16 GMT

GET
H/1.1 200
OK avoiding-checklist-approach-to-privacy-showcase_image-4-a-15113.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 51 KB
51 KB 55ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/avoiding-checklist-approach-to-privacy-showcase_image-4-a-15113.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d02f9bc1c7fcb14a9b1abe6cf2f220a44fa75221025d7c9964f715f0144aa3b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 05 Oct 2020 14:49:06 GMT
X-Trans-Id: tx9f23da55c0864438a4fcd-005f7b419adfw1
ETag: fe41b41b1c77837430fc206978f50697
Content-Type: image/jpeg
X-Timestamp: 1601909345.39296
Cache-Control: public, max-age=35294
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51734
Expires: Thu, 08 Oct 2020 11:20:09 GMT

GET
H/1.1 200
OK dealing-surge-disruptionware-attacks-showcase_image-6-a-14988.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 33 KB
33 KB 49ms
48ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/dealing-surge-disruptionware-attacks-showcase_image-6-a-14988.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 94e0c0d6c127bda523dadca10142ccb5067b5881bf3f54dbd7337bc03f6fe48e

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 02 Oct 2020 13:01:34 GMT
X-Trans-Id: tx074114e89e3045b1be6b3-005f77276bdfw1
ETag: 78f770757e95ad18a7c6246cc7cee5e4
Content-Type: image/jpeg
X-Timestamp: 1601643693.99462
Cache-Control: public, max-age=79296
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33488
Expires: Thu, 08 Oct 2020 23:33:31 GMT

GET
H/1.1 200
OK profiles-in-leadership-nancy-hunter-ciso-fed-reserve-bank-philadelphia-showcase_image-5-a-15088.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 43 KB
43 KB 54ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/profiles-in-leadership-nancy-hunter-ciso-fed-reserve-bank-philadelphia-showcase_image-5-a-15088.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e23cd6ec036d05a916661b49f4ecd66267741eaca34726213635cad53239c067

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 30 Sep 2020 15:42:56 GMT
X-Trans-Id: tx4868b54aa09246239ed56-005f75d685dfw1
ETag: 857e3426a350df3e6d60a797cadcab5d
Content-Type: image/jpeg
X-Timestamp: 1601480575.48111
Cache-Control: public, max-age=76781
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43898
Expires: Thu, 08 Oct 2020 22:51:36 GMT

GET
H/1.1 200
OK fortify-comply-simplify-sensitive-data-security-privacy-using-file-centric-protect-first-approach-showcase_image-1-w-2725.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 57 KB
58 KB 170ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/fortify-comply-simplify-sensitive-data-security-privacy-using-file-centric-protect-first-approach-showcase_image-1-w-2725.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1bef2db7382c6ccb87330344baa7d41b186dae65caf68be842eff0135f7b3fd8

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 29 Sep 2020 14:28:12 GMT
X-Trans-Id: tx44c78b95e3d149b6ae456-005f744fbadfw1
ETag: 6db56c2037c4d40328a6084ed205a66a
Content-Type: image/jpeg
X-Timestamp: 1601389691.56456
Cache-Control: public, max-age=56625
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58644
Expires: Thu, 08 Oct 2020 17:15:40 GMT

GET
H/1.1 200
OK back-to-work-secure-biometric-integration-enhances-workplace-testing-solution-showcase_image-8-w-2727.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 112 KB
112 KB 170ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/back-to-work-secure-biometric-integration-enhances-workplace-testing-solution-showcase_image-8-w-2727.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 625fe25b5223dbf4bed0ba00d2b4e41a28384ba9fe952e07440b3eab0215a127

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 30 Sep 2020 13:37:10 GMT
X-Trans-Id: tx883a8d1e202d4806aea9d-005f7d02efdfw1
ETag: 57694973ce45731e953ef93488770732
Content-Type: image/jpeg
X-Timestamp: 1601473029.49827
Cache-Control: public, max-age=74049
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114203
Expires: Thu, 08 Oct 2020 22:06:04 GMT

GET
H/1.1 200
OK live-webinar-pki-as-service-exploring-benefits-selecting-provider-showcase_image-3-w-2707.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 125 KB
126 KB 169ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-pki-as-service-exploring-benefits-selecting-provider-showcase_image-3-w-2707.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 98b7a065a2fe07cffa3c706cd7feda83d067e194f82023a614c9a0b312388c46

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Thu, 24 Sep 2020 20:19:32 GMT
X-Trans-Id: txf00ab0d9998f4bd190dce-005f6e785ddfw1
ETag: 873842addf99847a641636711296a739
Content-Type: image/jpeg
X-Timestamp: 1600978771.61231
Cache-Control: public, max-age=68831
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128115
Expires: Thu, 08 Oct 2020 20:39:06 GMT

GET
H/1.1 200
OK executive-spotlight-top-priorities-for-security-leaders-in-anz-showcase_image-6-w-2705.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 23 KB
24 KB 173ms
76ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/executive-spotlight-top-priorities-for-security-leaders-in-anz-showcase_image-6-w-2705.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29a712b6b2fcbb3b269d7ed6ebf79d824565230ad888cb330850b64d7120a67b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Thu, 24 Sep 2020 19:25:08 GMT
X-Trans-Id: tx8888c67c9b614a1b820c4-005f75269fdfw1
ETag: 392ee5887a6d92c55ef3e14c0fa4fa7f
Content-Type: image/jpeg
X-Timestamp: 1600975507.73404
Cache-Control: public, max-age=28144
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23754
Expires: Thu, 08 Oct 2020 09:20:59 GMT

GET
H/1.1 200
OK live-webinar-identity-as-foundation-zero-trust-showcase_image-5-w-2634.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 80 KB
80 KB 183ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-identity-as-foundation-zero-trust-showcase_image-5-w-2634.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0fb6e91af33743bcaa2607e68f577561406f6a2e98706aad910e8b4b87b0d7bc

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 24 Aug 2020 12:25:36 GMT
X-Trans-Id: tx1ecf6b6c891c48338f890-005f6af5a1dfw1
ETag: bc70b8f6afe433af2befe92c856f3e09
Content-Type: image/jpeg
X-Timestamp: 1598271935.40072
Cache-Control: public, max-age=19746
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81837
Expires: Thu, 08 Oct 2020 07:01:01 GMT

GET
H/1.1 200
OK live-webinar-securing-industrial-iot-showcase_image-4-w-2696.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 104 KB
104 KB 182ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-securing-industrial-iot-showcase_image-4-w-2696.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c922571f00cbeeb2c51d53066b76efa9f46487ea6a5a4361fe11ae27312e5e43

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Thu, 17 Sep 2020 17:25:13 GMT
X-Trans-Id: txfe43ba8eaa8546c799358-005f72efbcdfw1
ETag: f81c100c46830e943d5bdce9cf266a20
Content-Type: image/jpeg
X-Timestamp: 1600363512.81401
Cache-Control: public, max-age=55843
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106360
Expires: Thu, 08 Oct 2020 17:02:38 GMT

GET
H/1.1 200
OK live-webinar-using-nist-privacy-framework-to-solve-common-data-privacy-problems-showcase_image-9-w-2586.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 121 KB
122 KB 56ms
52ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-using-nist-privacy-framework-to-solve-common-data-privacy-problems-showcase_image-9-w-2586.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f0ba087e5db261aad74219647cb8f9004e32305ab23ef02a162f4c79574dd90d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 04 Aug 2020 22:45:43 GMT
X-Trans-Id: txdee9c04dd7ce485594f2e-005f41dba8dfw1
ETag: ab27bc89d9e9c2a2ce3051ed9bd4e68d
Content-Type: image/jpeg
X-Timestamp: 1596581142.67433
Cache-Control: public, max-age=50305
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124345
Expires: Thu, 08 Oct 2020 15:30:20 GMT

GET
H/1.1 200
OK live-webinar-m365-security-concerns-inside-out-showcase_image-6-w-2699.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 88 KB
88 KB 58ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-m365-security-concerns-inside-out-showcase_image-6-w-2699.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4fac36753dd1c16056c04d8142125e708c1d6c44d6d5906e009cd3487917cc56

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 22 Sep 2020 01:39:35 GMT
X-Trans-Id: txd05e496bb9cc4a81bfaec-005f69595fdfw1
ETag: c61938ef5ee4ed6af124b4d21f871623
Content-Type: image/jpeg
X-Timestamp: 1600738774.69500
Cache-Control: public, max-age=50495
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90130
Expires: Thu, 08 Oct 2020 15:33:30 GMT

GET
H/1.1 200
OK george-tubin-largeImage-a-428.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 109 KB
110 KB 194ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/george-tubin-largeImage-a-428.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 80fd85cca67700fe2c9625b17a9c4117e34b2fb7333b51458243c735fc485a2f

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 29 Oct 2013 16:23:11 GMT
X-Trans-Id: tx203a176261de4995964b8-005f6018cddfw1
ETag: df2e683300cf1289c7bab78a49d28098
Content-Type: image/jpeg
X-Timestamp: 1383063790.11578
Cache-Control: public, max-age=11671
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112036
Expires: Thu, 08 Oct 2020 04:46:26 GMT

GET
H/1.1 200
OK russell-thomas-largeImage-4-a-868.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 40 KB
40 KB 184ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/russell-thomas-largeImage-4-a-868.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 82324d6e0d49fe77e37cb93a805f932eebee61dd336556b374998491bd335c2f

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 25 Mar 2014 19:38:04 GMT
X-Trans-Id: txad0ed2829c444adb82404-005f7a6da4dfw1
ETag: 9fe36a2260b03c9346a5db6e3fa574bf
Content-Type: image/jpeg
X-Timestamp: 1395776283.38354
Cache-Control: public, max-age=14319
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40719
Expires: Thu, 08 Oct 2020 05:30:34 GMT

GET
H/1.1 200
OK john-walp-largeImage-a-780.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 120 KB
120 KB 182ms
76ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/john-walp-largeImage-a-780.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 95a98f7584b41c7846eca27c8c01226384b9b8cf1dd80451e05e39ed0ea23e95

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 29 Oct 2013 16:32:19 GMT
X-Trans-Id: tx4ab4dff999974839ae53a-005f6760a4dfw1
ETag: de06c946654fe053abf9a32c7c5403ae
Content-Type: image/jpeg
X-Timestamp: 1383064338.62358
Cache-Control: public, max-age=86397
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122431
Expires: Fri, 09 Oct 2020 01:31:52 GMT

GET
H/1.1 200
OK dora-gomez-largeImage-10-a-2379.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 102 KB
102 KB 180ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/dora-gomez-largeImage-10-a-2379.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 924dcfe6255f19e5879a4f2a4cd0926789ea50b83ccdde5321687a6184a0b1f0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 25 Jun 2018 13:50:11 GMT
X-Trans-Id: tx9f3bf7ba7f1c49e28a497-005f7ae54ddfw1
ETag: b1ee2bc5c8dc6f81358f51dad6e16f1e
Content-Type: image/jpeg
X-Timestamp: 1529934610.64818
Cache-Control: public, max-age=33327
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104069
Expires: Thu, 08 Oct 2020 10:47:22 GMT

GET
H/1.1 200
OK next-gen-cybersecurity-new-tools-for-new-threats-pdf-10-w-6913.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 250 KB
251 KB 52ms
51ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/next-gen-cybersecurity-new-tools-for-new-threats-pdf-10-w-6913.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4b5338691e8fe24b9f5c758f9ee0e5b8fdc92ae2fb1d257c2c11ef774ecc5c08

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 07 Oct 2020 14:22:16 GMT
X-Trans-Id: tx6be1af0721b6479780d76-005f7dd2badfw1
ETag: 11fcdef1366458916aa167457a312dac
Content-Type: image/jpeg
X-Timestamp: 1602080535.19059
Cache-Control: public, max-age=47277
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 256268
Expires: Thu, 08 Oct 2020 14:39:52 GMT

GET
H/1.1 200
OK new-york-bank-achieves-cyber-risk-improvement-pdf-6-w-6897.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 200 KB
200 KB 50ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-york-bank-achieves-cyber-risk-improvement-pdf-6-w-6897.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e12c7ef56e8244af1de27e6717aea5fedcab5bf4701c6f4c8a7f82a7cefe708c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 05 Oct 2020 14:46:16 GMT
X-Trans-Id: tx2000d2e2f11647ef843d7-005f7b41d0dfw1
ETag: 8d43d4e38fec939207e83d3246def199
Content-Type: image/jpeg
X-Timestamp: 1601909175.13124
Cache-Control: public, max-age=38597
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 204323
Expires: Thu, 08 Oct 2020 12:15:12 GMT

GET
H/1.1 200
OK establishing-operational-resilience-to-achieve-customer-excellence-logo-4-w-6506.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 100 KB
100 KB 58ms
58ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/establishing-operational-resilience-to-achieve-customer-excellence-logo-4-w-6506.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5fec84428e2f011dcfcafc98d11e591d983959534aa6e668f56f4ef00854af79

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 04 Aug 2020 12:39:55 GMT
X-Trans-Id: txd449ef58637d47148f6cb-005f7b59cbdfw1
ETag: 18d619d9b647b0960a10a1757854d465
Content-Type: image/jpeg
X-Timestamp: 1596544794.98560
Cache-Control: public, max-age=41255
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102051
Expires: Thu, 08 Oct 2020 12:59:30 GMT

GET
H/1.1 200
OK new-email-security-imperative-pdf-7-w-6890.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 150 KB
150 KB 76ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-email-security-imperative-pdf-7-w-6890.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f65172cf1560e67a4b40f4a698a4406648240a551fe11c9a63eeafeed3e2aac

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 02 Oct 2020 14:13:08 GMT
X-Trans-Id: tx2812e5002eaa4ffaaeb26-005f7736e1dfw1
ETag: 49c9f521b740371311f9dde51bbef8a7
Content-Type: image/jpeg
X-Timestamp: 1601647987.05571
Cache-Control: public, max-age=9125
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153448
Expires: Thu, 08 Oct 2020 04:04:00 GMT

GET
H/1.1 200
OK combatting-cybercrime-pdf-9-h-103.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 358 KB
358 KB 184ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/combatting-cybercrime-pdf-9-h-103.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 26 Nov 2019 19:37:47 GMT
X-Trans-Id: tx57bd17ac0a254c3396bf0-005e7bcc8bdfw1
ETag: 11a3adb400c0ff282a505428b1d7be73
Content-Type: image/jpeg
X-Timestamp: 1574797066.57975
Cache-Control: public, max-age=35249
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 366322
Expires: Thu, 08 Oct 2020 11:19:24 GMT

GET
H/1.1 200
OK top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 76 KB
77 KB 173ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 28 Oct 2019 13:57:45 GMT
X-Trans-Id: txcde842eefbe546ceacdd9-005e7bd903dfw1
ETag: 69913c61181f1fc9d730d6c8298e55c4
Content-Type: image/jpeg
X-Timestamp: 1572271064.63410
Cache-Control: public, max-age=65369
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78320
Expires: Thu, 08 Oct 2020 19:41:24 GMT

GET
H/1.1 200
OK leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 197 KB
198 KB 178ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 15 Oct 2019 14:06:53 GMT
X-Trans-Id: tx9499045f7e1143bd938db-005e7c2408dfw1
ETag: e3e068e355cdbfaa15e88b627d7ebc55
Content-Type: image/jpeg
X-Timestamp: 1571148412.42493
Cache-Control: public, max-age=19966
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202154
Expires: Thu, 08 Oct 2020 07:04:41 GMT

GET
H/1.1 200
OK collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 87 KB
88 KB 182ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 02 Oct 2019 13:41:41 GMT
X-Trans-Id: tx03a5dd64dd8e478e92d2c-005e7b806adfw1
ETag: 36c70127fa172aa8ce8cd235fddf4c97
Content-Type: image/jpeg
X-Timestamp: 1570023700.81183
Cache-Control: public, max-age=13984
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89481
Expires: Thu, 08 Oct 2020 05:24:59 GMT

GET
H/1.1 200
OK securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 83 KB
84 KB 186ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 16 Sep 2020 20:37:30 GMT
X-Trans-Id: tx83544987d6c84c70b8c20-005f627afddfw1
ETag: 5694412cdb081e33be6760fae149e796
Content-Type: image/jpeg
X-Timestamp: 1600288649.09953
Cache-Control: public, max-age=76869
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85143
Expires: Thu, 08 Oct 2020 22:53:04 GMT

GET
H/1.1 200
OK securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 78 KB
78 KB 172ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 19 Jun 2020 20:27:30 GMT
X-Trans-Id: txa3cc49ab46074c86acdcc-005efa64b0dfw1
ETag: 277c051b9980d6d67e9279ed59b4b968
Content-Type: image/jpeg
X-Timestamp: 1592598449.94175
Cache-Control: public, max-age=12393
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79854
Expires: Thu, 08 Oct 2020 04:58:28 GMT

GET
H/1.1 200
OK managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 87 KB
87 KB 169ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 24 Apr 2020 20:49:35 GMT
X-Trans-Id: tx5400218f950646a2861fe-005ea3519bdfw1
ETag: 798bc33a31e70aade019309a9fa16e27
Content-Type: image/jpeg
X-Timestamp: 1587761374.72132
Cache-Control: public, max-age=82780
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88866
Expires: Fri, 09 Oct 2020 00:31:35 GMT

GET
H/1.1 200
OK taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 95 KB
95 KB 171ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 23 Mar 2020 21:52:35 GMT
X-Trans-Id: tx76e0c19f15dc45bb8201e-005e7bbf0fdfw1
ETag: 4af1e925902f765709fbac19d76f9149
Content-Type: image/jpeg
X-Timestamp: 1585000354.21724
Cache-Control: public, max-age=71069
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97383
Expires: Thu, 08 Oct 2020 21:16:24 GMT

GET
H/1.1 200
OK empty_menu_image.png
www.bankinfosecurity.com/images/navigation/generic/ 5 KB
4 KB 169ms
168ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images/navigation/generic/empty_menu_image.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

69278fe35261286939e10f3832f461f9bf6addf267ffe0134e26be3d313dbd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3692

GET
H/1.1 200
OK mobile-wallets-emerging-fraud-showcase_image-4-w-1074.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 118 KB
118 KB 52ms
52ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/mobile-wallets-emerging-fraud-showcase_image-4-w-1074.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d93f11b9b3c1c2e17e0ccfc61fbec9d56bc19b43afed81580b28da4abf41c3c4

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 19 Sep 2016 20:36:51 GMT
X-Trans-Id: tx14e5a65d389b44329a673-005f7e63dfdfw1
ETag: da0163bba6214f6d9ed7fb0975214ab0
Content-Type: image/jpeg
X-Timestamp: 1474317410.44319
Cache-Control: public, max-age=84303
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120490
Expires: Fri, 09 Oct 2020 00:56:58 GMT

GET
H/1.1 200
OK mobile-payments-byod-vulnerabilities-threats-remedies-showcase_image-7-w-852.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 112 KB
112 KB 52ms
52ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/mobile-payments-byod-vulnerabilities-threats-remedies-showcase_image-7-w-852.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5f58cd7e45b2163d52f7c4f5ec1ff75b21a8e58a7b646da8236bccd95d16f65b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 13 Nov 2015 20:20:11 GMT
X-Trans-Id: txad84fd285d564a2287e8c-005f7e63dcdfw1
ETag: 983828b1e3052ca242c2ffd9cdd86fde
Content-Type: image/jpeg
X-Timestamp: 1447446010.91861
Cache-Control: public, max-age=84280
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114670
Expires: Fri, 09 Oct 2020 00:56:35 GMT

GET
H/1.1 200
OK emerging-payment-channels-technologies-infrastructures-ensuring-robust-fraud-defense-showcase_image-6-w-826.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 116 KB
117 KB 51ms
51ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/emerging-payment-channels-technologies-infrastructures-ensuring-robust-fraud-defense-showcase_image-6-w-826.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e77aff24d02c37edcbeb68b5e565a43367436a996f37b8d8df26c8fa6a368805

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 13 Nov 2015 19:20:59 GMT
X-Trans-Id: tx7b98f7eb1f334045bf371-005f7e63e1dfw1
ETag: 23d39bb8f7e0d44f16a2b634a7602c56
Content-Type: image/jpeg
X-Timestamp: 1447442458.49416
Cache-Control: public, max-age=84315
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119147
Expires: Fri, 09 Oct 2020 00:57:11 GMT

GET
H/1.1 200
OK keynote-visa-on-future-payment-card-security-showcase_image-5-w-746.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 77 KB
77 KB 49ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/keynote-visa-on-future-payment-card-security-showcase_image-5-w-746.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0403c515c5536112b5861d54cac246d18459deda44b39a5a2c5df9de61fb1d31

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Mon, 09 Nov 2015 14:43:41 GMT
X-Trans-Id: tx39b8a31f4efc4533bfb27-005f7e63e0dfw1
ETag: db00f2fc521f258ca3dab2dbb8b99322
Content-Type: image/jpeg
X-Timestamp: 1447080220.52955
Cache-Control: public, max-age=84296
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78955
Expires: Fri, 09 Oct 2020 00:56:52 GMT

GET
H/1.1 200
OK rise-cryptocurrency-malware-showcase_image-4-w-1780.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 84 KB
85 KB 55ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/rise-cryptocurrency-malware-showcase_image-4-w-1780.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3bd0b92cc518315c75682e4d5224b205a2342a9ef0211f691b75e7ea53ca03a9

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Tue, 25 Sep 2018 20:39:54 GMT
X-Trans-Id: tx7e20dd72f60b4c07bbb37-005f7e63e0dfw1
ETag: 40c48c259901d3289a778f087769429f
Content-Type: image/jpeg
X-Timestamp: 1537907993.11758
Cache-Control: public, max-age=84283
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86308
Expires: Fri, 09 Oct 2020 00:56:39 GMT

GET
H/1.1 200
OK todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 69 KB
70 KB 57ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Wed, 11 Mar 2020 18:40:32 GMT
X-Trans-Id: tx5c81c38e56f7462b919be-005eb74326dfw1
ETag: b710debdf96f2b48a22aa4a8f63dc7d4
Content-Type: image/jpeg
X-Timestamp: 1583952031.64606
Cache-Control: public, max-age=69834
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70886
Expires: Thu, 08 Oct 2020 20:55:50 GMT

GET
H/1.1 200
OK achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 54 KB
55 KB 49ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Wed, 04 Mar 2020 21:51:00 GMT
X-Trans-Id: txc0c0c8197a784faaa7884-005eb36507dfw1
ETag: 3cd4bf863b88b9c29a24cef0ad690ce1
Content-Type: image/jpeg
X-Timestamp: 1583358659.31089
Cache-Control: public, max-age=79340
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55733
Expires: Thu, 08 Oct 2020 23:34:16 GMT

GET
H/1.1 200
OK tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 59 KB
59 KB 51ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Thu, 05 Mar 2020 16:04:36 GMT
X-Trans-Id: txf9cf37298d7146e8b9716-005e7d0a94dfw1
ETag: f159c9867556eec8a5360d3493db29ad
Content-Type: image/jpeg
X-Timestamp: 1583424275.63523
Cache-Control: public, max-age=15547
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60191
Expires: Thu, 08 Oct 2020 05:51:03 GMT

GET
H/1.1 200
OK best-rsa-conference-2020-showcase_image-1-a-14011.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 100 KB
101 KB 50ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/best-rsa-conference-2020-showcase_image-1-a-14011.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Wed, 25 Mar 2020 19:33:42 GMT
X-Trans-Id: txd90fa594fdea49c9953bf-005e7bbf13dfw1
ETag: 5509cbbd99ddd348f3533b4b8f6a0da9
Content-Type: image/jpeg
X-Timestamp: 1585164821.83821
Cache-Control: public, max-age=69975
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102596
Expires: Thu, 08 Oct 2020 20:58:11 GMT

GET
H/1.1 200
OK infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 89 KB
89 KB 84ms
83ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 05 Jul 2019 20:13:34 GMT
X-Trans-Id: tx9495434447024618b4cf5-005e7d08d4dfw1
ETag: f9dab7917669551bb50361c2dcd43aa7
Content-Type: image/jpeg
X-Timestamp: 1562357613.59432
Cache-Control: public, max-age=65434
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91187
Expires: Thu, 08 Oct 2020 19:42:30 GMT

GET
H/1.1 200
OK improving-iot-risk-management-showcase_image-10-a-12689.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
61 KB 74ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/improving-iot-risk-management-showcase_image-10-a-12689.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 28 Jun 2019 14:04:32 GMT
X-Trans-Id: tx7a65bc80513a430684935-005e7bcc8bdfw1
ETag: 7f5fdd9cf37f980ea13c12c231815e13
Content-Type: image/jpeg
X-Timestamp: 1561730671.53151
Cache-Control: public, max-age=66533
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61807
Expires: Thu, 08 Oct 2020 20:00:49 GMT

GET
H/1.1 200
OK gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
62 KB 53ms
53ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Tue, 25 Jun 2019 19:30:48 GMT
X-Trans-Id: txe7bd16e3f9f540aab4c37-005e7d0eabdfw1
ETag: bba47bed092092a1c82b09a86a3a0e40
Content-Type: image/jpeg
X-Timestamp: 1561491047.60933
Cache-Control: public, max-age=81347
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63007
Expires: Fri, 09 Oct 2020 00:07:43 GMT

GET
H/1.1 200
OK reinventing-application-security-showcase_image-10-a-12671.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 53 KB
53 KB 54ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/reinventing-application-security-showcase_image-10-a-12671.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Tue, 25 Jun 2019 19:54:35 GMT
X-Trans-Id: tx45de8b22a2fc4b4c95bf9-005ef90048dfw1
ETag: 89521d60b07d7e85acabbf0301821f45
Content-Type: image/jpeg
X-Timestamp: 1561492474.52472
Cache-Control: public, max-age=83260
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54026
Expires: Fri, 09 Oct 2020 00:39:36 GMT

GET
H/1.1 200
OK ryuk-sodinokibi-surge-as-ransom-payments-double-showcase_image-5-a-13654.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 82 KB
83 KB 98ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ryuk-sodinokibi-surge-as-ransom-payments-double-showcase_image-5-a-13654.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f0f87842d5f5ddd7b3c1f2ced30c670e494e075769cd798c1c81bd92831121ac

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 28 Jan 2020 11:46:35 GMT
X-Trans-Id: txf9b03645b3384456a7f6c-005f7dacc0dfw1
ETag: 9bf46cbbb1d4474d6f7dceb208c6d2f0
Content-Type: image/jpeg
X-Timestamp: 1580211994.06479
Cache-Control: public, max-age=37464
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84321
Expires: Thu, 08 Oct 2020 11:56:19 GMT

GET
H/1.1 200
OK avg-ransom-amount-q42019-coveware.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 26 KB
26 KB 184ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/avg-ransom-amount-q42019-coveware.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 498fca4d26545e4c880c6274f52fa51fe3969ab1e00adb93b8bb0758ae0bb6f7

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 28 Jan 2020 11:35:18 GMT
X-Trans-Id: txd4510fee87fe4e1699b57-005f7e6b37dfw1
ETag: 14b937a957a05902613ba4bc0afc24c6
Content-Type: image/jpeg
X-Timestamp: 1580211317.54831
Cache-Control: public, max-age=259025
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26463
Expires: Sun, 11 Oct 2020 01:29:00 GMT

GET
H/1.1 200
OK ransomware-market-share-q42019-coveware.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 37 KB
38 KB 69ms
69ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ransomware-market-share-q42019-coveware.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52b6282ec22c7e5d1e7053d40b0bf220227931f84ee7a2504cbe29f63581e25a

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Tue, 28 Jan 2020 11:34:53 GMT
X-Trans-Id: tx07e25674543b4201ab921-005f7e6b38dfw1
ETag: 1db39fffa4f5644acd2cba9a572c0a01
Content-Type: image/jpeg
X-Timestamp: 1580211292.57408
Cache-Control: public, max-age=258943
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38368
Expires: Sun, 11 Oct 2020 01:27:39 GMT

GET
H/1.1 200
OK revil-kpn-peaks.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 63 KB
63 KB 132ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/revil-kpn-peaks.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d12f6cf7edbff2f3c822ab34097959439742be46dbef07aa645929594ec1f58c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Tue, 28 Jan 2020 11:32:11 GMT
X-Trans-Id: txe1f16918d9a84bcdbc06c-005f7e6b38dfw1
ETag: e8c007080f0521873f9fe8ef6063f861
Content-Type: image/jpeg
X-Timestamp: 1580211130.42928
Cache-Control: public, max-age=258930
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64623
Expires: Sun, 11 Oct 2020 01:27:26 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4199) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/4199)
Age: 461
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H/1.1 200
OK mathew-j-schwartz-largeImage-4-a-892.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 63 KB
63 KB 55ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/mathew-j-schwartz-largeImage-4-a-892.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 23da1dd7c3c9ea31b5cba0b16ddc8bd521f11ba2b622692f4ec5703fc7555221

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Mon, 11 Mar 2019 20:31:08 GMT
X-Trans-Id: tx1c2c51fef0714cdcbdd48-005ef09796dfw1
ETag: 0a4204e2649185daf7ea39a3c953e722
Content-Type: image/jpeg
X-Timestamp: 1552336267.88871
Cache-Control: public, max-age=62811
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64095
Expires: Thu, 08 Oct 2020 18:58:47 GMT

GET
H/1.1 200
OK industry-cyber-exposure-report-deutsche-brse-prime-standard-320-logo-6-w-6651.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 29 KB
30 KB 50ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/industry-cyber-exposure-report-deutsche-brse-prime-standard-320-logo-6-w-6651.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1df54f8dbef8cd08be86c494bca772a96cf27befb090225e493b825f3c9270b0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Tue, 25 Aug 2020 12:40:00 GMT
X-Trans-Id: txc72bc6bdc708479680033-005f481fa2dfw1
ETag: c269a684807714f19e2378971edcbe7e
Content-Type: image/jpeg
X-Timestamp: 1598359199.65461
Cache-Control: public, max-age=26335
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29916
Expires: Thu, 08 Oct 2020 08:50:51 GMT

GET
H/1.1 200
OK guide-to-antivirus-av-replacement-what-you-need-to-know-before-replacing-your-current-av-solution-logo-10-w-6626.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 45 KB
45 KB 54ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/guide-to-antivirus-av-replacement-what-you-need-to-know-before-replacing-your-current-av-solution-logo-10-w-6626.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73c33b32563e2637be90df68581c0ef5bbea9c1a4adb40efb236e864bf0f606b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Wed, 19 Aug 2020 21:11:06 GMT
X-Trans-Id: txb4dee725c42644609b619-005f7be7fddfw1
ETag: 679114384528324ea2227d657b04a2f6
Content-Type: image/jpeg
X-Timestamp: 1597871465.70176
Cache-Control: public, max-age=9867
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46081
Expires: Thu, 08 Oct 2020 04:16:23 GMT

GET
H/1.1 200
OK ransomware-recovery-in-new-normal-pdf-7-w-6241.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 369 KB
369 KB 49ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ransomware-recovery-in-new-normal-pdf-7-w-6241.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c09cf4b6a8d7250fd79637fba66286b2b6f61582a5ae71894e1506d302e6cd38

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Thu, 21 May 2020 18:40:10 GMT
X-Trans-Id: tx76f6d2d54b9644d4b3868-005f533c7fdfw1
ETag: 15617d2764aa8956bc75c4a7eafeb149
Content-Type: image/jpeg
X-Timestamp: 1590086409.95341
Cache-Control: public, max-age=17685
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 377372
Expires: Thu, 08 Oct 2020 06:26:41 GMT

GET
H/1.1 200
OK state-otics-cybersecurity-survey-logo-4-w-6534.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 29 KB
29 KB 74ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/state-otics-cybersecurity-survey-logo-4-w-6534.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 055097971005ebe69e878dcac676ffd374023b00105fe44f9eacab592125d26d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Mon, 10 Aug 2020 09:45:50 GMT
X-Trans-Id: txcc71028e443f4465b16f6-005f52f01bdfw1
ETag: 1c69c303a7e4b9bf0ab55f80af0426dc
Content-Type: image/jpeg
X-Timestamp: 1597052749.11449
Cache-Control: public, max-age=36186
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29645
Expires: Thu, 08 Oct 2020 11:35:02 GMT

GET
H/1.1 200
OK state-personal-cybersecurity-privacy-2020-pdf-7-w-6851.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 243 KB
243 KB 62ms
58ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/state-personal-cybersecurity-privacy-2020-pdf-7-w-6851.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c1fd1157140962871adabb2c4dcae806e3acadb8cd672a995c9a1675e963562b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 25 Sep 2020 17:28:28 GMT
X-Trans-Id: tx2c40a55e06ad462ba2462-005f75351cdfw1
ETag: 7ab330f3efa0782d665ce87903fab035
Content-Type: image/jpeg
X-Timestamp: 1601054907.25478
Cache-Control: public, max-age=46637
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 248731
Expires: Thu, 08 Oct 2020 14:29:13 GMT

GET
H/1.1 200
OK asd-essential-eight-approach-to-proactively-managing-your-agencys-security-posture-logo-1-w-6350.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 174 KB
174 KB 69ms
54ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/asd-essential-eight-approach-to-proactively-managing-your-agencys-security-posture-logo-1-w-6350.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 80b3a7b8fa2f7513527e5cd22e7674136d237c8382debb79fd57acd70896ea6c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Sun, 21 Jun 2020 16:15:36 GMT
X-Trans-Id: txdb44eee666754990871e8-005f574062dfw1
ETag: 8d375b2e25a7baa2c3c2eee40f436b75
Content-Type: image/png
X-Timestamp: 1592756135.20364
Cache-Control: public, max-age=76718
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177687
Expires: Thu, 08 Oct 2020 22:50:34 GMT

GET
H/1.1 200
OK axcess-financial-customer-story-pdf-1-w-6453.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 270 KB
271 KB 86ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/axcess-financial-customer-story-pdf-1-w-6453.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6fbbe23fd5c7169008f0344223770976f0284da565346d05f27c5d962c536d57

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 24 Jul 2020 01:36:17 GMT
X-Trans-Id: txc636808794044e9f9d663-005f74c237dfw1
ETag: 97e37a5cbc8fe1a7ca1684b557f55501
Content-Type: image/jpeg
X-Timestamp: 1595554576.40463
Cache-Control: public, max-age=29080
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 276960
Expires: Thu, 08 Oct 2020 09:36:36 GMT

GET
H/1.1 200
OK rising-iot-botnets-shifting-ransomware-escalate-enterprise-risk-logo-6-w-6538.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 32 KB
33 KB 185ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/rising-iot-botnets-shifting-ransomware-escalate-enterprise-risk-logo-6-w-6538.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ab58161de587ae970a0a44762ee958838e961ef928c58cd9a2e680b3348171c

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 10 Aug 2020 12:58:15 GMT
X-Trans-Id: tx02ba270de942432e85a4b-005f4edf34dfw1
ETag: 98a6f32ee722ef9ef6e7a49b0ce67b33
Content-Type: image/jpeg
X-Timestamp: 1597064294.97123
Cache-Control: public, max-age=33816
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33013
Expires: Thu, 08 Oct 2020 10:55:31 GMT

GET
H/1.1 200
OK 451-research-report-tackling-visibility-gap-in-information-security-pdf-9-w-5102.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 181 KB
181 KB 174ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/451-research-report-tackling-visibility-gap-in-information-security-pdf-9-w-5102.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3b7d6d0424c30819e0b26d96c8b56b8e4676ac5d653068ff62bb98eca8996ffd

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Fri, 14 Aug 2020 20:30:13 GMT
X-Trans-Id: txbae680cc2c884c908c16a-005f38117adfw1
ETag: faf10b0b40cdbc10bf0ed7bf7c752319
Content-Type: image/jpeg
X-Timestamp: 1597437012.05391
Cache-Control: public, max-age=25763
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184889
Expires: Thu, 08 Oct 2020 08:41:18 GMT

GET
H/1.1 200
OK rapid-digitization-risk-roundtable-preview-showcase_image-1-a-14725.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 61 KB
61 KB 67ms
58ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/rapid-digitization-risk-roundtable-preview-showcase_image-1-a-14725.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f59c27c1725a063adf2ea814ff0a1e3425e732c4cb7ad0baea3ddae5b721085

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Wed, 29 Jul 2020 17:20:40 GMT
X-Trans-Id: tx6ecfcbc22d62497d9bbea-005f490852dfw1
ETag: 85d55ca01a21d4d2d091e03f7a5d3ab2
Content-Type: image/jpeg
X-Timestamp: 1596043239.95461
Cache-Control: public, max-age=64067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62481
Expires: Thu, 08 Oct 2020 19:19:42 GMT

GET
H/1.1 200
OK new-reality-bring-order-to-chaos-unified-endpoint-security-logo-2-w-6342.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 166 KB
167 KB 176ms
73ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-reality-bring-order-to-chaos-unified-endpoint-security-logo-2-w-6342.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ff6fc40d92ba4d4853b2b4eda1bad70484a85cceb9bb371d6430b0445d2d944

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Thu, 18 Jun 2020 16:01:10 GMT
X-Trans-Id: tx4fe27ac4c57a4d94968a5-005f5ff700dfw1
ETag: 2b31ae1ab9464cbf882731d63268a1ed
Content-Type: image/png
X-Timestamp: 1592496069.04168
Cache-Control: public, max-age=9874
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170387
Expires: Thu, 08 Oct 2020 04:16:29 GMT

GET
H/1.1 200
OK beware-other-virus-spread-coronavirus-themed-malware-showcase_image-1-a-14110.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 134 KB
135 KB 51ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/beware-other-virus-spread-coronavirus-themed-malware-showcase_image-1-a-14110.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9da61cbf2665aed71c6d5c6d58282fa9ca941d488718bf16fc49f819fa2bbf2

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Mon, 13 Apr 2020 19:01:01 GMT
X-Trans-Id: tx595f49a055e64e2cb6ed9-005f0fe524dfw1
ETag: 80a930491aade24aa861bf009e0dd85a
Content-Type: image/jpeg
X-Timestamp: 1586804460.99060
Cache-Control: public, max-age=38606
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137417
Expires: Thu, 08 Oct 2020 12:15:21 GMT

GET
H/1.1 200
OK ert-showcase_image-5-a-15125.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
63 KB 55ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ert-showcase_image-5-a-15125.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bca57519350180478d4a8bda6c1e2d99ceec3257e484459055119da25d71aa5

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Tue, 06 Oct 2020 19:37:52 GMT
X-Trans-Id: tx1924ada5cbda477ea75ef-005f7cd64edfw1
ETag: 9ad1a1b9e52bc4e96666660e92dd9825
Content-Type: image/jpeg
X-Timestamp: 1602013071.71729
Cache-Control: public, max-age=60355
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63859
Expires: Thu, 08 Oct 2020 18:17:51 GMT

GET
H/1.1 200
OK roger-severino-lead-hipaa-enforcer-on-fighting-hackers-showcase_image-4-i-4777.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 131 KB
132 KB 55ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/roger-severino-lead-hipaa-enforcer-on-fighting-hackers-showcase_image-4-i-4777.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 970ea7e2eced4dea206add7c2f326305464289e4f05dcdb50cbf7547759ae24d

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Mon, 05 Oct 2020 18:19:55 GMT
X-Trans-Id: tx1c8376642e7249e49717a-005f7b69c8dfw1
ETag: 00160d41cbbd683047975053cfcc78cc
Content-Type: image/jpeg
X-Timestamp: 1601921994.53295
Cache-Control: public, max-age=45264
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 134628
Expires: Thu, 08 Oct 2020 14:06:20 GMT

GET
H/1.1 200
OK 5-key-features-ransomware-mitigation-showcase_image-10-i-4767.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 76 KB
76 KB 54ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/5-key-features-ransomware-mitigation-showcase_image-10-i-4767.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5582702e5c3761e45e6b279aa8adae9fa0dd4e787da99c954bf0cf5926c9e689

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 18 Sep 2020 08:00:26 GMT
X-Trans-Id: tx81632da14c8142909d3ab-005f72ebc0dfw1
ETag: d73e28c00d8ff31e68a27bcb41903a80
Content-Type: image/jpeg
X-Timestamp: 1600416025.41696
Cache-Control: public, max-age=44104
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77659
Expires: Thu, 08 Oct 2020 13:47:00 GMT

GET
H/1.1 200
OK panel-discussion-securing-digital-payments-showcase_image-1-i-4778.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 328 KB
328 KB 55ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/panel-discussion-securing-digital-payments-showcase_image-1-i-4778.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 532a553e83ef36070af13f3cc7185d268e3c1e609a0d58e23044be8497830bd3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Wed, 07 Oct 2020 11:26:31 GMT
X-Trans-Id: tx827ca893101c490aae6a5-005f7dc707dfw1
ETag: 949de5ffb26d1e0b307c9a374d046f9f
Content-Type: image/jpeg
X-Timestamp: 1602069990.05317
Cache-Control: public, max-age=44152
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 335758
Expires: Thu, 08 Oct 2020 13:47:48 GMT

GET
H/1.1 200
OK analysis-chinese-database-exposure-cause-for-concern-showcase_image-1-i-4768.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 54 KB
55 KB 52ms
52ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-chinese-database-exposure-cause-for-concern-showcase_image-1-i-4768.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 22eebfc59195e416f7a2c75d774b2dbc23d676045560dfbfaf2e7a0e5cb0c4be

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Thu, 17 Sep 2020 15:11:01 GMT
X-Trans-Id: tx7722126afc924b38a6d2a-005f646b56dfw1
ETag: c9365fa2f3a8c737bd4c97ae7f7872d1
Content-Type: image/jpeg
X-Timestamp: 1600355460.96051
Cache-Control: public, max-age=26985
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55503
Expires: Thu, 08 Oct 2020 09:01:41 GMT

GET
H/1.1 200
OK achieving-scalable-ddos-protection-managed-services-showcase_image-7-i-4770.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 296 KB
297 KB 77ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/achieving-scalable-ddos-protection-managed-services-showcase_image-7-i-4770.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29fc20dde9756a5d7609e0922846a104358f3a14a6d4addaa292d0b6fd7293d0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Mon, 28 Sep 2020 08:58:11 GMT
X-Trans-Id: tx3c070c00be6441da8fc0f-005f71ad44dfw1
ETag: 967ff914ef682251f7437acfc991b08e
Content-Type: image/jpeg
X-Timestamp: 1601283490.34956
Cache-Control: public, max-age=32275
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 303372
Expires: Thu, 08 Oct 2020 10:29:51 GMT

GET
H/1.1 200
OK compliance-2-new-health-data-regs-avoiding-pitfalls-showcase_image-3-i-4772.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 47 KB
48 KB 81ms
52ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/compliance-2-new-health-data-regs-avoiding-pitfalls-showcase_image-3-i-4772.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ce95c6cde0c6fb2e69a15cca63fded4719cf4275cd03fcc6279cf4d0e9ea0177

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Mon, 28 Sep 2020 19:18:45 GMT
X-Trans-Id: txa446a80ec8cb4c3ea60c8-005f7374efdfw1
ETag: 0d18f38785da0e60ede6f0c5e3a3b7dc
Content-Type: image/jpeg
X-Timestamp: 1601320724.58804
Cache-Control: public, max-age=73383
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48378
Expires: Thu, 08 Oct 2020 21:54:59 GMT

GET
H/1.1 200
OK logo-ismg-with-text.png
www.bankinfosecurity.com/images-responsive/ 4 KB
4 KB 169ms
168ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logo-ismg-with-text.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4175

GET
H/1.1 200
OK logo-ismg-print.png
www.bankinfosecurity.com/images-responsive/ 5 KB
6 KB 162ms
162ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logo-ismg-print.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 5598

GET
H/1.1 200
OK ondemand-preview-w-255.jpg
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 56 KB
57 KB 183ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 05 Jul 2013 12:55:26 GMT
X-Trans-Id: txb96cf1535d3c49bbaa09d-005f7e5858dfw1
ETag: 7aece0902995efedc289b7c24037434b
Content-Type: image/jpeg
X-Timestamp: 1373028925.94439
Cache-Control: public, max-age=582
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57633
Expires: Thu, 08 Oct 2020 01:41:38 GMT

GET
H/1.1 200
OK ron-ross-smallImage-a-558.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 10 KB
11 KB 54ms
54ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ron-ross-smallImage-a-558.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 01 Nov 2013 13:09:25 GMT
X-Trans-Id: tx171b8f70f76f44bbb4333-005eb36507dfw1
ETag: fac8c56390d084c4f1dfaa9b24a58c33
Content-Type: image/jpeg
X-Timestamp: 1383311364.81114
Cache-Control: public, max-age=84255
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10640
Expires: Fri, 09 Oct 2020 00:56:11 GMT

POST
H/1.1 200
OK ismg-user-ip Show response
worker.ismgcorp.com/ 13 B
405 B 667ms
177ms XHR
text/html 104.130.251.6
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://worker.ismgcorp.com/ismg-user-ip
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120713.9265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.130.251.6 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: c5efe210aa092eb33013911784ca3b8e00aaff8efac48b9f3f189ed7b4607069

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 31

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
18 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9750103c66507cf469453ea879f16e643e70b85519bb4b7d7239916dd1676b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "656 / 705 of 1000 / last-modified: 1602108954"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:56 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 153ms
50ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120713.9265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 545 KB
44 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bb5458a327e2c07911e9c3a33615af83428c2682fab4abc0a691154440801be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45193
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 00:20:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Oct 2020 01:31:56 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 66 KB
27 KB 36ms
22ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8C2JFW

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f52831041e56692711b8cef37ed2b9efd1e7a57244700662956ba76ee75e37fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26821
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 00:20:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Oct 2020 01:31:56 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 112119
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:23:16 GMT

GET
H/1.1 200
OK main.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 41 KB
10 KB 163ms
162ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/main.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9721

GET
H/1.1 200
OK media-transcript-navigation.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 26 KB
7 KB 167ms
166ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/media-transcript-navigation.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6519

GET
H/1.1 200
OK bis-hdr.r1.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 1 KB
839 B 170ms
169ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.r1.js?s=1602120713.9265

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 455

GET
H/1.1 200
OK jquery.browser.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 2 KB
1 KB 165ms
165ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/jquery.browser.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1022

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 24 KB
7 KB 162ms
162ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/jquery.prettyPhoto.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 6459

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:26:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 111924
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:26:31 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 112144
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:51 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.bankinfosecurity.com/css-responsive/fonts/ 43 KB
44 KB 162ms
161ms Font
application/font-woff 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1602120713.9265

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1602120713.9265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:55 GMT
Last-Modified: Tue, 06 Oct 2020 18:59:03 GMT
Server: Apache
ETag: "ad90-5b1053146a730"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 44432

GET
H3-Q050 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:28:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 111832
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9744
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:28:03 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 112172
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:23 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 1171ms
49ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41308
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 0
0

GET
H/1.1 200
OK embed.js Show response
bankinfosecurity.disqus.com/ 69 KB
23 KB 1162ms
46ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankinfosecurity.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

c52f3c38bf700839dcc21a130b6a28cd5335c704482ea360a5125b6b53c3c46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:57 GMT
Content-Encoding: gzip
Server: openresty
Age: 4
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22860

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 977
date: Thu, 08 Oct 2020 01:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 08 Oct 2020 03:15:39 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 307ms
78ms Script
application/javascript 54.77.58.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?892020
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2020 07:00:58 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=19741
Connection: keep-alive
Content-Length: 11933
Expires: Thu, 08 Oct 2020 07:00:58 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 965 B
761 B 52ms
17ms Script
application/x-javascript 2a02:26f0:2b00:79b::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2b00:79b::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=22164
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 livechat.ashx Show response
chatserver.comm100.com/ 990 B
933 B 1280ms
162ms Script
application/x-javascript 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fe66db584b92b70607f85dab9ebe96762bbe6a3b6e02af2bb0d74510a9c802b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 5dec1af409661e89-AMS
content-length: 515
cf-request-id: 05a76f2c8000001e89900e9200000001

GET
H/1.1 200
OK 2682.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0021/ 309 B
821 B 422ms
56ms Script
application/x-javascript 99.86.245.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?445033
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.245.163 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-245-163.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6caf904d3dfc096ae3b4e40aed43181686bdf1bac4722b3dd2a775ab6d2a9992

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 18:23:53 GMT
Via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 03 Mar 2020 19:14:28 GMT
Server: AmazonS3
Age: 1667284
ETag: "53b0291ca3900aca920ad48e9790c1b7"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Length: 309
X-Amz-Cf-Id: wbJ-QOR1lvb-tGnTvjMUxTpDoANyX7_-y7JXegdo7HIiqTXYDSypYQ==

GET
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.com/ 6 KB
2 KB 192ms
192ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.com/ajax.php?json=twitterWidget
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120713.9265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: bf3b919c876674e37869a3b13b80331adeaab41c7bd1b748e62129ffa4dcacf0

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/ 166 B
325 B 56ms
54ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=11, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 183ms
181ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f7e6c0b2c3d2b0d&bkl=0&bl=1&pdt=777&sid=5f7e6c0b2c3d2b0d&pub=ra-4fd21f2b39b17192&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bankinfosecurity.com&fp=ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=cybersecurity%2Cinformation%20security%2CCoveware%2CKPN%2Cransomware%2CPhobos%2CREvil%2CSodinokibi%2CRyuk%2C&colc=1602120715579&jsl=1&uvs=5f7e6c0b550400af000&skipb=1&callback=addthis.cbs.jsonp__86759483811851750
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0273cea605469c2e3e4db89ebf24d34bf787b777fa23ac05cc34462eacef8bf0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 08 Oct 2020 01:31:56 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1B98 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 29B7 0
0 52ms
52ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Thu, 08 Oct 2020 01:31:55 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 206
Partial Content ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 3 MB
0 115ms
56ms Media
video/mp4 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Last-Modified: Fri, 05 Jul 2013 12:56:36 GMT
X-Trans-Id: tx33ca1088b5394e578f0fa-005f36b0c8dfw1
ETag: e5d65b36cc2f1ee7de6cc53cd6609280
Content-Type: video/mp4
Content-Range: bytes 0-10621769/10621770
X-Timestamp: 1373028995.98411
Cache-Control: public, max-age=685
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10621770
Expires: Thu, 08 Oct 2020 01:43:21 GMT

GET
H2 200 vhasETOF_normal.jpg
pbs.twimg.com/profile_images/1131855016766124032/ 2 KB
2 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1131855016766124032/vhasETOF_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

baee07e6cf9cf189699de48a4a7009c3920868c17af309a6c3c2fd773082ec46

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
x-content-type-options: nosniff
age: 574728
x-cache: HIT
status: 200
content-length: 1731
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/2 profile_images/1131855016766124032
last-modified: Fri, 24 May 2019 09:28:39 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2f060b4aae2c10b5432ce0e020dad03d
accept-ranges: bytes

GET
H2 200 b1rQHaWp_normal.jpg
pbs.twimg.com/profile_images/990976939602202626/ 2 KB
2 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/990976939602202626/b1rQHaWp_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

aa6bb99958c99668c815297194ee751e59e73141765c5a41e4d113313bc0fb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
x-content-type-options: nosniff
age: 188140
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 127
surrogate-key: profile_images profile_images/bucket/1 profile_images/990976939602202626
last-modified: Mon, 30 Apr 2018 15:29:28 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3e8b4f103b30f91e195a32e8832b7de4
accept-ranges: bytes

GET
H2 200 o8O3Kf9M_normal.png
pbs.twimg.com/profile_images/484336518631149569/ 2 KB
2 KB 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/484336518631149569/o8O3Kf9M_normal.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A2) /

Resource Hash

8e60fab2e2b9c19d242fec6e050287e77a856131745637ba776d3e6a3412023c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
x-content-type-options: nosniff
age: 240653
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/2 profile_images/484336518631149569
last-modified: Wed, 02 Jul 2014 14:01:19 GMT
server: ECS (fcn/41A2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1302f7574c1863e5e57cdcfd06256aa7
accept-ranges: bytes

POST
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.com/ 5 B
388 B 184ms
184ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.com/ajax.php?json=notificationCookies&action=getNotifications
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1602120713.9265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:31:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame CDA1 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.bankinfosecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 102766
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Oct 2020 01:31:56 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 200
OK horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js Show response
platform.twitter.com/js/ 6 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (fcn/4188)
Age: 102766
Etag: "15d6bf68a8d65b293e52ddc833724ed4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2195

GET
H2 200 pubads_impl_2020100701.js Show response
securepubads.g.doubleclick.net/gpt/ 272 KB
96 KB 1173ms
56ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

4d89fe878915363fb946ed51bc60593e90df39059bc1a05c717a0cd9ba5bf58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Oct 2020 08:44:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97676
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
132 B 41ms
13ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=596566399&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1475091283&gjid=903182211&cid=1170441872.1602120716&tid=UA-212197-2&_gid=1496376715.1602120716&_r=1&_slc=1&z=880852035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
28 B 37ms
14ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=596566399&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=776017202&gjid=671982530&cid=1170441872.1602120716&tid=UA-212197-36&_gid=1496376715.1602120716&_r=1&_slc=1&z=250973838

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
392 B 21ms
13ms Image
image/gif 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=596566399&t=event&_s=2&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dailyemailupdates&ea=impression&el=&_u=IEDAAEABAAAAAC~&jid=&gjid=&cid=1170441872.1602120716&tid=UA-212197-2&_gid=1496376715.1602120716&z=608225536

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Oct 2020 03:30:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79276
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: sjs.bizographics.com
URL: https://sjs.bizographics.com/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=32755
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-212197-36&cid=1170441872.1602120716&jid=776017202&gjid=671982530&_gid=1496376715.1602120716&_u=IEDAAEABAAAAAC~&z=374719520

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Oct 2020 01:31:56 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 50ms
50ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 16 Jan 2021 01:31:56 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120716424&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1602120716424%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120716424&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent...

0
41 B

106ms
106ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120716424&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent+Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&liSync=true
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:56 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: x01grE3gOxZwz4TORSsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: ShEtqE3gOxYw8Z1VnisAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 824151CF9EFE42AFBDC31BF173933CB0 Ref B: FRAEDGE0714 Ref C: 2020-10-08T01:31:56Z
x-frame-options: sameorigin
date: Thu, 08 Oct 2020 01:31:55 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602120716424&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent+Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK index.html
platform.twitter.com/embed/ Frame F984 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1216351931020476417&lang=en&origin=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40FC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 767
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Oct 2020 01:31:56 GMT
Etag: "0b6e58b878f91c8b7b88de08db9c18e6"
Last-Modified: Tue, 06 Oct 2020 20:03:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40FC)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 577

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 794ms
210ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1602120716478&_mchCn=&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1602120716477-84563&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchRu=%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_campaign%3DEvent%20Promotions__-__utm_medium%3Demail__-___hsmi%3D96683910__-___hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw__-__utm_content%3D96683910__-__utm_source%3Dhs_email
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:57 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 83f627ae-8c13-4742-a097-3dd4cafec735

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 803ms
206ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1602120716479&_mchRu=%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26amp%3Butm_medium%3Demail%26amp%3B_hsmi%3D96683910%26amp%3B_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26amp%3Butm_content%3D96683910%26amp%3Butm_source%3Dhs_email&_mchQp=cat%3D416%26cat%3D417%26cat%3D472%26cat%3D462%26cat%3D506%26cat%3D409%26cat%3D93%26cat%3D40%26cat%3D431%26cat%3D421%26cat%3D427%26cat%3D560%26cat%3D467%26cat%3D428%26cat%3D399%26cat%3D444%26cat%3D476%26assetID%3D13654%26assetType%3Darticle%26key%3Dcybersecurity%26key%3Dinformation%20security%26key%3Dcoveware%26key%3Dkpn%26key%3Dransomware%26key%3Dphobos%26key%3Drevil%26key%3Dsodinokibi%26key%3Dryuk%26key%3D&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1602120716477-84563&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchRe=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:57 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 15f4a93f-fc75-43e9-9e05-f877279120a9

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 644 B
2 KB 83ms
83ms Script
application/javascript 54.77.58.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=57819&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&pv=1602120716599_5jv9weczt&bl=en-us&cb=2908231&return=&ht=&d=&dc=&si=1602120716599_5jv9weczt&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8787b1d280fb289b404d137a9439b0006ad3cd612b0a346292dbb541865f5599

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:31:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 469
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 871ms
207ms Script
application/javascript 34.202.64.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=892020
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.64.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-64-133.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:57 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 09 Oct 2020 01:31:57 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3613665845468725263&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665845468725263&redir=

42 B
915 B

78ms
78ms

Image
image/gif

52.50.67.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665845468725263&redir=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.67.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-67-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-0dffcb2e1.edge-irl1.demdex.com 5.78.0.20200908113611 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: IQ0hNoVhSlo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: LOOkL4oDTyc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613665845468725263&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3613665845468725263
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMzY2NTg0NTQ2ODcyNTI2MxAAGg0IjNj5-wUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=22f46c9a4f8b5f771fbaf9359f9f1da9474a5f5761585ddc0974ef0105db1c62f4cb09cee1a4f8eb&person_id=3613665845468725263&eid=50082

43 B
312 B

78ms
78ms

Image
image/gif

54.77.58.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=22f46c9a4f8b5f771fbaf9359f9f1da9474a5f5761585ddc0974ef0105db1c62f4cb09cee1a4f8eb&person_id=3613665845468725263&eid=50082
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:56 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 21:31:56 GMT

Redirect headers

date: Thu, 08 Oct 2020 01:31:56 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=22f46c9a4f8b5f771fbaf9359f9f1da9474a5f5761585ddc0974ef0105db1c62f4cb09cee1a4f8eb&person_id=3613665845468725263&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=5afe7577-521d-4d74-943b-f7f44362a2cb
https://ml314.com/csync.ashx?fp=5afe7577-521d-4d74-943b-f7f44362a2cb&person_id=3613665845468725263&eid=53819

43 B
312 B

77ms
77ms

Image
image/gif

54.77.58.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=5afe7577-521d-4d74-943b-f7f44362a2cb&person_id=3613665845468725263&eid=53819
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:57 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 21:31:57 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 01:31:56 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://ml314.com/csync.ashx?fp=5afe7577-521d-4d74-943b-f7f44362a2cb&person_id=3613665845468725263&eid=53819
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Thu, 08 Oct 2020 21:31:57 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665845468725263
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613665845468725263
https://ml314.com/csync.ashx?fp=857a3e788c7ab5af735696d8ea26bbb7&eid=50146&person_id=3613665845468725263

43 B
312 B

80ms
79ms

Image
image/gif

54.77.58.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=857a3e788c7ab5af735696d8ea26bbb7&eid=50146&person_id=3613665845468725263
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.58.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-58-217.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:57 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 21:31:57 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:57 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=857a3e788c7ab5af735696d8ea26bbb7&eid=50146&person_id=3613665845468725263
cache-control: no-cache
x-server: 10.45.15.199
content-length: 0
expires: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

0
344 B

65ms
65ms

Image
text/plain

3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:57 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=r8hrb20&t=gif
Date: Thu, 08 Oct 2020 01:31:57 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 2682.js Show response
script.crazyegg.com/pages/scripts/0021/ 3 KB
2 KB 17ms
16ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0021/2682.js
Requested by: Host: dnn506yrbagrg.cloudfront.net
URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?445033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b76b0645873cc7483c348bf007931e8a0dc7a66b9edee5df59d3c286f5bc3c9

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
cf-cache-status: HIT
ce-version: 11.1.118
age: 203474
cf-polished: origSize=3447
status: 200
cf-request-id: 05a76f2b15000063d1b2960200000001
last-modified: Mon, 05 Oct 2020 17:00:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 5dec1af1bd6463d1-FRA
cf-bgj: minify

GET
H2 200 lounge.d70637fa1c39d358d2553bf476f09a98.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 32ms
18ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.d70637fa1c39d358d2553bf476f09a98.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 190089
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 22103
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 20:15:50 GMT
server: cloudflare
etag: "5f7b7ef6-5657"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a76f2cb1000005c818287200000001
accept-ranges: bytes
cf-ray: 5dec1af4498905c8-FRA
expires: Tue, 05 Oct 2021 20:43:43 GMT

GET
H2 200 common.bundle.e07f4f02bedd02259fb3f3e092970560.js
c.disquscdn.com/next/embed/ 0
88 KB 32ms
18ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e07f4f02bedd02259fb3f3e092970560.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3359499
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 89940
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Sun, 30 Aug 2020 04:13:44 GMT
server: cloudflare
etag: "5f4b2778-15f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a76f2cb1000005c818289200000001
accept-ranges: bytes
cf-ray: 5dec1af4498c05c8-FRA
expires: Mon, 30 Aug 2021 04:20:17 GMT

GET
H2 200 lounge.bundle.e036f421f8b1b0c7a5e3f86da59ffb99.js
c.disquscdn.com/next/embed/ 0
113 KB 25ms
12ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e036f421f8b1b0c7a5e3f86da59ffb99.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101008
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 115097
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 06 Oct 2020 21:17:56 GMT
server: cloudflare
etag: "5f7cdf04-1c199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a76f2cb1000005c818288200000001
accept-ranges: bytes
cf-ray: 5dec1af4498b05c8-FRA
expires: Wed, 06 Oct 2021 21:28:27 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
8 KB 1291ms
49ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:58 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 27
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 7281
X-XSS-Protection: 1; mode=block

GET
H2 200 bundle.c1414569ae0d48cdd8c614158295e905.js Show response
vue.comm100.com/js/ Frame 6373 1002 KB
243 KB 59ms
58ms Script
application/javascript 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Requested by: Host: chatserver.comm100.com
URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 99219fecaa6e9ee4f6c103172f2b6c870c5f6adab22535afba2090680a3253fa

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1362203
x-powered-by: ASP.NET
status: 200
content-length: 248284
cf-request-id: 05a76f2d2700001e89900eb200000001
last-modified: Tue, 22 Sep 2020 07:08:27 GMT
server: cloudflare
etag: "80a7d2baf90d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5dec1af50a5c1e89-AMS

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 1628 0
0 1148ms
163ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654&t_d=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&t_t=Ryuk%20and%20Sodinokibi%20Surge%20as%20Ransom%20Payments%20Double&s_o=default

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

Connection: keep-alive
Content-Length: 2712
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 10 Aug 2020 08:03:43 GMT
ETag: W/"lounge:view:7840541092.f953e7201cb605d947e32d8d907343c3.2"
Content-Encoding: gzip
Date: Thu, 08 Oct 2020 01:31:58 GMT
Age: 4
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 34ms
14ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bankinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 34ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bankinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 223 KB
24 KB 201ms
152ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477744315043485&correlator=3203459769100874&output=ldjh&impl=fifs&eid=21067686%2C21065725&vrg=2020100701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201008&iu_parts=4444691%2CBIS_TOP_728x90%2CBIS_MID_RB_300x250%2CBIS_MID_RB_2_300x250%2CBIS_MID_RB_3_300x250%2CBIS_MID_RB_300x600%2CBIS_MID_L_180x150%2CBIS_MID_R_180x150%2CBIS_MID2_L_180x150%2CBIS_MID2_R_180x150%2CBIS_TEXT_1%2CBIS_TEXT_2%2CBIS_BOTTOM_728x90%2CBIS_MID_728x90%2CBIS_Interstitial%2CBIS_TOP_320x50%2CBIS_BOTTOM_320x50%2CBIS_MID_320x50%2CBIS_CAT_LOGO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C180x150%2C180x150%2C180x150%2C180x150%2C280x70%2C280x70%2C728x90%2C728x90%2C640x480%2C320x50%2C320x50%2C320x50%2C216x54&cust_params=category%3D%255B416%252C417%252C472%252C462%252C506%252C409%252C93%252C40%252C431%252C421%252C427%252C560%252C467%252C428%252C399%252C444%252C476%255D%26gated%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1602120717&dt=1602120717690&dlt=1602120714105&idt=3556&frm=20&biw=1600&bih=1200&oid=3&adxs=615%2C1025%2C1025%2C-9%2C1010%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C15%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adys=71%2C587%2C4268%2C-9%2C2189%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C8452%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adks=606436291%2C592806581%2C4037182823%2C700692632%2C585369811%2C2214922354%2C1142555781%2C3687202745%2C1536889060%2C1397140349%2C824892936%2C1158310571%2C1554130010%2C3082656849%2C1657167512%2C3519266287%2C3120678580%2C3463778582&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&dssz=76&icsg=52776541529087&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x90%7C360x0%7C360x0%7C0x-1%7C390x595%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C780x8088&msz=770x90%7C360x250%7C360x250%7C0x-1%7C390x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1570x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C236x64&ga_vid=1170441872.1602120716&ga_sid=1602120718&ga_hid=596566399&fws=0%2C0%2C0%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C644%2C128%2C128%2C2%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

abef9398dca2f3d895e72a6f78da7b4bc4e73449dac66e73ced1d384fdd36a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23214
x-xss-protection: 0
google-lineitem-id: 5488910567,5488910567,5488910567,5488910567,5488910567,-2,-2,-2,-2,-2,-2,5488910567,5488910567,5496550240,-2,-2,-2,5488910567
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324823776,138325040833,138324818846,138324803771,138325038508,-2,-2,-2,-2,-2,-2,138324635928,138324803684,138325569944,-2,-2,-2,138325244371
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
139c7dc2c025f4ebdd6719717994e1ad.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
13ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://139c7dc2c025f4ebdd6719717994e1ad.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame 6373 996 B
888 B 735ms
734ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 948a0e2203b91961b74d4ca9d8e37734b6f8c7da96f24b70839a52b536541c60

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Oct 2020 01:31:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 548
cf-request-id: 05a76f2df600001e89900f3200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: private
access-control-allow-credentials: true
cf-ray: 5dec1af65b741e89-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9DC9 0
0 56ms
55ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhcNocaVCeDK2CAHp94Jn7TE3sq3r8bUI0pCuFz9Y8jSlhMUHQxN0qU00ikK61Y13lABicDkqyV4_ZTvnJ1suvIZPNOyhHWZXKKNN0z3qWM0FZPpj1vkOaP9Ub__p8OvJux0slvIOynZQqo1gVM7OPZWRRwxHnxeT96a51B14DxxZzVrInFscAuPLpGmqoSqCD_t3hH0biA7Q-LeYgBTrICFmpzxoRNcOoIWs4UdQlpnR3jY6kAsewOMLPLsyA6uoFLdRT8PMhpsEuKt1IhJQ&sai=AMfl-YQTUrFVx2Zc8xmPfaxrsYtbapmQvYPm-sHAUi89MDvmLBGTQaUZr816MvN-au2mrFYbigFZsVW0kYvmz3rdU5vqMsR6sexs5RsIwfTprVSMEHEM9C78EwIWRMHhi4g&sig=Cg0ArKJSzJ07fuO7236WEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 9DC9 18 KB
8 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 9DC9 3 KB
1 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DC9 74 KB
28 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9DC9 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaTPpA5bOLT7iEcdCGTFHzYCsFI_ncBLufhIFppyV4xki-MCuwI4Ke01YvK-hd08K57MjS
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 10263556362713807800
tpc.googlesyndication.com/simgad/ Frame 9DC9 85 KB
85 KB 34ms
18ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10263556362713807800

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92c893c4ece255df40dc0658343e3b3f191da535a38aae50852ed6608cab64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245323
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86923
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 17:30:42 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80A0 0
0 53ms
53ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEI1QN9I1zWLQ3nLKIuKv8kzLDIV_1OCCyt_aUViuNisDtCy-Gy2RpxuChxHDnTGe7jX0Gd6dySLmB2RdXUH3yrOuc8aXZQFRih63ul0qxMR04DosqTovYE70CZ_oqsxmEOGt5hXJuw3f3Fvs8x9buGxfmQM_4qhVC_NkA9jiHcZO11yFIFoQJ4BVua5ymD3F2bMCVW1RGJWOR3G6VyJqmA9-ExweewA96a2BWbOuE6zr_x3dLFMOOYOTgdrCmTbY559UeJzt5FfYfsPZM5_ijFd3j&sai=AMfl-YRIkk9QP3dpAI8u_XpLuIzeYqsfe9CmpKequtT4DZFFD1n9Fx6BhDeowBRX3hzZHk3ILvQXKBvwCyIqyXStRLayoOu1hF7ul2D6WStkUv5WPfFByKzYuplRIX1Zu5o&sig=Cg0ArKJSzKiNuEA86IucEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 80A0 18 KB
7 KB 28ms
17ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 80A0 3 KB
1 KB 24ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80A0 74 KB
28 KB 36ms
27ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 200 15546947360494861944
tpc.googlesyndication.com/simgad/ Frame 80A0 125 KB
125 KB 42ms
31ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15546947360494861944

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b876145950a32bf33e85c949aaf29db47402fbffd0f3a969e45fa83b58ac9c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245323
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127690
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:38:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 16ms
15ms Fetch
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=bankinfosecurity.com&host=www.bankinfosecurity.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22C3 0
0 67ms
54ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstP5eLIyX_h8a28FtTivogp0kq8PTnjtepDnT_QitbGRQOQFWtCrd4n6Fio7QES4XxPNhLK9SEkDXahJ7YIJkN2PKZH3sjf9RpvpFUPlPjBatUQ3nsNPdJMzbdKkpM9rll9ay5PorQa8eVqZL5BiW5YF5NWolA9X_8Pni390JQvH19bET2Byhp41HeiAybqMz5dTG5a1lm2p23eQlUjsxNMV6tgZHOJRBN4bE087Goqn6q0UFuh852vbp378CxFZHzz7tD7MjGnhXxsI99YAjK98JYw0dg&sai=AMfl-YRrqUrD9We6QL4s9IbpkvHtyMSE4W6kVE4yUfRmIx_ei7Ojr8pZ6MTJCNy3YMnPXZNshAuKoENqRCMYQSxlwP-nJZyXITege-FMR3ddsq2ZGD_wM3kqRFS5daA-69A&sig=Cg0ArKJSzLYnaPwYQAwfEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:58 GMT

GET
H3-Q050 200 15546947360494861944
tpc.googlesyndication.com/simgad/ Frame 22C3 125 KB
125 KB 22ms
19ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15546947360494861944

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b876145950a32bf33e85c949aaf29db47402fbffd0f3a969e45fa83b58ac9c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245323
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127690
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:38:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 22C3 18 KB
7 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 22C3 3 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22C3 74 KB
28 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD6D 0
0 65ms
52ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRv0XokEcJPeGlngVaN0vG1C06ycca8jcpk-c5Nab_1ryWlzWkZvd3P-BQjafGRSMFEXhhkl_4yNZd-6DmkT-aPbqjTBOrQ3gcqitY1wvn_KnupDI9wMjGNdq7cjChavqfFsaFHf98MgmvfBgbrh2YgV46dqzq_L0BnaXysp4yzjXTuR6lzs5QWGfrbNWrKhjoeiLUrG3PbL2fUpZMI1i6KyS3x5fA2Qc36I6cLcO2TwTU24LFafYMFBp9TWjdbRZycF_gWEC6GElVkQX8UXI45ggE&sai=AMfl-YQjSOd4NZiklR3YYn9g-nmA1aXZ7ZOlYdQMLekkPH1F-k7WSzQmEl7pYQsa12d4YTQF_ADbF0QhCzZyW9pBDN9WXhs_aumax41wjcYfCPyjrWynPH0seTHQoC_5-HQ&sig=Cg0ArKJSzG76zRF_fiTyEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:58 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame BD6D 18 KB
7 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame BD6D 3 KB
1 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD6D 74 KB
28 KB 26ms
18ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame BD6D 0
0 58ms
21ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYFPQKFQgS-8fLuP1LiVYsaf2Jk7PLLElnF-jIm3s__fV9NgdlOxrTwL_h3UKdwU5IeZH1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 16931159853215764700
tpc.googlesyndication.com/simgad/ Frame BD6D 61 KB
61 KB 29ms
9ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16931159853215764700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c94fa29d3b37f82784d105b9589ab49df1abfc4bd944c1439ed948dd702c7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 12:37:31 GMT
x-content-type-options: nosniff
age: 219266
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62268
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:20:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 12:37:31 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBC6 0
0 63ms
52ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIc_aS4TSg4qQ6m7925MVv3R8WMZz40CyvG2So3dyNr3qQg0qdzd_rNnS3X7nTeXcNwQd1u7Aguc4sxnLp6ydTc6siR7lmYM26mhl2iiv8y7nQjHEeO5hOQvV1Y-WILtsrZ48NAKp4R9BUegwM-PGM_8ZHPWfPiI1B5OoDCrGqBtUDnSx_Nu7yIqBAsfF5rQZXeAUBDgJqRhPNHWcKyiFcPEbu3XGfj2bIjpG1y7LPqqxRjtouUxY1fl1sVqkvtCm4LFxe0_bhHET7g-IPBmIdNvo&sai=AMfl-YQtzuMpD01vQQdjSGiMnzOrBJzuEp6bNTq_N4u58SPI_bsl5ov6myqf9U8W5rcMpLbK7fz_N01_7VtMrWV4TvePg3N3x28HeVpEZf84BDMbZjYfG-k2ccvBhjQPsAg&sig=Cg0ArKJSzGdS_nFJ4lMNEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:58 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame BBC6 18 KB
7 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame BBC6 3 KB
1 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBC6 74 KB
28 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame BBC6 0
0 54ms
22ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToPSI6mwAi7PJxZIttu0rgtZE9PLs2gYR5gvxPYDoKvLv8vOIuqfcru-PLNgpwfYwtq55n
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 7614917863318880450
tpc.googlesyndication.com/simgad/ Frame BBC6 90 KB
90 KB 31ms
8ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7614917863318880450

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2dafcf75177e09b7505be612ceec9add31f1b0ebf8c8f196d38d73ef2172f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245323
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92246
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 14:20:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 203C 0
0 63ms
52ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuWTFc5xiFrREPHGFvmHonVfMmFP-IpA1ZSTFxIzm3fH5uNwKBdjNVegMWKpM15K_TqadHOk6NQhracknuIISue9lZRwSFRUkkg-lZENczEex1fQQwt9nGGZqQTZI-0xf_mB4cTvnCJ0wGvFW274ZPitt4d6klDxHam8Z4qpkrTIZzRlO5HafKXh9UipaBQ9UPbz2R202kxmsGf6ODeEZGMR-OSeECkhzMkvCDcSvwlCRlaIaLcowZnbItB66cLpqcuJIZIJxNTpLEVlpZgXLM5A&sai=AMfl-YSpF41Pt2DgfKjOuGfoWyp-N_EzRIvwCef9CFVLIDFqzvfH5nMhoofEWnKEhXJHTEFo6URdkJ73RYmnOX2SuBlQI47O3h_4tk-Wz8hphflN2yaoDV53wP4jytE-EEc&sig=Cg0ArKJSzJCfSImkBFzrEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:58 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 203C 18 KB
7 KB 17ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 203C 3 KB
1 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 203C 74 KB
28 KB 22ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 203C 0
0 49ms
22ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBWJvwzO7-9efP0ek8MiBzqJd74pSFUhyYJUuOSInCFpB5AYi4CjWl0q4_RXMkfU06ZQiX
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 18364637846577120327
tpc.googlesyndication.com/simgad/ Frame 203C 73 KB
73 KB 28ms
9ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18364637846577120327

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bcab7894c767072695814dde2c7ea423136e59146fead4f5e7513edaf719cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 11:08:49 GMT
x-content-type-options: nosniff
age: 138188
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75103
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 17:24:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 11:08:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C258 0
0 63ms
51ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-VE1yEUbTVFmnu72roDA1xTMpAUd_4zgTuLtBOPMO09VuPcBNXnZoNT-AaoOOHN7cajbFu0N1_g2ymKsUY0IrucCtayfzMlBv2TmfzEvJ12V6X4jBQVUE2fG8c5t3hpdQmTDAf7oS9q-tUzc8gaWwfxmxmh1eb-p5IVR8EignkogIKRqLocbJNzUWZ5wiGmi7CeU4crUDxzcuiD21Z3wxheCnjjOryl27k5VELZHA4Bz9T-gToy3EpMaESMpRqUJUseVk5YxsIhFCZkY&sai=AMfl-YSRVkzCgJcWQskoVQzdG3ef75QyWTV5GpBD8Q8MXdRIxdrkDythQR61fCuadbG5ailsOM9GqGAWtU6imnewxkWevy4Lp-_LkYM7dyUJEA8yxg14GCYgi6Qwypov-g4&sig=Cg0ArKJSzCThldfIQx7wEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:58 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame C258 18 KB
7 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 4444408978987076335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 16:32:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame C258 3 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 17:24:45 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C258 74 KB
28 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:57 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C258 0
0 45ms
22ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSE8xal1Mc4jf-tvyYOBLHeR1gl4X5mYe7lYWl75WFZ9AdryjXGc87OEja5Sw0pIfrr-kXK
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 8328986240128410704
tpc.googlesyndication.com/simgad/ Frame C258 7 KB
7 KB 24ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8328986240128410704

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf700ba5224dd4f3d1267daa6665215dcccc63b68589ea33b7349899561a686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 05:23:14 GMT
x-content-type-options: nosniff
age: 245324
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7066
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 19:06:42 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 05:23:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80A0 0
21 B 52ms
51ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8_KijM9VljavfpS9EYPD26YW_vLO_ap1AffrQbNUCT0cl5iIK6sObYT1pzsZ5uMN4RXcwGSWp24NHGU61J4Eb1GzBRIS8-n0d-L7gGhriIqeypFb5SK86FiwLw44RaESpUhD9Io0uIJmWqO8KJbgE8VOPIMyqzSiTYqgYpW_JqtuQa4UBiXcTxPsOLcpytXE0b-5oR0q5nhRloJ-_ayyi_NaUEttUYzLedbaxtUgbrzefZ11XAl4gI6TkZopeJ_cna2wI4z_9BKERV_z_CO0qtweU26k&sai=AMfl-YTlGP_OQRnVEJsVh4MOOMcWMXhPteMyPNrz-zuhdWrQaG6ZT8GqEYRhVjWS8JcjdRRgqPqClMhj6JMN9Kgt9Sp951AmSyewjo5yTOO2XanLTcWpuMHAaS9sUpfPyHY&sig=Cg0ArKJSzE98kUhZjIRPEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 80A0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9a1e6914863b6e8b235cebb1e46878dacef14dc821c61a693dc1f2012d31a1c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9DC9 0
21 B 53ms
52ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX6b1Cifjsd4mXGnqNtB5AMfbyXL3XfC46odbaZi3ErZQNZn0yzthCohCdHbIvh16VrYDrhAbvmM8Q81juLexUiqcpFb2E0sNBuRxlVJSpHtYF6cXNwpPaG5c7nPA4mt9O8DFHbGmkHi6ik-ShEeOff8FuGKc-5ebojhuMHCDKIqyTWM2b1bxDFMOY7caJsyiC-frgw-YzjqWA9jfhkGB85aWVkLYa3VT9JWlaJoAzH-aFD7YJt0qT9YPSi4geVzg9E1Nd7dMmiwzaeYrMj80dZQ&sai=AMfl-YSx5k0LPxdz2of68KhUIdDARqGdWrVrxx-FrpnKDy6td1KJLgtiyMjV1QBC-RkpuH3PIy4l5Aa5iEEtOEVU4Pd_H6Djl1JlAoxekKDVdJKaSAWMpq7WTGlYwoJTlas&sig=Cg0ArKJSzHnvbM4fi6QNEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9DC9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fd5bb4f0b1000cfdade1d1bb5288bfd5e1b2ddb42809982f551825ae3747fd2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22C3 0
21 B 52ms
52ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMPiQfy3QEH1qKgrNc-eezouwjI60VOSUAfTLIW_61XwDGcz5Sk60G1L7bky1G8jvihXM7W-coYCBtfUA-Sky1aTov2kmD9nqWKurVUN2Rd6vB2Jgp-4WJl8sEqTWK_VyloecIDrBoUTbCd8GcQRD3ChzXVwqc6gnxFjJQzpB9Bc6darCeee-vChkfNOOmFekySxsN899YKV8OKh21fSBhzc3Mbqj42yNd5CqJDRR87dIhKx84GG1n5RiU6iG5dOSvgovKh7ZFIeMUMcAvgm5dcZGzxgxPJQ&sai=AMfl-YSS1gihm58CPpXHDC9FviEMlHJtnp0Y1SKcT2L1JJYv8AlDeAyRMibD32X9YpJ30s769LkvR6jT_bElvLT82tX2PRvFo5cyehRypj9aKZl_T1pj6gLsOklGiKWXQpw&sig=Cg0ArKJSzMi8PQJIhbyqEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 22C3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac67391ea35b2777dcbda3ab60eb7a2dd809f4c9054a63e53cbf9f2688cecd4e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD6D 0
21 B 52ms
52ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxAw0906qSWZgDWmbBHbZ6tVuSYioUI5ziVG2ffWHa00we_JahA1U1iefkL5I0SSQzQCnIDk0He4PlX6EhCwViy3_cSD7KddbxkGM9GPQQq6GebvSX6CWlC9Z0dkT1JiAnCxUanVas_7cRgU5Dewgx31DGs_KWYEhytg6MqzBb6OhLGRXlWf2gQaxrQzq1tSVBsewFD36m4Eb2FYcdF4NUCLm1OAG_MZxXHTttgH-H4fd4QIXktoEbtrK578zIXyrH2g4iDT93N-NpBY0D41k4YCpbDZU&sai=AMfl-YSTQE0nv2wkaRJpsGuZNQZoS82fQ052Z6aOFQoWgRkip7PlSzgDy3hUfOcZraQeLIAJLawtDALyRJmyWXFOjX5y24AaFA5otIBdaiId25XKiYn4ZiY-3v5g9C9gKh0&sig=Cg0ArKJSzC0TLmPboXu6EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD6D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0213d6ba620d7d2d0a56b0b2fbf8bee97103049f4cdebe1b7e4f787d224f432f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBC6 0
21 B 52ms
52ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqC5oGr5qLFjJ2nquS-CrVHbPkaiHQ8QVrqvmpiC10ug2M7aiaaabrkDib7o6Q_3WgnQe9c65stBjs3EH6w38PWyM6EY2vVkO1SopytQZItTsqLhkaMGobhhemfcqFKXc66zdcHJr6lhUaiCZ5pmIW7TErXIE0vzENzmoR48fVU0QOXsnGOj8I4RZMTL-3dXm7O4C-qxIR94_rWFut6iEE7fiIhLeALSRp4iZvZWjA-FfRscLsFaZIPcTTGb0rvhkUSRKm0dz59QFDh5LCLTiNpzrh-w&sai=AMfl-YTmh72dMiPPqbyEGOWSXAOYIDPSI823grCthk0wf3GT3052mwDlUSxw0z2yNpdVANKAHCPkrjmj7iHa7iKQkHhWMHnkSE4__LTksdFq4dK-Q109pzsEJxK0P5yvd_g&sig=Cg0ArKJSzP3Eo41Lrl_dEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BBC6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18d1509e3dc50e29a6b2f7abea1790258d79308c9ce70b87cef0643ab2539a29

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 203C 0
21 B 53ms
52ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstImt10883OrUM2j57wcl09CvdvxsVJ1c_fLdT1Blh_aIqYnHiBiGwLjgSLEFW-Lr1r3c6r-CuHrgV3LkJX6Jq764IwbouDHw47wfiH9KdLumzvLHIqGBjR3ORd5_fkSzydWoZd6julRjikyVYz61wOdQ_LytY2MHqo-wd3EdivTggrKQ4TEYtuMrLR4TowskNoiNS3o4pNh9enMiBA2bHDeUKVtBO74eQATkmcBbN9bOZ7WaqpWO9xrMh89KXnFy-kg9NzYAdxwElT2SjaD5-0pdc2&sai=AMfl-YS7CGbPI9Ow0Sjq9vivfhpdH5yEgx_YKVv6MWQzgrNfx2LthY9uK3sjKBsrev9kauBoAQCUOH7faeoMGutxPEp6LDoiMBTubDE0rkAvLLU9JqRp0z28eukLuJRJQe8&sig=Cg0ArKJSzGjT41q8mB3iEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C258 0
21 B 53ms
53ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvverTw7mQXlD2ALrHG_W6zhH27UYICDW4AiPVyTzyWE6goBwHcYh9TBa5JocipVqF6RQ_H5NHStsy0wqzB40wQ8zN3LFxPG4AiIueozsPDfYuDDFhj27vjIJ6v6jKSTYRkh34r0MMmlCRlFRcMsXF_KJlOAenZyh9xUNTPgqoBc8IbhlsaxtVyaPzFkBrJCE9tJUkttk1Xj6YNQSiJVt-SB2YtRe-ofIZCTrktQGxY1OtSAUK8irsQ3PIjVW1jZ6vvExB01KTaiJ69LnXT8g&sai=AMfl-YSXSzKDGMczLYNqyqyXaCy1Th_gsldGACoNqvnFjTX-hPVsZ2kGpgyn1q6_uyHPu8ALw4ISBOLucjqAzZ-B5JszZi6VXU_R-oKHkDMn5GVxNKqDzavMmstEiVgCv7k&sig=Cg0ArKJSzPNVnmxQlpK-EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C258 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 824d9aaecf4d135856a76bb2c792c11c00e60c6502d3272069b6240966fb5092

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame 6373 1 KB
1 KB 786ms
785ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ef4989b87a5088ddccd1524cd17e30a91080ad977e151fca041ecb9b764c6dc8

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Oct 2020 01:31:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 725
cf-request-id: 05a76f30d900001e899010b200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: private
access-control-allow-credentials: true
cf-ray: 5dec1afaff2f1e89-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H/1.1 200
OK bis-hdr.desktop.r2.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 2 KB
979 B 170ms
170ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.desktop.r2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 01:31:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 595

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
25ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020100701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eed5c9aa1cfcbf16ce5f17be4822485e52e1b70bf5eaa5d377623861bda7b01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 203C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 963a996b4f381fa89cf3d72ec1bb80c52397585911816e40eba321db4b6a11eb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 2 KB
1 KB 164ms
53ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:58 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 107334
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1044
x-llid: 836b32608082433ef00ee2435fdc13f8

GET
H2

204

64ead273d1f41aa7
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7

0
191 B

175ms
60ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/64ead273d1f41aa7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 08 Oct 2020 01:31:58 GMT
cache-control: max-age=0,no-cache,no-store
expires: Tue, 11 Oct 1977 12:34:56 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"

Redirect headers

status: 301
content-length: 0
location: https://pixel.sitescout.com/iap/64ead273d1f41aa7

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 08 Oct 2020 01:31:58 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 8B61 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Wed, 07 Oct 2020 23:00:52 GMT
expires: Thu, 07 Oct 2021 23:00:52 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9066
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0D62 0
0 176ms
60ms Document
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email

Response headers

status: 204
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Thu, 08 Oct 2020 01:31:59 GMT
server: AC1.1

GET
H2 200 dabbb58b17f5118e
pixel.sitescout.com/up/ 43 B
267 B 178ms
61ms Image
image/gif 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/dabbb58b17f5118e?cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:58 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
status: 200
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 15ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020100701&jk=3477744315043485&bg=!fn2lfV3NAAWYAzhQmFhb_CL6zIXgMgIAAACBUgAAACIKAbPjnPBpf_EZdWfn0XrTjCKGMRkNK8G2OFuCH0mWuvLh0vNNuxJT9_zNvQ7kL6N7Cn7AhSebNaMlgX9gJBb-6A6fU7YfEa0wjiba6keMuiqgIvlWa_QYlZJU4hWWNvZr0anvz40fKMKT3XBFWc28NheNUDvdAPj72bR38MU0sYNRbroiFwmthdXM5qTCMI6LCk2ctQ0Zcum1Br1Z1jgMuSHu1hxBZ-PQ5f3rBYhH2dA4-JnZpvKLoDE-IBNRc2TsMQpo8BZWiO0oSJbo6gBVdKkJquckqdwroTipPHtsRHkWtdS_8bKeyu9G2l01Hzd9UpctOH-Bk7QaZDd23ccFVFY_IukZFN1QuRuOZ2Kf4yztep_KLNtVmHV3aStByANFI8MgtQ-E8GCwfwCsezQGMdQkKHiZklBlhl3vu0HPcjF7I8HLjmnDEyWN3kmDko4DXLnracjZVWnTDQuneuozLRphNCe3hvG9IbDbdQj7WIz1RTgVmOumBTd7rl5ZhDhO7zSe9uJkJoBj4QI0xQwpqCjRHka8BR9XxwHGEzjgEEttgS0iKjqAlucBMeIfRNJSBCyRBPaZAbEPgd_FA4hjCz6DTQSzIK7Q8EFJXmlepSQGvW4S65qucxGv8dZQLKfbsz0Y7uELZxknflQP2meEyCZDV4QEWMh_FNq8y3lmR1uGCUKL3w7Pj35IxFWaQq8yogfnvWb-OeH7t3pktg9WZ6mjXS6GIxnUFUweodLt9QQvXYxu1wccqwuoqnOqaj1eJI2rLxB5DIB444uMs_xLGdXNxt1ktXJs_KNNIy45UbdD63m_jNGad3jmq15QDyqUs_LEf_zeI8Hycy05ELNGaU3M-X_3ayIrHr8Pw13yNxVd5j33qu2Mzxb_8NEM0ApyBJQZ7-RgbnWRvr1qS7ttXBzKNL9x1cflWy_DWzBufcCe1k55ZQ999K1AYuTVVcGN-ancCpWnBHjHqpUumOV0yGrzLcK7FPXgZ7hl35ArUW7l2Ry3t7H--4lUvmsnnOwRW0LvBJtkE7fN6N5Z7wBZl40bGcatQSUT0zxrCZJR2MtVfkSaGqDAqEUep1ae6rddrbFitj7K-s7SMFf7_oN6pj2pedKstnJFWPKYeG4xLN4y-9gXqNceb3PC1oil0VOs_GpPbGFLgpI4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 80A0 42 B
70 B 14ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIXmR3_C-TehApCMesAlu2S-MWASdRXmeeqR0DmSQ78ZYtMC8wJMNILhEULPl5U4ICe1zQdTJM8us0rJcCcD7Ucr7wz45WSMyS7Q6U6PU&sig=Cg0ArKJSzOsXfQKXrjtuEAE&adk=592806581&tt=-1&bs=1600%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=587,1040,837,1340&postrxl=1&mcvt=1008&rs=0&ht=0&tfs=123&tls=1131&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=7&niot_cbk=73&md=2&btr=0&cpmav=0&lm=2&rst=1602120717938&dlt&rpt=189&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1127&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201007

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9DC9 42 B
65 B 15ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuByrcr0gI-w7AtFInPcvbUjC0uJFy9gQ_FN_UdIEsrkg4tEuG72ntxdEC-UaWiVBm5LxIQw2WKpOEuUDjI2SIY5WysPNuuHYzcpZ3nqjA&sig=Cg0ArKJSzFCS4K1Bn0JaEAE&adk=606436291&tt=-1&bs=1600%2C1200&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&p=71,636,161,1364&postrxl=1&mcvt=1026&rs=0&ht=0&tfs=113&tls=1139&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=99&md=2&btr=0&cpmav=0&lm=2&rst=1602120717936&dlt&rpt=192&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1138&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201007

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C258 42 B
65 B 14ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH1tkg9seRc5ktBsPiy-YBce8o-KegWhtvsODEVPHnSwAAcb8zyDVVqwSFrndWsdOMGJFBuzeBRQsA8RGZ_SrSyWXeoe3w6g8NaXQMPFk&sig=Cg0ArKJSzDZJK3s5NoPxEAE&adk=3463778582&tt=-1&bs=1600%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=323,754,377,970&postrxl=1&mcvt=1010&rs=0&ht=0&tfs=103&tls=1113&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=24&md=2&btr=0&cpmav=0&lm=2&rst=1602120717984&dlt&rpt=141&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1112&is=216%2C54&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=216x54&itpl=3&v=20201007

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 campaign.ashx Show response
chatserver3.comm100.com/ Frame 6373 6 KB
3 KB 835ms
734ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/campaign.ashx?siteId=92035&campaignId=1275&lastUpdateTime=75567E86D28614B61879350BF24B10CF3D5F2F97D558627059BACCEACEA691D0
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 01:32:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 2617
cf-request-id: 05a76f344e00000c0562267200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5dec1b007e830c05-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 203C 42 B
65 B 15ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuH1LZyHtGBb5OW97n7ylmvY7iERnn2F6qxp3pA8fCBt-2pctl5aVn2oWb_lP7gFkJjJdWVwSbuONxgJp2T7HKJeLxxJAXTTPV5H75k6Q&sig=Cg0ArKJSzIZJxWXX7g7PEAE&adk=3082656849&tt=-1&bs=1600%2C1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&p=168,480,648,1120&postrxl=1&mcvt=1007&rs=0&ht=0&tfs=714&tls=1721&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=3&niot_cbk=30&md=2&btr=0&cpmav=0&lm=2&rst=1602120717984&dlt&rpt=139&isd=0&msd=0&xdi=0&ps=1600%2C10154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-18-2-17-17-0-0-0&tvt=1720&is=640%2C480&iframe_loc=https%3A%2F%2Fwww.bankinfosecurity.com%2Fryuk-sodinokibi-surge-as-ransom-payments-double-a-13654%3Futm_campaign%3DEvent%2520Promotions%26utm_medium%3Demail%26_hsmi%3D96683910%26_hsenc%3Dp2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw%26utm_content%3D96683910%26utm_source%3Dhs_email&r=v&id=osdim&vs=4&uc=18&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=640x480&itpl=3&v=20201007

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654?utm_campaign=Event%20Promotions&utm_medium=email&_hsmi=96683910&_hsenc=p2ANqtz-92TXoKqlHjmudE99gEZGoLsosiEF6kaSzE7k0IOuE9s5Qz3eO7lBbHqfdo_ImHAYycauKO3DHwnd9nd1xmwAdb49HWYw&utm_content=96683910&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 22:32:18	Name: uvc Value: 1%7C41
www.bankinfosecurity.com/	1970-01-19 13:02:15	Name: PHPSESSID Value: 2ferh50rmr12fvj2ucovu2v5e0
.bankinfosecurity.com/	1970-01-19 13:02:00	Name: _gat_newTracker Value: 1
.bankinfosecurity.com/	1970-01-19 13:02:00	Name: _gat Value: 1
.bankinfosecurity.com/	1970-01-20 06:33:12	Name: _ga Value: GA1.2.1170441872.1602120716
.addthis.com/	1970-01-19 22:32:18	Name: loc Value: MDAwMDBFVVBMMTIyMzAxMTk5OTAwMDAwMDBDSA==
www.bankinfosecurity.com/	1970-01-19 13:02:02	Name: __atuvs Value: 5f7e6c0b550400af000
.bankinfosecurity.com/	1970-01-19 13:03:27	Name: _gid Value: GA1.2.1496376715.1602120716
www.bankinfosecurity.com/	1970-01-19 13:03:27	Name: _advert Value: false
www.bankinfosecurity.com/	1970-01-19 13:02:04	Name: visitorip Value: 194.99.105.99
.bankinfosecurity.com/	1970-01-20 06:33:12	Name: _mkto_trk Value: id:051-ZXI-237&token:_mch-bankinfosecurity.com-1602120716477-84563
www.bankinfosecurity.com/	1970-01-19 22:32:18	Name: __atuvc Value: 1%7C41
.bankinfosecurity.com/	1970-01-19 22:23:36	Name: __gads Value: ID=0b05311dd9c433a9-22c85c9cf4b80023:T=1602120717:S=ALNI_MYFr1yIrb1WJOqcoEZkA8N0PN0__g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 051-ZXI-237 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com
051-zxi-237.mktoresp.com
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com
139c7dc2c025f4ebdd6719717994e1ad.safeframe.googlesyndication.com
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com
adservice.google.com
adservice.google.de
bankinfosecurity.disqus.com
c.disquscdn.com
cdn01.basis.net
chatserver.comm100.com
chatserver3.comm100.com
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com
disqus.com
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
in.ml314.com
m.addthis.com
match.adsrvr.org
ml314.com
munchkin.marketo.net
pagead2.googlesyndication.com
pbs.twimg.com
pixel-a.basis.net
pixel.sitescout.com
platform.twitter.com
ps.eyeota.net
px.ads.linkedin.com
s7.addthis.com
script.crazyegg.com
securepubads.g.doubleclick.net
sjs.bizographics.com
snap.licdn.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
v1.addthisedge.com
vue.comm100.com
worker.ismgcorp.com
www.bankinfosecurity.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
s7.addthis.com
104.109.95.62
104.130.251.6
104.20.4.43
151.101.112.134
151.101.128.134
172.217.16.194
178.79.242.181
192.28.147.68
2.18.233.88
2.18.235.40
23.210.248.44
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:a913
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:816::2008
2a00:1450:4001:81b::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2008
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2001
2a00:1450:400c:c00::9d
2a02:26f0:2b00:79b::3adf
2a02:26f0:6c00:28c::25ea
2a05:f500:11:101::b93f:9005
3.127.178.105
34.120.207.148
34.202.64.133
34.246.29.23
50.56.167.254
52.48.248.240
52.50.67.81
54.77.58.217
66.155.71.25
99.86.245.163
0213d6ba620d7d2d0a56b0b2fbf8bee97103049f4cdebe1b7e4f787d224f432f
0273cea605469c2e3e4db89ebf24d34bf787b777fa23ac05cc34462eacef8bf0
0403c515c5536112b5861d54cac246d18459deda44b39a5a2c5df9de61fb1d31
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055097971005ebe69e878dcac676ffd374023b00105fe44f9eacab592125d26d
073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab
0c4accf30afc031dcb451116c98478ec576f272fd4c3a2238e75de4a9de4783c
0fb6e91af33743bcaa2607e68f577561406f6a2e98706aad910e8b4b87b0d7bc
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
18d1509e3dc50e29a6b2f7abea1790258d79308c9ce70b87cef0643ab2539a29
199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d
1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90
1bef2db7382c6ccb87330344baa7d41b186dae65caf68be842eff0135f7b3fd8
1df54f8dbef8cd08be86c494bca772a96cf27befb090225e493b825f3c9270b0
1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e
22eebfc59195e416f7a2c75d774b2dbc23d676045560dfbfaf2e7a0e5cb0c4be
23da1dd7c3c9ea31b5cba0b16ddc8bd521f11ba2b622692f4ec5703fc7555221
247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251
256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b
28676947b76280b0cdfa4db3d6a2e4709230eb258b557dd9bb74c3018511a95c
29a712b6b2fcbb3b269d7ed6ebf79d824565230ad888cb330850b64d7120a67b
29fc20dde9756a5d7609e0922846a104358f3a14a6d4addaa292d0b6fd7293d0
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2fd5bb4f0b1000cfdade1d1bb5288bfd5e1b2ddb42809982f551825ae3747fd2
3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61
35f2ec4ccf6ffe8eb7d38a99ed8a62168cdbd62b6abe4190ed2f8acbd1e550cf
390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb
3b7d6d0424c30819e0b26d96c8b56b8e4676ac5d653068ff62bb98eca8996ffd
3bd0b92cc518315c75682e4d5224b205a2342a9ef0211f691b75e7ea53ca03a9
3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3
3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939
401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c
4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
498fca4d26545e4c880c6274f52fa51fe3969ab1e00adb93b8bb0758ae0bb6f7
4b5338691e8fe24b9f5c758f9ee0e5b8fdc92ae2fb1d257c2c11ef774ecc5c08
4b76b0645873cc7483c348bf007931e8a0dc7a66b9edee5df59d3c286f5bc3c9
4bb5458a327e2c07911e9c3a33615af83428c2682fab4abc0a691154440801be
4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305
4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186
4c94fa29d3b37f82784d105b9589ab49df1abfc4bd944c1439ed948dd702c7b9
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4d89fe878915363fb946ed51bc60593e90df39059bc1a05c717a0cd9ba5bf58d
4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04
4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390
4f65172cf1560e67a4b40f4a698a4406648240a551fe11c9a63eeafeed3e2aac
4fac36753dd1c16056c04d8142125e708c1d6c44d6d5906e009cd3487917cc56
5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577
52b6282ec22c7e5d1e7053d40b0bf220227931f84ee7a2504cbe29f63581e25a
532a553e83ef36070af13f3cc7185d268e3c1e609a0d58e23044be8497830bd3
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5582702e5c3761e45e6b279aa8adae9fa0dd4e787da99c954bf0cf5926c9e689
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5f58cd7e45b2163d52f7c4f5ec1ff75b21a8e58a7b646da8236bccd95d16f65b
5fec84428e2f011dcfcafc98d11e591d983959534aa6e668f56f4ef00854af79
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
625fe25b5223dbf4bed0ba00d2b4e41a28384ba9fe952e07440b3eab0215a127
6699f01143db728abd2c63ea26e7d067b8908bf6cb84059653757aff1dd885d6
69278fe35261286939e10f3832f461f9bf6addf267ffe0134e26be3d313dbd7d
6ab58161de587ae970a0a44762ee958838e961ef928c58cd9a2e680b3348171c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcab7894c767072695814dde2c7ea423136e59146fead4f5e7513edaf719cd5
6caf904d3dfc096ae3b4e40aed43181686bdf1bac4722b3dd2a775ab6d2a9992
6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0
6fbbe23fd5c7169008f0344223770976f0284da565346d05f27c5d962c536d57
6ff6fc40d92ba4d4853b2b4eda1bad70484a85cceb9bb371d6430b0445d2d944
73c33b32563e2637be90df68581c0ef5bbea9c1a4adb40efb236e864bf0f606b
75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0
77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1
78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1
7992bf4c67b2c0209562ea69a0788e115c7ff3ddbbb955e77be3d0311d87f058
7d02f9bc1c7fcb14a9b1abe6cf2f220a44fa75221025d7c9964f715f0144aa3b
7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760
7f59c27c1725a063adf2ea814ff0a1e3425e732c4cb7ad0baea3ddae5b721085
7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8
80b3a7b8fa2f7513527e5cd22e7674136d237c8382debb79fd57acd70896ea6c
80fd85cca67700fe2c9625b17a9c4117e34b2fb7333b51458243c735fc485a2f
82324d6e0d49fe77e37cb93a805f932eebee61dd336556b374998491bd335c2f
824d9aaecf4d135856a76bb2c792c11c00e60c6502d3272069b6240966fb5092
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8388d38e2cc888f21ec1c50862c6565f1305d98f75a4e86989df4e27a3028a0d
8787b1d280fb289b404d137a9439b0006ad3cd612b0a346292dbb541865f5599
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89
8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf
8bca57519350180478d4a8bda6c1e2d99ceec3257e484459055119da25d71aa5
8ccfdf42877037670930e65c205ea0353531575475d29d62ff8f459b72531e17
8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e
8e60fab2e2b9c19d242fec6e050287e77a856131745637ba776d3e6a3412023c
8fe66db584b92b70607f85dab9ebe96762bbe6a3b6e02af2bb0d74510a9c802b
924dcfe6255f19e5879a4f2a4cd0926789ea50b83ccdde5321687a6184a0b1f0
93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39
93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94
948a0e2203b91961b74d4ca9d8e37734b6f8c7da96f24b70839a52b536541c60
94e0c0d6c127bda523dadca10142ccb5067b5881bf3f54dbd7337bc03f6fe48e
95a98f7584b41c7846eca27c8c01226384b9b8cf1dd80451e05e39ed0ea23e95
963a996b4f381fa89cf3d72ec1bb80c52397585911816e40eba321db4b6a11eb
970ea7e2eced4dea206add7c2f326305464289e4f05dcdb50cbf7547759ae24d
9750103c66507cf469453ea879f16e643e70b85519bb4b7d7239916dd1676b10
98b7a065a2fe07cffa3c706cd7feda83d067e194f82023a614c9a0b312388c46
99219fecaa6e9ee4f6c103172f2b6c870c5f6adab22535afba2090680a3253fa
9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2dafcf75177e09b7505be612ceec9add31f1b0ebf8c8f196d38d73ef2172f24
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0
aa6bb99958c99668c815297194ee751e59e73141765c5a41e4d113313bc0fb0f
abef9398dca2f3d895e72a6f78da7b4bc4e73449dac66e73ced1d384fdd36a05
ac67391ea35b2777dcbda3ab60eb7a2dd809f4c9054a63e53cbf9f2688cecd4e
ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee
b09605e93ea31f8a56878c649fd3d75a316485ad6485aa1c9bcfc5aae121c70f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b876145950a32bf33e85c949aaf29db47402fbffd0f3a969e45fa83b58ac9c67
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de
ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f
baee07e6cf9cf189699de48a4a7009c3920868c17af309a6c3c2fd773082ec46
bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e
bf3b919c876674e37869a3b13b80331adeaab41c7bd1b748e62129ffa4dcacf0
bf6005f6e5e8f5fbecf055ce4e63dfc6096b584acf0973e4da11a5ce408fd414
c09cf4b6a8d7250fd79637fba66286b2b6f61582a5ae71894e1506d302e6cd38
c1fd1157140962871adabb2c4dcae806e3acadb8cd672a995c9a1675e963562b
c52f3c38bf700839dcc21a130b6a28cd5335c704482ea360a5125b6b53c3c46a
c5efe210aa092eb33013911784ca3b8e00aaff8efac48b9f3f189ed7b4607069
c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2
c922571f00cbeeb2c51d53066b76efa9f46487ea6a5a4361fe11ae27312e5e43
ce95c6cde0c6fb2e69a15cca63fded4719cf4275cd03fcc6279cf4d0e9ea0177
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d12f6cf7edbff2f3c822ab34097959439742be46dbef07aa645929594ec1f58c
d78489fc36dabb005c4aa9088e8bf675dbba88db0a40b22b2d6163ac2f693fac
d93f11b9b3c1c2e17e0ccfc61fbec9d56bc19b43afed81580b28da4abf41c3c4
d9a1e6914863b6e8b235cebb1e46878dacef14dc821c61a693dc1f2012d31a1c
d9da61cbf2665aed71c6d5c6d58282fa9ca941d488718bf16fc49f819fa2bbf2
dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279
dcf700ba5224dd4f3d1267daa6665215dcccc63b68589ea33b7349899561a686
e12c7ef56e8244af1de27e6717aea5fedcab5bf4701c6f4c8a7f82a7cefe708c
e23cd6ec036d05a916661b49f4ecd66267741eaca34726213635cad53239c067
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31
e77aff24d02c37edcbeb68b5e565a43367436a996f37b8d8df26c8fa6a368805
e7bd0b1c71678463acb8f96f3a6cd4eeda6ee0c196ded8bf557ac5b2b5ae864a
e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6
e92c893c4ece255df40dc0658343e3b3f191da535a38aae50852ed6608cab64b
ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461
ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d
eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5
eed5c9aa1cfcbf16ce5f17be4822485e52e1b70bf5eaa5d377623861bda7b01a
eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4989b87a5088ddccd1524cd17e30a91080ad977e151fca041ecb9b764c6dc8
f0ba087e5db261aad74219647cb8f9004e32305ab23ef02a162f4c79574dd90d
f0f87842d5f5ddd7b3c1f2ced30c670e494e075769cd798c1c81bd92831121ac
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af
f39f33327378cf5aad8b1d72b7f2c5ced2f64686ee86cd18c2a7dea386151963
f49eaccc717300154b7e0b0ddb63a95b28cb427335e3714472eb4936cc33e8b6
f52831041e56692711b8cef37ed2b9efd1e7a57244700662956ba76ee75e37fc
f8a3f3e789888cc4d06c6168c575b44481339a6cf22395a0f1ae232090937af9
fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

www.bankinfosecurity.com Open in urlscan Pro 50.56.167.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

242 Requests

96 %HTTPS

50 %IPv6

35 Domains

55 Subdomains

39 IPs

8 Countries

11072 kBTransfer

18041 kBSize

13 Cookies

74 Outgoing links

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bankinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

96 %
HTTPS

50 %
IPv6

35
Domains

55
Subdomains

39
IPs

8
Countries

11072 kB
Transfer

18041 kB
Size

13
Cookies

242 HTTP transactions
0 data transactions