www.zdnet.com Open in urlscan Pro
2a04:4e42:4d::666 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Submission: On March 17 via manual (March 17th 2022, 1:18:53 pm UTC) from IN — Scanned from DE

Summary HTTP 211 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 24 domains to perform 211 HTTP transactions. The main IP is 2a04:4e42:4d::666, located in United States and belongs to FASTLY, US. The main domain is www.zdnet.com. The Cisco Umbrella rank of the primary domain is 40719.
TLS certificate: Issued by R3 on February 23rd 2022. Valid for: 3 months.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2a04:4e42:4d:... 2a04:4e42:4d::666	54113 (FASTLY) (FASTLY)
5	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:ef:... 2a02:26f0:ef:296::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.230.129.221 3.230.129.221	14618 (AMAZON-AES) (AMAZON-AES)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
3	151.101.66.154 151.101.66.154	54113 (FASTLY) (FASTLY)
1	34.120.203.121 34.120.203.121	15169 (GOOGLE) (GOOGLE)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	18.66.139.69 18.66.139.69	16509 (AMAZON-02) (AMAZON-02)
14	54.172.4.218 54.172.4.218	14618 (AMAZON-AES) (AMAZON-AES)
2	34.206.125.115 34.206.125.115	14618 (AMAZON-AES) (AMAZON-AES)
44	104.108.145.172 104.108.145.172	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.56.234.21 52.56.234.21	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:287::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	3.127.86.46 3.127.86.46	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
211	32

40 2a04:4e42:4d::666 (United States)

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:ef:296::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.129.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-129-221.compute-1.amazonaws.com

a.myfidevs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.154 (United States)

ASN54113 (FASTLY, US)

at.adtech.redventures.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.203.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.203.120.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-69.fra60.r.cloudfront.net

cdn.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.172.4.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-4-218.compute-1.amazonaws.com

ingest.make.rvapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.125.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-125-115.compute-1.amazonaws.com

taggy.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redventuresgamdisplay60805146916.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.56.234.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-234-21.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

02179916.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3f74300a17a7c2fe26913db904f89122.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.86.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-86-46.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	zdnet.com www.zdnet.com — Cisco Umbrella Rank: 40719 urs.zdnet.com — Cisco Umbrella Rank: 184210	463 KB
36	moatads.com z.moatads.com — Cisco Umbrella Rank: 329 mb.moatads.com — Cisco Umbrella Rank: 587 geo.moatads.com — Cisco Umbrella Rank: 553 px.moatads.com — Cisco Umbrella Rank: 392	742 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 3f74300a17a7c2fe26913db904f89122.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122	157 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	399 KB
14	rvapps.io ingest.make.rvapps.io — Cisco Umbrella Rank: 12411	2 KB
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	234 KB
11	moatpixel.com redventuresgamdisplay60805146916.s.moatpixel.com — Cisco Umbrella Rank: 28534	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	111 KB
5	cohesionapps.com cdn.cohesionapps.com — Cisco Umbrella Rank: 10643 taggy.cohesionapps.com — Cisco Umbrella Rank: 30484	35 KB
5	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 450	116 KB
4	gstatic.com fonts.gstatic.com	115 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
4	myfinance.com static.myfinance.com — Cisco Umbrella Rank: 10200 www.myfinance.com — Cisco Umbrella Rank: 9900	65 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	107 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	redventures.io at.adtech.redventures.io — Cisco Umbrella Rank: 23359	148 KB
3	go-mpulse.net c.go-mpulse.net — Cisco Umbrella Rank: 545	52 KB
2	akstat.io 02179916.akstat.io — Cisco Umbrella Rank: 50975	708 B
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1460	96 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 309	1 KB
2	myfidevs.io a.myfidevs.io — Cisco Umbrella Rank: 11201	166 B
1	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1710	345 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	18 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 727	457 B
211	24

	Domain	Requested by
40	www.zdnet.com	www.zdnet.com
26	px.moatads.com
19	s0.2mdn.net	www.zdnet.com s0.2mdn.net
14	ingest.make.rvapps.io	www.zdnet.com
12	tpc.googlesyndication.com	www.zdnet.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.zdnet.com tpc.googlesyndication.com www.googletagservices.com
11	redventuresgamdisplay60805146916.s.moatpixel.com
11	securepubads.g.doubleclick.net	www.zdnet.com www.googletagservices.com
7	z.moatads.com	www.zdnet.com s0.2mdn.net
5	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
5	cdn.cookielaw.org	www.zdnet.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	confiant-integrations.global.ssl.fastly.net s0.2mdn.net
3	www.googletagservices.com	www.zdnet.com
3	googleads4.g.doubleclick.net	www.zdnet.com
3	cdn.cohesionapps.com	www.zdnet.com cdn.cohesionapps.com
3	at.adtech.redventures.io	www.zdnet.com
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net
2	www.google.com	www.zdnet.com
2	02179916.akstat.io	www.zdnet.com c.go-mpulse.net
2	geo.moatads.com	z.moatads.com
2	taggy.cohesionapps.com	www.zdnet.com
2	confiant-integrations.global.ssl.fastly.net	www.zdnet.com
2	bam-cell.nr-data.net	www.zdnet.com
2	www.myfinance.com	www.zdnet.com
2	a.myfidevs.io	www.zdnet.com
2	static.myfinance.com	www.zdnet.com
1	protected-by.clarium.io
1	3f74300a17a7c2fe26913db904f89122.safeframe.googlesyndication.com	www.zdnet.com
1	adservice.google.com	www.zdnet.com
1	mb.moatads.com	z.moatads.com
1	urs.zdnet.com	www.zdnet.com
1	js-agent.newrelic.com	www.zdnet.com
1	geolocation.onetrust.com	www.zdnet.com
211	34

This site contains links to these domains. Also see Links.

Domain
academy.zdnet.com
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.ic3.gov
twitter.com
www.mcafee.com
www.bleepingcomputer.com
www.dmv.ca.gov
content.govdelivery.com
monroewa.gov
thescoop.seattle.gov
redventures.com
www.facebook.com
www.linkedin.com
www.youtube.com
narratives.zdnet.com
privacyportal.onetrust.com
support.zdnet.com

Subject Issuer	Validity	Valid
*.zdnet.com R3	`2022-02-23` - `2022-05-24`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.myfidevs.io Amazon	`2021-12-07` - `2023-01-04`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
at.adtech.redventures.io R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
rv-urs.zdnet.com GTS CA 1D4	`2022-03-11` - `2022-06-09`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
cdn.cohesionapps.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
ingest.make.rvapps.io Amazon	`2021-09-26` - `2022-10-24`	a year	crt.sh
*.taggy.cohesionapps.com Amazon	`2022-01-28` - `2023-02-26`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Frame ID: 20D0C64FF34A29EC2057BF1A18D718B4
Requests: 126 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 6681D995A0D94C1B67869209016A5D60
Requests: 2 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: E22E6EBC056F98B5C83DAF50FB2C4309
Requests: 2 HTTP requests in this frame

Frame: https://3f74300a17a7c2fe26913db904f89122.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12736DC700E2296840E0B8659A238065
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcD8pJQTkI4M1O0dSJb1AiKfw-1d6aSlQpGH0J8D0I22jRGLWTKM-IA8AaFWFtBdv4y_ZIdMl1dt_AapHbaQLjlFRbMhbRpJWKrQK05OwU0_j7SYSlG3UTyS_FAQxF6mSHR3S-V18ozKHmdgA_faLQuvAfFuArRSbLDSYx3NHu-6L7Xkq39lTGlFHK0t0SfvBwJfMKgybAmEZb2WkyMEMCq5LZkyTICUsSMjn-OxSJPjpUXdPioncljGJU8SVu96Ee65uEX7q1IRa5FvigzVt16hIpIXTEWvrvuSoErM4beo7SQsdm7bELSf2uBiUxjUj0MNtwDSa3rWnKn80gkzyADu9FwkLJhpL6hIm2DTK-Qq956dH7URwz_ns8XNLKX1Ck3TvAG3s8A6Vl72WEbyMj&sai=AMfl-YSfdIbDVG1kL63thbzIdZig8TMCsX8e5EYFWEa8Giw0xCPMPwBkC__myr9QeA-4gV2F-dLX_3fYtREwww-UPI6zDhuYa4soz71vV-gNiqp57qGtDQ0wHHaSNMek4F0&sig=Cg0ArKJSzP4Ogqi8hhepEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 8A8C908D2341C9EA346872B2B9B1C90E
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: E4D8B5164622BB14DD4069EA60E8E41E
Requests: 16 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6oESM8WXWkMoWnaK02j-oj5SSiVV3Tvs-VYFvKeK7kZoauZrDzbu9TBtraLnskx3UhZgUqZSU6hFIlDUbVpUEoG4622LcXsUBQri4EN16_FXnUDBvxWuDlTw46Bx77J_vdGG1e0SE_XFZTAJzO-j7gdbWpGxVTROgUZ_R0OiIdd2djhqCsp6lRb-3t_yS--tj74bMD9A2CM6XDq9oAPWuwUdERermb-GVKCxdlX6MOcOycsv26iRQEdhlFOROVmjrM3pMa2XxJaGkcxaaKtiYhZ6W05bCgYrWgRUhVlxxPwsFtezkbJWx_H8BH3bu0LAtyDg0wrPsC1AB5dhGPCaH8cOwd-rHiT5rAGxFV-tgk4wuhj0l-3w6x9I86WMlQg78qgf70KaeRh8ZbvxpwKXY&sai=AMfl-YQLAU8AOaZqju8f7kLKAZsHAzSvzt8OV0ZC0kY7soTXxBw0RBoZO4CD8kRf1kjY91NBXElWt_-17IujhT-GKO1KNnkHhLoV_bIoYLcThDn3_jYeoTvomUcYHVeTyfg&sig=Cg0ArKJSzBu7eR35spt4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 0E3ED40451A9FA6D68D9D008E28B19AA
Requests: 9 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGHBzrCkayFye_90mGszE7OitZf43AT-mukfuQhrjnttCpmIt7Ei73azVbkG0696Kl9AbXfGt49UkdLcnJB_HRy9qUl-X0_awIjUU1ILuonDOz1Vj9eYcg8PvxGftSfflMaN-f_mLfMdQ5MT_nkfySL7yadHfTp6HzNgE7n94xBcOXnHSD7Qf__JjmzyKkzHls94ifc9Wc8fMukYTHMcfcqczFAv99YRDyp7uWblqILsptBs8lML2dHvKgryFoPFSuTxfMBlTHqCQwBUTH_opo-2-bvIvOmEl8RZXQfUKwhju0O_v8xCaAf7hG9kF7zSQHSdkdVecrYCOoSv3HirtPYep4QFjeuvjGqW0V4QdzTKTioQLlozaT7HecOKeR_oUHHE31qITtzz3vV_47Vjvs&sai=AMfl-YSQ89lmqf4P6WcQCefA_GV2W1-RlLu2Klr2l4QcaiHwfqsAT_VuEnj0vGOKJ22KUO_Y3KgtFsvXbtfOM0cDbYU5oBCTb1qNLVmVu6Twc-yVgSfjkEK-dQf2nV576XtH&sig=Cg0ArKJSzB92Qb6whaQdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 4DF5DE3DDA0944768BFB546BE3D0E67E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2D44348802D799F8E1CF70BA97743E86
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/11581985/1642457886415/index.html
Frame ID: CFFBB07A2C50AC14D212E06457C3C9AC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0115156DEE2B5B5E0C99AC773F45CA24
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9C72D08D88760A5CAF6D192EE94A9D8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/11581985/1642030774101/index.html
Frame ID: 884546E44CF2155990C4684DC5D0DE26
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/11581985/1642030774101/index.html
Frame ID: 970167B74C51796409A82F8E42F932AE
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8AF7E75152C2D551D81F62CA621679B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C28362C227E57FBD727D482D1A6C26C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FBI: Cuba ransomware group hit 49 critical infrastructure organizations | ZDNet

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

211
Requests

100 %
HTTPS

55 %
IPv6

24
Domains

34
Subdomains

32
IPs

3
Countries

2868 kB
Transfer

8248 kB
Size

28
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: https://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: https://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: https://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/Media/News/2021/211203-2.pdf
Title: released a new notice

Search URL Search Domain Scan URL

URL: https://twitter.com/BrettCallow/status/1466844637688041479
Title: His data

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-cuba-ransomware.pdf
Title: detailed report

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/us-cities-disclose-data-breaches-after-vendors-ransomware-attack/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: https://www.dmv.ca.gov/portal/security-breach-at-address-verification-company-may-compromise-dmv-information/
Title: California

Search URL Search Domain Scan URL

URL: https://content.govdelivery.com/accounts/WALYNNWOOD/bulletins/2c24c24
Title: multiple

Search URL Search Domain Scan URL

URL: http://monroewa.gov/CivicAlerts.aspx?AID=3766
Title: cities

Search URL Search Domain Scan URL

URL: https://thescoop.seattle.gov/2021/02/18/thid-party-vendor-incident/
Title: Washington

Search URL Search Domain Scan URL

URL: https://redventures.com/CMG-terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://redventures.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/79ba7c84-ebc2-4740-8d11-bf1cc4501e59/ae88e03f-2b16-4276-9980-27124ba4b2c1
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://support.zdnet.com/
Title: Site Assistance

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

211 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/ 316 KB
101 KB 1227ms
1183ms Document
text/html 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60e0150bdef451ae1bd8cdcd88a690665acd2023101b04d6725f26cc64029f02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Thu, 17 Mar 2022 13:18:44 GMT
link: <https://www.zdnet.com/a/fly/css/core/main-be255a6047-rev.css>; rel="preload"; as="style"; nopush
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: da36e662-b570-426c-a213-27d78444ec80
x-xss-protection: 1; mode=block
date: Thu, 17 Mar 2022 13:18:44 GMT
via: 1.1 varnish
cache-control: max-age=5400, private
expires: Thu, 17 Mar 2022 14:48:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-length: 102802

GET
H2 200 main-be255a6047-rev.css
www.zdnet.com/a/fly/css/core/ 310 KB
53 KB 11ms
11ms Stylesheet
text/css 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/css/core/main-be255a6047-rev.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d999189ef93f6fb7742da9850906afc17e49e768a8888361d709c1a4118e0148

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:44 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 54322
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 09:54:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "b74c519c63daa71c1618e25dc21e39e7"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 09:55:36 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 42ms
15ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: tIKwvumWYF6u8xFeFGeRKQ==
age: 5393
vary: Accept-Encoding
content-length: 6486
x-ms-lease-status: unlocked
last-modified: Thu, 17 Mar 2022 02:31:50 GMT
server: cloudflare
etag: 0x8DA07BE4A6E172A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0c8ff414-801e-0047-58b1-39078d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6042b3a43699b-FRA

GET
H2 200 optanon-v1.1.0.js Show response
www.zdnet.com/a/privacy/optanon/ 36 KB
10 KB 7ms
6ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/privacy/optanon/optanon-v1.1.0.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:44 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 10444
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Mar 2021 19:22:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "46e2aa30cbebb708b5fc468d57d56d8b"
strict-transport-security: max-age=31536000
content-language: en
via: 1.1 varnish
cache-control: public, max-age=86400
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Mar 2022 09:31:51 GMT

GET
H2 200 headshot-2.jpg
www.zdnet.com/a/img/resize/f0bbe46eb924a42c2089410d297965cfcf5caf8a/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/ 534 B
706 B 9ms
8ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/f0bbe46eb924a42c2089410d297965cfcf5caf8a/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/headshot-2.jpg?width=50&height=50&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

41b41054221f9790b0e811de4ce9cf3698de3ed02b2d6cabdfa854376a8e7f29

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:44 GMT
via: 1.1 varnish
fastly-io-info: ifsz=28670 idim=280x280 ifmt=jpeg ofsz=534 odim=50x50 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1588638183284258
fastly-stats: io=1
content-length: 534
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ASGSLK85XXpNIGTAgCbLjFMZtz8RlF7NfXpOK1SgbVg"
vary: Accept-Encoding, Accept
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: image/webp
expires: Tue, 08 Mar 2022 13:17:54 GMT

GET
H2 200 headshot-2.jpg
www.zdnet.com/a/img/resize/3b698b059a0b6f3de3d965c35f085ecfb983f2be/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/ 810 B
1023 B 9ms
8ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/3b698b059a0b6f3de3d965c35f085ecfb983f2be/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/headshot-2.jpg?width=70&height=70&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

87e4be9904c7a7dc6b6631cd87aa836df597005621d5acf4557a4bcef4f9ecf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:44 GMT
via: 1.1 varnish
fastly-io-info: ifsz=28670 idim=280x280 ifmt=jpeg ofsz=810 odim=70x70 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1588638183284258
fastly-stats: io=1
content-length: 810
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "eYIGoeExSCrpcLWPZ8xn1EJxh8+WISUX1aPJa8OfSKM"
vary: Accept-Encoding, Accept
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: image/webp
expires: Tue, 08 Mar 2022 13:17:54 GMT

GET
H2 200 2020-03-18-at-12-23-32-pm.jpg
www.zdnet.com/a/img/resize/49d9e9b2c43f91c2da4a22f58d74310f2ecd424d/2020/03/18/7c2e2258-7566-4e66-9059-a1a8aedf00b4/ 4 KB
4 KB 8ms
7ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/49d9e9b2c43f91c2da4a22f58d74310f2ecd424d/2020/03/18/7c2e2258-7566-4e66-9059-a1a8aedf00b4/2020-03-18-at-12-23-32-pm.jpg?width=220&height=165&fit=bounds&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7d4ff5770358fec54db45a8be051a96a5041e443f17fc068d1ef9fd79e0c7fab

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:44 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=105669 idim=1642x1096 ifmt=jpeg ofsz=3626 odim=220x147 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1599085316373399
fastly-stats: io=1
content-length: 3626
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "PVxvqzoyP0cSFXtBEyFjjP3ShwJ6pTBF9Iw44Q2v1lk"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Tue, 08 Mar 2022 13:03:10 GMT

GET
H2 200 require-2.1.2.js Show response
www.zdnet.com/a/fly/js/libs/ 16 KB
6 KB 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:44 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 15:23:52 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "cd6c17e4cefd3db39cd5b84c5b7760f4"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 15:27:22 GMT

GET
H2 200 inlineMedia_core.js Show response
static.myfinance.com/widget/ 183 KB
62 KB 68ms
25ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia_core.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7263125ec31b9bfb6150f5190c8e65ee1f929e3a7073d8cd09443ed1262080f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4036
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F9PNEDGW940EWTYV
x-amz-id-2: nkJi0ho5uw1rBGWjL/0GWe1yXqKkEiufKOTcsahoS4n4A4S21Br5XFujwi0hm0JrhnE+SnVGsRM=
last-modified: Tue, 08 Mar 2022 19:58:07 GMT
server: cloudflare
etag: W/"4f438f1c3fa28d78584f166156336eb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e7q9C%2FqDyeDTsQrCE3ALn8vijRXwkNz9ajikMFLnLcNLGQRhl%2BKHfdt9Uar5p38troaukt2%2FLhD6pcsnIVqOERyFd4iEGaEbrttOYL%2FaNH6h8j3%2FeE7HaMUAlH1hBOsDVY6IOLYlEvY8fBQvSMEYDYKLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6ed6042b7ab6699b-FRA

GET
H2 200 controls-ef11093848-rev.css
www.zdnet.com/a/fly/css/video/htmlPlayerControls/ 25 KB
4 KB 7ms
6ms Stylesheet
text/css 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/css/video/htmlPlayerControls/controls-ef11093848-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

25c94cd4347d09bfe600df0feb45051552d4c333d8fb3cfdf4d03cd7078ee75b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:44 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 4314
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 09:54:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "276400f25e20b85e723420bebad3c7c1"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 09:55:36 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame 6681 205 KB
50 KB 30ms
12ms Script
application/javascript 2a02:26f0:ef:296::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ef:296::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:18:45 GMT
Content-Encoding: br
Last-Modified: Sun, 12 Dec 2021 17:26:57 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET service-worker.js
www.zdnet.com/ Frame 0
0

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 inlineMedia.css
static.myfinance.com/widget/ 3 KB
2 KB 38ms
24ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RM9EMK8GHMB7NW7G
x-amz-id-2: rO4/tb/v63P6c/qJxa0JBYiRUj2pmFCIHFUoYyKlU+xVn/UKNLDsHpQEB0iQ2jT47cP+krHxRTQ=
last-modified: Mon, 12 Jul 2021 14:22:18 GMT
server: cloudflare
etag: W/"528a38ce39fc58a866c1226253bbb189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2ldpo%2BJgbeUfHTpjjZZxLid8qyFA7Ets6Xj1i%2FbKvESs7wYIwtTUpgisS4CPdeLg2PYtzEQnvn3e8s8XNPVoEGG6iLK2e4znBjwz6KcIFBz%2F%2FUOJY0Y0eiQzMVExwMZ7%2Ff7mLOqQBBW1WyDLpOtMl4MlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6ed6042b7ab8699b-FRA

GET
H2 200 logo.png
www.zdnet.com/a/fly/1647510673-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 9ms
7ms Image
image/png 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/fly/1647510673-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/css/core/main-be255a6047-rev.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/a/fly/css/core/main-be255a6047-rev.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://*.zdnet.com:*
via: 1.1 varnish
last-modified: Thu, 17 Mar 2022 09:54:33 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 13:18:45 GMT
vary: Accept-Encoding, Accept
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4105
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 09:55:46 GMT

GET
H2 200 Regular.woff2
www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 9ms
8ms Font
font/woff2 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Mar 2022 15:19:47 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2d636d9395b2da27ce67040250333ca4"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 15:27:21 GMT

GET
H2 200 Semibold.woff2
www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 9ms
8ms Font
font/woff2 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Mar 2022 15:19:47 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a96ff4477074c6395b7305d2d98fde8e"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 15:27:15 GMT

GET
H2 200 e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/ 3 KB
2 KB 34ms
17ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaf765d314b24473895a9ece61135d31023528c3b65129051b2c5a471d780604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xkIaWO5Hr0+rNu9IdoYHdw==
age: 12694
vary: Accept-Encoding
content-length: 1425
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jul 2021 15:15:53 GMT
server: cloudflare
etag: 0x8D94223473B0939
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6b7a330a-601e-004d-2d15-b61e04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6042bc931997b-FRA
expires: Thu, 17 Mar 2022 17:18:45 GMT

GET
H2 200 main.default.js Show response
www.zdnet.com/a/fly/ccc1e3-fly/js/ 222 KB
70 KB 7ms
6ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

77d963af9a6fd33fd143e96de3816ebbf424ccbf5a0aced977bf4eb9b3ebb095

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 71526
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 09:54:20 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "659bb1d2ed19902dc17d785f67aa1ad1"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 09:55:36 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 70ms
38ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ed6042c29c59214-FRA
access-control-allow-headers: Content-Type

OPTIONS
H2 204 record
a.myfidevs.io/ Frame 0
0 314ms
102ms Preflight 3.230.129.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.129.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-129-221.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: *
server: Python/3.7 aiohttp/3.7.4.post0

OPTIONS
H2 200 v1.5
www.myfinance.com/api/au/ Frame 0
0 165ms
124ms Preflight
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93d3cuemRuZXQuY29tL2FydGljbGUvZmJpLWN1YmEtcmFuc29td2FyZS1oaXQtNDktY3JpdGljYWwtaW5mcmFzdHJ1Y3R1cmUtb3JnYW5pemF0aW9ucy8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-type: text/html; charset=utf-8
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken, x-api-key, Access-Control-Allow-Origin
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ailzyIL9Uiuvx%2B0z%2BuAZAiAlvwl910cVCJQszg417k5MC5sKJlVPtTzGRghEWJTB9MAqsaqX7s%2FzpFnQIsmj0fE8KUN6f%2BRg2sx8WCFkVJQCdlvVNSRYMaLJp79hr1bPvZOffUDPx9bleDz01SJI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6ed6042c594e9be9-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 record Show response
a.myfidevs.io/ 0
166 B 134ms
133ms XHR
text/plain 3.230.129.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.129.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-129-221.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-api-key: yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
server: Python/3.7 aiohttp/3.7.4.post0
access-control-allow-headers: *
access-control-allow-methods: POST

POST
H2 200 v1.5 Show response
www.myfinance.com/api/au/ 1 KB
1 KB 307ms
306ms XHR
application/json 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93d3cuemRuZXQuY29tL2FydGljbGUvZmJpLWN1YmEtcmFuc29td2FyZS1oaXQtNDktY3JpdGljYWwtaW5mcmFzdHJ1Y3R1cmUtb3JnYW5pemF0aW9ucy8=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f30dba8a6198200c0bbe8080d1b9126254eb14884bb4fe48ef71775579e6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: application/json
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
allow: POST, GET
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uexw%2BHJJnRRWronUd1QvcrREOnCFJBUrMu09DqBduV5pt5L2jl9aB6oGDZaUUWTb8Ie0omApJD9gU9SlT5H1BkXWZMvXxIjj%2Fj3yR6xjA2Fil%2B3mYCAc5ZQrGYXWHFEdskFCaWemZL2I1yIzgcK5lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
access-control-allow-origin: https://www.zdnet.com
vary: Accept, Accept-Language, Origin, Cookie
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 6ed6042d2add9be9-FRA
expires: Thu, 17 Mar 2022 13:18:45 GMT

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 23ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: 2T668NC3H6XRH3JM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: z3ZqPCO5H2fAGveHR6fjGtcOihhegJNM/yscm5AE5zxFfnMu1pdPU5pzTJPseqp7FaurMRqqEiI=
x-served-by: cache-hhn4061-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1647523125.172812,VS0,VE0
date: Thu, 17 Mar 2022 13:18:45 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 14802

GET
H2 200 bidbarrel-zdnet-rv.min.js Show response
at.adtech.redventures.io/lib/dist/prod/ 491 KB
148 KB 44ms
7ms Script
application/javascript 151.101.66.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f808f80e0a6828022228c0fcd89ff0a7338bc5f6a7ce891327f7e51bc3d46d06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 varnish
age: 206
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 150641
x-served-by: cache-hhn4028-HHN
last-modified: Tue, 22 Feb 2022 18:12:52 GMT
server: AmazonS3
x-timer: S1647523125.198132,VS0,VE1
etag: "884860ff0a347f6d5ef39ade0d7af3f2"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=900, public, must-revalidate
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: JDXpl8U5YXsjR1_Ioy6DvWpOWaoYBm_BNEkDBf5t9RpjcpVpjt9myw==
x-cache-hits: 1

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 6681 2 KB
1 KB 235ms
220ms XHR
application/json 2a02:26f0:ef:296::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5491744&v=1.720.0&if=&sl=0&si=bf3efde9-4fe4-453f-afd6-3500f613b743-r8w4z8&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ef:296::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1890aaa1d2b4409da519b9d692abc4b421f51f60583256aa6ee5d19450f8ff06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:18:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 806

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 162ms
114ms Script
application/javascript 34.120.203.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.203.121 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

121.203.120.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 17:00:48 GMT
etag: "5ffdd5c0-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51203

GET
H2 200 mpulse-1.0.2.js Show response
www.zdnet.com/a/fly/js/libs/ 61 KB
12 KB 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 15:23:52 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "b9e217352cd6ef0ae06b5b3d16c89be9"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 15:27:22 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 17ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 5393
vary: Accept-Encoding
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:48 GMT
server: cloudflare
etag: 0x8D941124BEC2620
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c80544a0-e01e-003a-4bc0-119b45000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6042c6bf9699b-FRA

GET
H/1.1 200
OK NRBR-a22c617a7b2aab2da1c Show response
bam-cell.nr-data.net/1/ 49 B
725 B 177ms
143ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRBR-a22c617a7b2aab2da1c?a=695782443&v=1215.1253ab8&to=NgYBNkBYWEEEAURQWg9MIgFGUFlcSgNCTVwCDwY9QVBYVQkH&rst=1467&ck=1&ref=https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/&ap=943&be=1252&fe=1432&dc=1303&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1647523123719,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:29,%22c%22:29,%22s%22:35,%22ce%22:45,%22rq%22:45,%22rp%22:1227,%22rpe%22:1239,%22dl%22:1231,%22di%22:1302,%22ds%22:1302,%22de%22:1303,%22dc%22:1432,%22l%22:1432,%22le%22:1435%7D,%22navigation%22:%7B%7D%7D&fp=1356&fcp=1356&at=GkEWQAhCSx5HAxIDThwe&jsonp=NREUM.setToken
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:18:45 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6ed6042caf329b9b-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 218ms
204ms XHR
application/json 2a02:26f0:ef:296::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1647523125190&s=010adfab59095b7ba82f09cd4cafcc606f1b98d21f2b41c5cc3845e2e9d65d56
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ef:296::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6717fef2469c80e90757494d78c3c422dd5651bf43dc64f072d04dfd1ee2c89d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:18:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 877

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/069e0a06-a1be-44f5-9a8f-926f2985d489/ 93 KB
20 KB 15ms
14ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/069e0a06-a1be-44f5-9a8f-926f2985d489/en.json

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c83de3876b70820a0a835648010dc49a5600d6c3dd65f1a1e19ff44d33663083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AlmWtxV11YCExQkuyz0PJA==
age: 390
vary: Accept-Encoding
content-length: 20136
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jul 2021 15:15:59 GMT
server: cloudflare
etag: 0x8D942234AE979B3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fd3a4b54-e01e-00fd-08e9-10e784000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6042caa56997b-FRA
expires: Thu, 17 Mar 2022 17:18:45 GMT

OPTIONS
H2 200 diff
at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/ Frame 0
0 136ms
123ms Preflight
text/html 151.101.66.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: b958fd59ebefc9e01035c42d5a5b0849
server: Google Frontend
accept-ranges: bytes
date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
x-served-by: cache-hhn4083-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1647523125.266398,VS0,VE115
vary: Accept-Encoding, Origin
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/ 168 KB
34 KB 33ms
6ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9b3bdd62c372b0a78468fd830242e508ea16dcf217ebd4d3e5ec745da8b179e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:18:45 GMT
Content-Encoding: gzip
Age: 357
X-Cache: HIT
Connection: keep-alive
Content-Length: 34024
x-amz-id-2: iV2/6U0zSyrNicWB7AVD/eeqiu/ESZUFhHh1p8Snw2snUGDD6mCgKDTWaUqXM8IIZm2PH0uRhgM=
X-Served-By: cache-hhn4077-HHN
Last-Modified: Thu, 17 Mar 2022 13:04:02 GMT
Server: AmazonS3
X-Timer: S1647523125.265742,VS0,VE0
ETag: "ab6c6c9a2cce0860536dc0b315fee006"
x-amz-request-id: 0CF6TBMJX89JEXGK
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 15

GET
H2 200 diff Show response
at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/ 364 B
467 B 9ms
7ms Fetch
application/json 151.101.66.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0ddfc757b968f988a5a80ec7b986d25d036078636fe587483d043d4c120d3cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cat: itQA9K1qg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
variant: core
version: rv2.26.2

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 807
x-dns-prefetch-control: off
x-cache: HIT
ttl: 900s
content-length: 283
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4083-HHN
access-control-allow-origin: *
server: Google Frontend
x-timer: S1647523125.392443,VS0,VE1
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 13:18:45 GMT
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 5e9fe13817a37a170936be96d2250bca
cache-control: max-age=900
etag: W/006322760b9a0410a43c7bd3955412c4de7af8f1
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 133ms
50ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b1ec89a1c03190db8df843e1dfcfb547111c383f7c0e4c722b99491149e4dfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27784
x-xss-protection: 0
server: sffe
etag: "1160 / 142 of 1000 / last-modified: 1647515258"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Mar 2022 13:18:45 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 13 KB
3 KB 19ms
19ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFlat.json

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OL7qnwFOarng5AW29V9Pw==
age: 12576
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:42 GMT
server: cloudflare
etag: 0x8D94112485FC2D3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6692ae74-801e-002a-30ff-01ada3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6042ceab9997b-FRA

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/ 192 KB
62 KB 6ms
6ms Script
application/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/wrap.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0258fc4beda23edc6aefebf079cdd6b98ffe37cde48469227e70522b719764dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:18:45 GMT
Content-Encoding: gzip
Age: 496
X-Cache: HIT
Connection: keep-alive
Content-Length: 62683
x-amz-id-2: +EtXudgZE1MjTd2em/EamY3DIdHt97SSReAruYAqswwbTfFE2DRuFqlx8WU1hs+nZzN7s+Tx4tY=
X-Served-By: cache-hhn4077-HHN
Last-Modified: Tue, 15 Mar 2022 17:14:29 GMT
Server: AmazonS3
X-Timer: S1647523125.298327,VS0,VE0
ETag: "3ee184f4256ab0ed9294b36827455eb4"
x-amz-request-id: Q4H4MB7ZXEBXJFHM
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1976

GET
H2 200 cohesion-latest.min.js Show response
cdn.cohesionapps.com/cohesion/ 80 KB
22 KB 34ms
7ms Script
text/javascript 18.66.139.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a89fefe62a3aefdaae686026c0fe9b8f65206929032b1b905b9ddf6fac51c7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 17 Mar 2022 12:04:30 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:04:26 GMT
server: AmazonS3
age: 4456
etag: W/"e10a18dc45998ad744bcb5ad1b678b1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-type: text/javascript
x-amz-cf-id: BfvhqXyiqzIo2ZYiCr_WVPBlabq7Z36zxIj83-38KNQYmyStYdpY6g==

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 325ms
98ms Preflight 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 324ms
99ms Preflight 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 320ms
98ms Preflight 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 319ms
98ms Preflight 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 318ms
99ms Preflight 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 137 B
270 B 136ms
132ms XHR
application/json 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash: ffb9240b0e50417070fca7723227fa7a4b8e9b3789f42db807d4e8fc2ec54095

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
content-length: 137
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 137 B
270 B 120ms
117ms XHR
application/json 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash: 2436be3280975bf44b35a453a4a590e93e31b6a745cb9d2912278da3ba6870a1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
content-length: 137
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 135ms
131ms XHR
application/json 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash: a9bdc047a5617c5d6d0aafa2fc46cd7499af2d4740088830c9e4da34cd0a7c30

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 134ms
130ms XHR
application/json 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash: c323155bda999f53a727824fcb71fb335b716d2e665841ba507c2b7871aa39a8

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 118ms
115ms XHR
application/json 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash: cf9aaf88d8d3f6de1956dee63fc5bc3b360aa205aed4969bcf2e626ca2c4afc3

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 xs1.html Show response
cdn.cohesionapps.com/cohesion/ Frame E22E 2 KB
1 KB 7ms
7ms Document
text/html 18.66.139.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

content-type: text/html
date: Thu, 17 Mar 2022 12:04:30 GMT
last-modified: Thu, 17 Mar 2022 12:04:26 GMT
etag: W/"10b2c1751c2247b1aeccc91060f971cf"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 0-76EAKbz4Y_TixmNyzQ5aLHJnDMrdoGfOijAwhf-fhiOfB-SeoFnQ==
age: 4456

GET
H2 200 public Show response
taggy.cohesionapps.com/implementations/ 10 KB
11 KB 98ms
95ms XHR
application/json 34.206.125.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://taggy.cohesionapps.com/implementations/public
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.125.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-125-115.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4c3e5b57a30770f689584ac54b4457ba29fdcddb416b32297750aeb5f16d9e84

Request headers

Source-Key: src_1kYsAcdpfzbZ8UlNLYht1RPg3m2
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Page-URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
x-powered-by: Express
etag: W/"2960-Ndld1CrPBKUMwnesrimamsJEAm8"
content-length: 10592
content-type: application/json; charset=utf-8

OPTIONS
H2 204 public
taggy.cohesionapps.com/implementations/ Frame 0
0 307ms
94ms Preflight 34.206.125.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://taggy.cohesionapps.com/implementations/public
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.125.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-125-115.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,page-url,source-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,page-url,source-key

GET
H2 200 article-8269acd0ae-rev.js Show response
www.zdnet.com/a/fly/js/pages/ 102 KB
26 KB 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/pages/article-8269acd0ae-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

77534605d7f4bf6131511e44b4da078721199a58ed38e00b2d26cb97fc9e4a7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 26942
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Mar 2022 16:33:24 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4159621a92373e72eaff286c8085cdc5"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 16:34:19 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/redventuresgamheader644747280705/ 241 KB
83 KB 58ms
19ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ae5af210b56a93bc7182e423342e6ad1f4783aa087df3d05e64e7dcee4a6678

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 16:50:31 GMT
server: AmazonS3
x-amz-request-id: 6VRAB5ZG964SFZWX
etag: "4d26c0fde1ec5ae9e3eb9d9bcde5ff46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11501
accept-ranges: bytes
content-length: 84216
x-amz-id-2: Qf4gLSQ8LBGbc0ZWkkXBM3RuuMjk7Tdq95McdXimpj0txFFzm3BTrlrzqsSuHfSZ0LHEHsOuXTU=

GET
H3 200 pubads_impl_2022030901.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
121 KB 85ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123713
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 09:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 13:07:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 220 B
154 B 97ms
49ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zdnet.com

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e5f7cfcae397d7a1faf00acf6eaf4a7c4d4bb3f749d638c1e7899ef6887e9ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
expires: Thu, 17 Mar 2022 13:18:45 GMT

GET
H2 200 xs2.html Show response
cdn.cohesionapps.com/cohesion/ Frame E22E 473 B
834 B 7ms
6ms Document
text/html 18.66.139.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs2.html
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cohesionapps.com/cohesion/xs1.html

Response headers

content-type: text/html
content-length: 473
date: Thu, 17 Mar 2022 12:04:30 GMT
last-modified: Thu, 17 Mar 2022 12:04:26 GMT
etag: "ffa03bed298484a7755ca23c5431cb28"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: NGxfP6erkvopjpBCBCDd7xghv40kpcKbxmHxiD8NwaWNUOtzrnzOQg==
age: 4455

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
1 KB 120ms
120ms XHR
application/json 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f190d853631866b9d3c914e88de91b630dba243ffeff5939aa723f3929171e41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VgEBVlJWCRAGXVRVDwMDUlc=
tracestate: 78034@nr=0-1-2767451-695782612-8b74df4da37a2bef----1647523125629
traceparent: 00-e5d629af4be8614a9f7acd9941520710-8b74df4da37a2bef-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI3Njc0NTEiLCJhcCI6IjY5NTc4MjYxMiIsImlkIjoiOGI3NGRmNGRhMzdhMmJlZiIsInRyIjoiZTVkNjI5YWY0YmU4NjE0YTlmN2FjZDk5NDE1MjA3MTAiLCJ0aSI6MTY0NzUyMzEyNTYyOSwidGsiOiI3ODAzNCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 13:17:02 GMT
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVlBUDAYBR1dbAgYPVFAFBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtcXRQODFJfQzkGQ1NSCQ8NBW8MXRVLGhgCHVUJUQFRH1JKBgRWUlUUHgFIQ1sBAVRXBVIBA1FWUVQDBlxAFF5VXkAAZA==
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 13:18:45 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 200a5955-cf33-4f2d-9fe1-519541f96378
content-type: application/json
via: 1.1 varnish
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Thu, 17 Mar 2022 14:47:02 GMT

GET
H2 200 track-cwv-72dfb3ae38-rev.js Show response
www.zdnet.com/a/fly/js/components/ 239 B
313 B 9ms
9ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/track-cwv-72dfb3ae38-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9b7909cb9edd007095b41a13617b66208e4210fff9c5e411a7db116efefc8e71

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 199
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 18:32:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "67706d8b391f45db733aefcf239cd086"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 08:44:49 GMT

GET
H2 200 author-modal-5b949f9436-rev.js Show response
www.zdnet.com/a/fly/js/components/ 1 KB
594 B 8ms
8ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/author-modal-5b949f9436-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7f1639eeb6e3eb3e2de52c35e650ac2fe53ea34ee8e8cac73807facad51e9b7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 435
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 15:23:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "88149d88ff55a0a61cf4139c2318f82a"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 15:27:14 GMT

GET
H2 200 disqus-loader-f09d8d6993-rev.js Show response
www.zdnet.com/a/fly/js/components/ 1 KB
867 B 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/disqus-loader-f09d8d6993-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3c591927cc6254cd17a33c78e3293b8456851a88c736b300647f7d263dd31740

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 703
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Mar 2022 16:33:23 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "03fa2c42354e4e820596580765f68710"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 06:31:17 GMT

GET
H2 200 front-door-carousel-dcdcc78ebc-rev.js Show response
www.zdnet.com/a/fly/js/components/ 5 KB
2 KB 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/front-door-carousel-dcdcc78ebc-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0f23aaa9d0fec5942a9907b88ad801ff3eff3abede69bf286d869061201c67fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 1651
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 15:23:58 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "b1b1f4fe95eb84a4f5cd628363c61caa"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 15:27:14 GMT

GET
H2 200 hacker-hands-on-a-keyboard.jpg
www.zdnet.com/a/img/resize/580f0cb8ca486f78c955564212282feb0da53c2e/2021/01/08/6604d540-9eb0-41c2-9f00-6fbf24d996f7/ 2 KB
3 KB 11ms
6ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/580f0cb8ca486f78c955564212282feb0da53c2e/2021/01/08/6604d540-9eb0-41c2-9f00-6fbf24d996f7/hacker-hands-on-a-keyboard.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

499e2ac8c3b1b39eaa429f453f8526a107ecd8ff5e092507aceb902470903736

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=155285 idim=2121x1414 ifmt=jpeg ofsz=2512 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 2512
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ldDNCLg+8vP7J94QcvUlYUqcfBc46mMZhNmwtXdAUY0"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 03 Mar 2022 16:27:25 GMT

GET
H2 200 secured-servers.jpg
www.zdnet.com/a/img/resize/242645b1c928b20318cc2e7f615f8b566253f9bf/2021/12/08/d2946ce9-df01-4a12-aafe-3970ffd709bd/ 4 KB
4 KB 12ms
10ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/242645b1c928b20318cc2e7f615f8b566253f9bf/2021/12/08/d2946ce9-df01-4a12-aafe-3970ffd709bd/secured-servers.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e67589ca7756914bacb5286a4dd6a50cc2303909367600604804e0c5257e546e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=1732111 idim=1600x1069 ifmt=jpeg ofsz=4096 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 4096
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "dkkKROm1eA3Hk2zb5/R4T0BisXX19Xkiv9R/UUeSxFc"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Sun, 06 Mar 2022 03:21:37 GMT

GET
H2 200 ukraine-flag.jpg
www.zdnet.com/a/img/resize/22ee42a545b6365be424dae106d4222cdbefe6a1/2021/02/24/3ada7659-4199-4635-96a9-bb44b8f6b6f9/ 2 KB
2 KB 12ms
10ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/22ee42a545b6365be424dae106d4222cdbefe6a1/2021/02/24/3ada7659-4199-4635-96a9-bb44b8f6b6f9/ukraine-flag.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ed32892a0cd4873b119f3e0fc595c269e9daa40e8a00975017e717faa2ba7fd9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=24387 idim=1000x525 ifmt=jpeg ofsz=1886 odim=170x128 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1614176312729749
fastly-stats: io=1
content-length: 1886
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "UIprh1Ua4fZ4Bl4UvsRp9yzEFQY2wy+85w1GuvBZSn8"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 03 Mar 2022 16:26:48 GMT

GET
H2 200 istock-1194791782.jpg
www.zdnet.com/a/img/resize/49f03e515200dafe45e96fa476312dad2f0455f3/2021/01/07/1a94ebf7-5655-4be0-a40a-3231c5f40263/ 6 KB
6 KB 11ms
9ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/49f03e515200dafe45e96fa476312dad2f0455f3/2021/01/07/1a94ebf7-5655-4be0-a40a-3231c5f40263/istock-1194791782.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

dc17f18ab317cf950e5077f869cff1deb8e6e791dbb82236f0097545562c1ed4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=246562 idim=1365x768 ifmt=jpeg ofsz=5856 odim=170x128 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1610023843822336
fastly-stats: io=1
content-length: 5856
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "GWmcrSDkjBP7PNxQY5ye8FOQESl8ero4gm0mnleTm10"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Mon, 14 Mar 2022 12:30:48 GMT

GET
H2 200 shutterstock-1095422036.jpg
www.zdnet.com/a/img/resize/0652ae519f1c8a47b0d7c8772496072c8ac586e6/2021/08/11/0edc5f03-6119-49b2-8f5f-d0bde9cdc02b/ 4 KB
4 KB 10ms
9ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/0652ae519f1c8a47b0d7c8772496072c8ac586e6/2021/08/11/0edc5f03-6119-49b2-8f5f-d0bde9cdc02b/shutterstock-1095422036.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d5101dc961dd056af6aee60f24aee3d15e50f70070dec1e1c5a3d1620596b454

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=1905233 idim=5422x4004 ifmt=jpeg ofsz=3744 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 3744
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "i25ijRXWVNwaUjwvAgrhP361awqUl8A+hoIujaqIjv8"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 10 Mar 2022 08:46:23 GMT

GET
H2 200 shutterstock-1897926526.jpg
www.zdnet.com/a/img/resize/80d5b8ee719b791476ec7931376928ea834ac3dc/2021/04/16/bb72fd06-0d2c-4a74-88c0-a81366a0cc4b/ 7 KB
7 KB 11ms
9ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/80d5b8ee719b791476ec7931376928ea834ac3dc/2021/04/16/bb72fd06-0d2c-4a74-88c0-a81366a0cc4b/shutterstock-1897926526.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e3e619528d9ab1e831a04be0f0b1d656257dd216f3ebd6faf5d088f60c8d65b9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=376447 idim=1600x1069 ifmt=jpeg ofsz=7210 odim=170x128 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1618603764886569
fastly-stats: io=1
content-length: 7210
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6xNEqgz1kHWfxYM7mxdrw1NjdVKYNWJZLTbkOpUkjBU"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 03 Mar 2022 16:28:09 GMT

GET
H2 200 20220222-151713.jpg
www.zdnet.com/a/img/resize/c87ba905b45a94b964f2be6df2e15cc53058ca00/2022/02/22/7d401a68-b664-431e-94fa-4bf8590e4549/ 2 KB
2 KB 10ms
9ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/c87ba905b45a94b964f2be6df2e15cc53058ca00/2022/02/22/7d401a68-b664-431e-94fa-4bf8590e4549/20220222-151713.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

01d86c856c5190bdf133e90c526b3d72fd5b2121623673105caa8cd3d55e0906

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=1547602 idim=4032x3024 ifmt=jpeg ofsz=2074 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 2074
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "NZuFYZXMLurriurMhZM0Gei80MOBmSf25mSfkLSw8rk"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Wed, 16 Mar 2022 08:17:24 GMT

GET
H2 200 image-3.jpg
www.zdnet.com/a/img/resize/9b721cbc4bc4ac17c221ebf28400143050388457/2022/03/03/7f45232d-ad74-48d0-bdd8-dc8630ab5fe1/ 3 KB
3 KB 11ms
10ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/9b721cbc4bc4ac17c221ebf28400143050388457/2022/03/03/7f45232d-ad74-48d0-bdd8-dc8630ab5fe1/image-3.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0928b9a8dbd48ce560c2c2b2d363d06ed09c268969034fe750ab54f13ccaec36

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=224327 idim=1668x1120 ifmt=jpeg ofsz=3068 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 3068
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6+U57g7qHoOHbLdlp+m1XvoY+35ABblyOY0WCICWcss"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Wed, 16 Mar 2022 09:11:47 GMT

GET
H2 200 budget-tv-action-shot.jpg
www.zdnet.com/a/img/resize/672cda8f8391efe3d8f9b02f2bc36c57926ba680/2022/03/09/d51fd4da-c32a-4e3e-ade8-a161e296bc2e/ 4 KB
4 KB 9ms
8ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/672cda8f8391efe3d8f9b02f2bc36c57926ba680/2022/03/09/d51fd4da-c32a-4e3e-ade8-a161e296bc2e/budget-tv-action-shot.jpg?width=170&height=128&fit=crop&auto=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

850953688710173a1efdc0b664106dd47122b3304c72155274f31670dc85e00c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=920519 idim=1600x574 ifmt=jpeg ofsz=4052 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 4052
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ph/qQHop5b5Dn1egluBlcySy0mO8HlAkzRfyxoq2cr0"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:22:45 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
2 KB 192ms
191ms XHR
application/json 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=ransomware

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7abfb9bf1f6fefff44e84689a26e722ef8a8683b8645bb230f0805d23595ea37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VgEBVlJWCRAGXVRVDwMDUlc=
tracestate: 78034@nr=0-1-2767451-695782612-379b01449329e34e----1647523125643
traceparent: 00-ae7d89c03d0141c9a85cba3fdad64560-379b01449329e34e-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI3Njc0NTEiLCJhcCI6IjY5NTc4MjYxMiIsImlkIjoiMzc5YjAxNDQ5MzI5ZTM0ZSIsInRyIjoiYWU3ZDg5YzAzZDAxNDFjOWE4NWNiYTNmZGFkNjQ1NjAiLCJ0aSI6MTY0NzUyMzEyNTY0MywidGsiOiI3ODAzNCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVlBUDAYBR1dbAgYPVFAFBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFZWRxcNB0NFUhQ7Rl9XBQMXPUMKVxVnVFtVWgsbTQFPA1JUBgdNVk0IBwRRVE4aABtEBwRXBwZQUVtTBg1XDgFRURFJXwBdElY/
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 13:18:45 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: acdbf36c-0113-4354-be99-c420148e42d8
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0, must-revalidate, private
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:18:45 GMT

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 99ms
98ms Preflight 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 137 B
270 B 144ms
144ms XHR
application/json 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash: e9f521032c6dc2dc5e50608f589f3c35e71ff09a08b1d4df105818f034d51e41

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
content-length: 137
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 137 B
270 B 134ms
132ms XHR
application/json 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash: 574c07faaca1d96a147ff9b1e55962b9947819de3d2c17908e3752f75a6148fb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
access-control-allow-credentials: true
content-length: 137
vary: Origin
content-type: application/json

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 99ms
99ms Preflight 54.172.4.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.4.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-4-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 487 B
662 B 104ms
28ms Script
text/html 52.56.234.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&pcode=redventuresgamheader644747280705&rx=77103419045&callback=MoatNadoAllJsonpRequest_36971476
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.234.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-234-21.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: c11af48ab0034b28a743e5b97fc32d2bc45de919f861807668bfb05095979840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "56b540446901a285d8011e028a244fc12cb97761"
content-length: 487
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 96 B
269 B 102ms
29ms Script
text/html 52.56.234.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647523125661&de=74549979131&rx=77103419045&m=0&ar=16e2d13da31-clean&iw=a35564b&q=1&cb=0&cu=1647523125661&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A1357%3A1357%3A1435%3A1303&jk=-1&jm=-1&fs=197504&na=702202199&cs=0&ord=1647523125661&jv=514210702&callback=DOMlessLLDcallback_36971476
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.234.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-234-21.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 6beb4dc9812a37e2fcd883fe30c09400c2e4f97b81d052f0162fca58ed75fb0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "d562d2e467b8f5a3963f8ed05d8c9b5142912317"
content-length: 96
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 100 B
275 B 96ms
24ms Script
text/html 52.56.234.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647523125661&de=74549979131&rx=77103419045&m=0&ar=16e2d13da31-clean&iw=a35564b&q=2&cb=0&cu=1647523125661&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A1357%3A1357%3A1435%3A1303&jk=-1&jm=-1&fs=197504&na=1261777080&cs=0&callback=MoatDataJsonpRequest_36971476
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.234.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-234-21.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 6ab5a5259fdfa1dae982640834b74b42942fb86f6f69a0d04e03f915cddc3b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "67292c7f93b64cdc5e7cab06a85ca1f5a9e7b08a"
content-length: 100
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK NRBR-a22c617a7b2aab2da1c Show response
bam-cell.nr-data.net/events/1/ 24 B
501 B 139ms
138ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRBR-a22c617a7b2aab2da1c?a=695782443&v=1215.1253ab8&to=NgYBNkBYWEEEAURQWg9MIgFGUFlcSgNCTVwCDwY9QVBYVQkH&rst=2019&ck=1&ref=https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 17 Mar 2022 13:18:45 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ed6042fed139b9b-FRA
Content-Length: 24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/580f0cb8ca486f78c955564212282feb0da53c2e/2021/01/08/6604d540-9eb0-41c2-9f00-6fbf24d996f7/hacker-hands-on-a-keyboard.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

499e2ac8c3b1b39eaa429f453f8526a107ecd8ff5e092507aceb902470903736

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=155285 idim=2121x1414 ifmt=jpeg ofsz=2512 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 2512
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ldDNCLg+8vP7J94QcvUlYUqcfBc46mMZhNmwtXdAUY0"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 03 Mar 2022 16:27:25 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/672cda8f8391efe3d8f9b02f2bc36c57926ba680/2022/03/09/d51fd4da-c32a-4e3e-ade8-a161e296bc2e/budget-tv-action-shot.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

850953688710173a1efdc0b664106dd47122b3304c72155274f31670dc85e00c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=920519 idim=1600x574 ifmt=jpeg ofsz=4052 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 4052
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ph/qQHop5b5Dn1egluBlcySy0mO8HlAkzRfyxoq2cr0"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:22:45 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/0652ae519f1c8a47b0d7c8772496072c8ac586e6/2021/08/11/0edc5f03-6119-49b2-8f5f-d0bde9cdc02b/shutterstock-1095422036.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d5101dc961dd056af6aee60f24aee3d15e50f70070dec1e1c5a3d1620596b454

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=1905233 idim=5422x4004 ifmt=jpeg ofsz=3744 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 3744
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "i25ijRXWVNwaUjwvAgrhP361awqUl8A+hoIujaqIjv8"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 10 Mar 2022 08:46:23 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/80d5b8ee719b791476ec7931376928ea834ac3dc/2021/04/16/bb72fd06-0d2c-4a74-88c0-a81366a0cc4b/shutterstock-1897926526.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e3e619528d9ab1e831a04be0f0b1d656257dd216f3ebd6faf5d088f60c8d65b9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=376447 idim=1600x1069 ifmt=jpeg ofsz=7210 odim=170x128 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1618603764886569
fastly-stats: io=1
content-length: 7210
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6xNEqgz1kHWfxYM7mxdrw1NjdVKYNWJZLTbkOpUkjBU"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 03 Mar 2022 16:28:09 GMT

GET
H2 200 20220222-151713.jpg
www.zdnet.com/a/img/resize/c87ba905b45a94b964f2be6df2e15cc53058ca00/2022/02/22/7d401a68-b664-431e-94fa-4bf8590e4549/ 2 KB
2 KB 6ms
6ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/c87ba905b45a94b964f2be6df2e15cc53058ca00/2022/02/22/7d401a68-b664-431e-94fa-4bf8590e4549/20220222-151713.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

01d86c856c5190bdf133e90c526b3d72fd5b2121623673105caa8cd3d55e0906

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=1547602 idim=4032x3024 ifmt=jpeg ofsz=2074 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 2074
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "NZuFYZXMLurriurMhZM0Gei80MOBmSf25mSfkLSw8rk"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Wed, 16 Mar 2022 08:17:24 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/49f03e515200dafe45e96fa476312dad2f0455f3/2021/01/07/1a94ebf7-5655-4be0-a40a-3231c5f40263/istock-1194791782.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

dc17f18ab317cf950e5077f869cff1deb8e6e791dbb82236f0097545562c1ed4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=246562 idim=1365x768 ifmt=jpeg ofsz=5856 odim=170x128 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1610023843822336
fastly-stats: io=1
content-length: 5856
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "GWmcrSDkjBP7PNxQY5ye8FOQESl8ero4gm0mnleTm10"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Mon, 14 Mar 2022 12:30:48 GMT

GET
H2 200 secured-servers.jpg
www.zdnet.com/a/img/resize/242645b1c928b20318cc2e7f615f8b566253f9bf/2021/12/08/d2946ce9-df01-4a12-aafe-3970ffd709bd/ 4 KB
4 KB 6ms
6ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/242645b1c928b20318cc2e7f615f8b566253f9bf/2021/12/08/d2946ce9-df01-4a12-aafe-3970ffd709bd/secured-servers.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e67589ca7756914bacb5286a4dd6a50cc2303909367600604804e0c5257e546e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=1732111 idim=1600x1069 ifmt=jpeg ofsz=4096 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 4096
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "dkkKROm1eA3Hk2zb5/R4T0BisXX19Xkiv9R/UUeSxFc"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Sun, 06 Mar 2022 03:21:37 GMT

GET
H2 200 ukraine-flag.jpg
www.zdnet.com/a/img/resize/22ee42a545b6365be424dae106d4222cdbefe6a1/2021/02/24/3ada7659-4199-4635-96a9-bb44b8f6b6f9/ 2 KB
2 KB 6ms
6ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/22ee42a545b6365be424dae106d4222cdbefe6a1/2021/02/24/3ada7659-4199-4635-96a9-bb44b8f6b6f9/ukraine-flag.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ed32892a0cd4873b119f3e0fc595c269e9daa40e8a00975017e717faa2ba7fd9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=24387 idim=1000x525 ifmt=jpeg ofsz=1886 odim=170x128 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1614176312729749
fastly-stats: io=1
content-length: 1886
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "UIprh1Ua4fZ4Bl4UvsRp9yzEFQY2wy+85w1GuvBZSn8"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Thu, 03 Mar 2022 16:26:48 GMT

GET
H2 200 image-3.jpg
www.zdnet.com/a/img/resize/9b721cbc4bc4ac17c221ebf28400143050388457/2022/03/03/7f45232d-ad74-48d0-bdd8-dc8630ab5fe1/ 3 KB
3 KB 6ms
6ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/9b721cbc4bc4ac17c221ebf28400143050388457/2022/03/03/7f45232d-ad74-48d0-bdd8-dc8630ab5fe1/image-3.jpg?width=170&height=128&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/ccc1e3-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0928b9a8dbd48ce560c2c2b2d363d06ed09c268969034fe750ab54f13ccaec36

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
fastly-io-info: ifsz=224327 idim=1668x1120 ifmt=jpeg ofsz=3068 odim=170x128 ofmt=webp
fastly-stats: io=1
content-length: 3068
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6+U57g7qHoOHbLdlp+m1XvoY+35ABblyOY0WCICWcss"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Wed, 16 Mar 2022 09:11:47 GMT

GET
H/1.1 204
No Content / Show response
02179916.akstat.io/ 0
354 B 57ms
27ms XHR
image/gif 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179916.akstat.io/?h.pg=article&when=1647523125741&cdim.Site_View=desktop&t_other=custom4%7C1232&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=d02cb76344f3a4ab20b3c4e10cff50735604e705-bb0274a-800602a4&h.t=1647523125382&http.initiator=api&rt.start=api&rt.si=03c92762-152b-43c8-9222-f9168c4b9bff&rt.ss=1647523126660&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 13:18:45 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Thu, 17 Mar 2022 13:18:45 GMT

GET
H2 200 core-web-vitals-16efe3ae21-rev.js Show response
www.zdnet.com/a/fly/js/managers/ 545 B
624 B 9ms
9ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/managers/core-web-vitals-16efe3ae21-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

82f947d14a0a198dfe3cec2fde7896f6e332eb798cc193dad8da9ed2225277cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 366
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 15:23:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4ad48a8b95ade34586789d1bfbdb5a09"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 15:27:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 152ms
47ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 472ms
471ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=578340538856645&correlator=2587870549336367&eid=31060439%2C31064905%2C31065485%2C31065546%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=22309610186%2Caw-zdnet%2Cinnovation%2Csecurity%2Cransomware&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x66%7C5x5&ifi=1&adks=2864335881&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dnav%26sl%3Dnav-ad-plus-leader%253FT-1000%26iid%3Dunit%253Dnav-ad-plus-leader%257Cvguid%253D6a1cad48-bc63-437c-bfa1-a23a4181434d%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dransomware%252Cgovernment-us%252Csecurity%252Ccyber-threats%252Cservices%26tag%3Dransomware%252Cmcafee%252Cmicrosoft%252Cmalware%26mfr%3Dmcafee%252Cfbi%252Cmicrosoft%26pid%3Dlogitech-powershell%252Cmicrosoft-teams%252Cmicrosoft-windows-services%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dfbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D1%26session%3Da%26pv%3D1%26vguid%3D6a1cad48-bc63-437c-bfa1-a23a4181434d&sc=1&cookie_enabled=1&abxe=1&dt=1647523125830&lmt=1647523124&dlt=1647523124950&idt=824&biw=1600&bih=1200&oid=2&adxs=436&adys=50&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x100&msz=1600x100&fws=4&ohw=1600&ga_vid=1310959143.1647523126&ga_sid=1647523126&ga_hid=706088429&ga_fc=false&btvi=0&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4cf19736a481384205203472948e756821cac113669617b04ec04964d5a4a10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12393
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 149ms
59ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030901&st=env

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578db569106e9435dd6dc8222eb8b3db7cc7a506cf2cc26c24aa6cc4ec2d22e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10459
x-xss-protection: 0

GET
H2 200 container.html Show response
3f74300a17a7c2fe26913db904f89122.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1273 6 KB
4 KB 170ms
48ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f74300a17a7c2fe26913db904f89122.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 17 Mar 2022 13:18:45 GMT
expires: Fri, 17 Mar 2023 13:18:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show-hide-1.0-2b8cfc35ab-rev.js Show response
www.zdnet.com/a/fly/js/components/ 2 KB
833 B 7ms
6ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/show-hide-1.0-2b8cfc35ab-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1a703d617fb31d56238372d5bf78e9861b3a09b7447a0184bd5f1c178461ed12

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 710
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 15:23:58 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e08e91b00a3765857fb777d0d38354e1"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 15:27:15 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
24 KB 455ms
455ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=578340538856645&correlator=3112108989810323&eid=31060439%2C31064905%2C31065485%2C31065546%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=22309610186%2Caw-zdnet%2Cinnovation%2Csecurity%2Cransomware&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&ifi=2&adks=2034460781&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dtop%26sl%3Dmpu-plus-top%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-plus-top%257Cvguid%253D6a1cad48-bc63-437c-bfa1-a23a4181434d%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dransomware%252Cgovernment-us%252Csecurity%252Ccyber-threats%252Cservices%26tag%3Dransomware%252Cmcafee%252Cmicrosoft%252Cmalware%26mfr%3Dmcafee%252Cfbi%252Cmicrosoft%26pid%3Dlogitech-powershell%252Cmicrosoft-teams%252Cmicrosoft-windows-services%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dfbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D1%26session%3Da%26pv%3D1%26vguid%3D6a1cad48-bc63-437c-bfa1-a23a4181434d%26m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&sc=1&cookie_enabled=1&abxe=1&dt=1647523125873&lmt=1647523124&dlt=1647523124950&idt=824&biw=1600&bih=1200&oid=2&adxs=1050&adys=451&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=370x280&msz=370x30&fws=4&ohw=370&ga_vid=1310959143.1647523126&ga_sid=1647523126&ga_hid=706088429&ga_fc=false&btvi=0&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eb3bf66a2989b47f461c2d6cc9199615e28e498240b5121ce0321ad61018afa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24874
x-xss-protection: 0
google-lineitem-id: 5893577926
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379103758
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
24 KB 364ms
363ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=578340538856645&correlator=3492977255332842&eid=31060439%2C31064905%2C31065485%2C31065546%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=22309610186%2Caw-zdnet%2Cinnovation%2Csecurity%2Cransomware&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=3&adks=1196319002&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dmiddle%26sl%3Dmpu-middle%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-middle%257Cvguid%253D6a1cad48-bc63-437c-bfa1-a23a4181434d%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dransomware%252Cgovernment-us%252Csecurity%252Ccyber-threats%252Cservices%26tag%3Dransomware%252Cmcafee%252Cmicrosoft%252Cmalware%26mfr%3Dmcafee%252Cfbi%252Cmicrosoft%26pid%3Dlogitech-powershell%252Cmicrosoft-teams%252Cmicrosoft-windows-services%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dfbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D1%26session%3Da%26pv%3D1%26vguid%3D6a1cad48-bc63-437c-bfa1-a23a4181434d%26m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&sc=1&cookie_enabled=1&abxe=1&dt=1647523125876&lmt=1647523124&dlt=1647523124950&idt=824&biw=1600&bih=1200&oid=2&adxs=1050&adys=1164&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=370x30&msz=370x30&fws=4&ohw=370&ga_vid=1310959143.1647523126&ga_sid=1647523126&ga_hid=706088429&ga_fc=false&btvi=0&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2b2c2165c69994b6350137afa67b92cc5ad6467e94bbb84e5c96641ee4c671c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24883
x-xss-protection: 0
google-lineitem-id: 5893577926
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379103758
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
24 KB 551ms
550ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=578340538856645&correlator=2534378543469181&eid=31060439%2C31064905%2C31065485%2C31065546%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=22309610186%2Caw-zdnet%2Cinnovation%2Csecurity%2Cransomware&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=4&adks=2671195648&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dbottom%26sl%3Dmpu-bottom%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-bottom%257Cvguid%253D6a1cad48-bc63-437c-bfa1-a23a4181434d%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dransomware%252Cgovernment-us%252Csecurity%252Ccyber-threats%252Cservices%26tag%3Dransomware%252Cmcafee%252Cmicrosoft%252Cmalware%26mfr%3Dmcafee%252Cfbi%252Cmicrosoft%26pid%3Dlogitech-powershell%252Cmicrosoft-teams%252Cmicrosoft-windows-services%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dfbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D1%26session%3Da%26pv%3D1%26vguid%3D6a1cad48-bc63-437c-bfa1-a23a4181434d%26m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&sc=1&cookie_enabled=1&abxe=1&dt=1647523125879&lmt=1647523124&dlt=1647523124950&idt=824&biw=1600&bih=1200&oid=2&adxs=1050&adys=1481&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=370x250&msz=370x30&fws=4&ohw=370&ga_vid=1310959143.1647523126&ga_sid=1647523126&ga_hid=706088429&ga_fc=false&btvi=1&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cf976a05632c1aefb7004168a7827c261474fdd872b776c63a9c0658c9bec4ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24830
x-xss-protection: 0
google-lineitem-id: 5893577926
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379103758
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2917ms
2827ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A8C 0
0 162ms
68ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcD8pJQTkI4M1O0dSJb1AiKfw-1d6aSlQpGH0J8D0I22jRGLWTKM-IA8AaFWFtBdv4y_ZIdMl1dt_AapHbaQLjlFRbMhbRpJWKrQK05OwU0_j7SYSlG3UTyS_FAQxF6mSHR3S-V18ozKHmdgA_faLQuvAfFuArRSbLDSYx3NHu-6L7Xkq39lTGlFHK0t0SfvBwJfMKgybAmEZb2WkyMEMCq5LZkyTICUsSMjn-OxSJPjpUXdPioncljGJU8SVu96Ee65uEX7q1IRa5FvigzVt16hIpIXTEWvrvuSoErM4beo7SQsdm7bELSf2uBiUxjUj0MNtwDSa3rWnKn80gkzyADu9FwkLJhpL6hIm2DTK-Qq956dH7URwz_ns8XNLKX1Ck3TvAG3s8A6Vl72WEbyMj&sai=AMfl-YSfdIbDVG1kL63thbzIdZig8TMCsX8e5EYFWEa8Giw0xCPMPwBkC__myr9QeA-4gV2F-dLX_3fYtREwww-UPI6zDhuYa4soz71vV-gNiqp57qGtDQ0wHHaSNMek4F0&sig=Cg0ArKJSzP4Ogqi8hhepEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8A8C 106 KB
38 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 07:28:02 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A8C 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 07:28:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A8C 117 KB
36 KB 158ms
66ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 8A8C 337 KB
113 KB 19ms
19ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 93b837b5caccd2e6b2c54f2899f995ae0077caafb64b2cec75dbc06347f683f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 16:50:33 GMT
server: AmazonS3
x-amz-request-id: CFRGV56QDWFA31TH
etag: "ff78300fe51089d9883077682bf5f862"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11819
accept-ranges: bytes
content-length: 114856
x-amz-id-2: qNQw/px6MsZkAwdve1wEpHGYhHGeqd+nT++9MKXNEdyIftGKjsTwcRZeCnYwBJyKAHHfe76zK+A=

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202142035000/ Frame E4D8 220 KB
61 KB 139ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61563
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "74cdf3878bfbef53"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame E4D8 16 KB
6 KB 204ms
101ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame E4D8 96 KB
29 KB 207ms
104ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame E4D8 5 KB
2 KB 235ms
133ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame E4D8 42 KB
13 KB 236ms
134ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E4D8 8 KB
1 KB 149ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203151312/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 12:51:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 13:18:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14018444171776537548/ Frame E4D8 4 KB
4 KB 103ms
42ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14018444171776537548/downsize_200k_v1?w=195&h=102

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

260a390b3ff12aa966314aa1ef80302259adde51a65f1d90f90ba906e387d958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:18:55 GMT
x-content-type-options: nosniff
age: 518391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4139
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 17:14:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Mar 2023 13:18:55 GMT

GET
DATA 200
OK truncated
/ Frame E4D8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E4D8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E4D8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb68c8223310bfe8a802d6b8289a0d010bb49ff723ff006018cef3b7625f013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ 68 B
345 B 81ms
13ms Image
image/png 3.127.86.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_SjNVWEZlZTF4Y2xZLWJmRmxXaDFtSVpfcGhVLzI4NzA3ODYwNzU6NzI4eDkw&v=5&s=v31fuc0fn2s&sb=-1&h=www.zdnet.com&cb=3738635&d=eyJ3aCI6IlNqTlZXRVpsWlRGNFkyeFpMV0ptUm14WGFERnRTVnBmY0doVkx6STROekEzT0RZd056VTZOekk0ZURrdyIsIndkIjp7Im8iOjI4NzA3ODYwNzUsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.86.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-86-46.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 13:18:46 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E4D8 2 KB
2 KB 70ms
39ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 13028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E4D8 295 B
319 B 69ms
39ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 12341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:53:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E4D8 0
0 153ms
53ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXHTEQ_3cBsO735QWWb2Sn459P3U3TFumv9KyyZli5I_2dk7l8gz__7klxdRYXFfyiM0Htq7TPKTrSb01tVCjsFvg9TQ
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E4D8 0
0 74ms
74ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Chp5CNTUzYridNs_l-gaYs7zgC7Sm8ZlovcuI74cNltPLeRABIPe7x4MBYJXikIKgB6ABlZu0jgPIAQngAgCoAwHIAwqqBMgCT9D45biWbdbLyuyVKLDJ2EUiMyGNm1egxiMMz3bYlPGtr9HoLqZKmeYGlLoAUr_183tbKP8QUzBiQ_Fuw2VDwPBk0VARUDoYMo4zkBvnyPks4ofVnnizeW_TB_2Q8dJFGtQsSzo7fS19jfbTcUj9eMQjK-j20OSspVFYd8BDb9CY5MIj7WJa_-qebiCaL86fM_z4LCtUmzvXiHtCuFKPlovfDWX4mdpanDvulJL8dIBRV3GnerZX2DDWJo3IisqIJ2plQckZv-ixdqkEWCuhBoxIGKFJcKkrWc_0H5ctdcTiRzw-3opfRM6K14tBeoaUmC4L-uOrwJhPmLIfm0MD4cnbBCNtEja-oe5ar8WsIk3dYGkt2LamOOnnyoQw1jDaePgYMyViA2V4nDe7KiX28roVou5ziCNYTQCeJbyAoNyoniZVbcj-jMAEjYHk3rMD4AQBkgUECAQYAZIFBAgFGASgBi6AB9Pky3GoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCIlQbSCAkIiOGAEBABGB2ACgPICwG4E4gn2BMNiBQC0BUBmBYBgBcBshceChwIABIUcHViLTg4MjAzNjI2MDU3MTExOTYYyZt6&sigh=-08ih_oiIIU&uach_m=[UACH]&template_id=5000
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 38ms
23ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=innovation&zMoatAdUnit3=security&zMoatAdUnit4=ransomware&wf=1&ra=3&sgs=3&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647523125661&de=61221676265&rx=77103419045&m=0&ar=16e2d13da31-clean&iw=a35564b&q=3&cb=0&cu=1647523125661&ll=2&lm=0&ln=0&em=0&en=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&bo=aw-zdnet&bd=ransomware&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&pe=1%3A1357%3A1357%3A1435%3A1303&jk=-1&jm=-1&fs=197504&na=503573258&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E3E 0
0 117ms
66ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6oESM8WXWkMoWnaK02j-oj5SSiVV3Tvs-VYFvKeK7kZoauZrDzbu9TBtraLnskx3UhZgUqZSU6hFIlDUbVpUEoG4622LcXsUBQri4EN16_FXnUDBvxWuDlTw46Bx77J_vdGG1e0SE_XFZTAJzO-j7gdbWpGxVTROgUZ_R0OiIdd2djhqCsp6lRb-3t_yS--tj74bMD9A2CM6XDq9oAPWuwUdERermb-GVKCxdlX6MOcOycsv26iRQEdhlFOROVmjrM3pMa2XxJaGkcxaaKtiYhZ6W05bCgYrWgRUhVlxxPwsFtezkbJWx_H8BH3bu0LAtyDg0wrPsC1AB5dhGPCaH8cOwd-rHiT5rAGxFV-tgk4wuhj0l-3w6x9I86WMlQg78qgf70KaeRh8ZbvxpwKXY&sai=AMfl-YQLAU8AOaZqju8f7kLKAZsHAzSvzt8OV0ZC0kY7soTXxBw0RBoZO4CD8kRf1kjY91NBXElWt_-17IujhT-GKO1KNnkHhLoV_bIoYLcThDn3_jYeoTvomUcYHVeTyfg&sig=Cg0ArKJSzBu7eR35spt4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 0E3E 106 KB
37 KB 102ms
54ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 07:28:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E3E 41 KB
15 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 07:28:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E3E 117 KB
36 KB 120ms
72ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 0E3E 337 KB
113 KB 29ms
24ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 93b837b5caccd2e6b2c54f2899f995ae0077caafb64b2cec75dbc06347f683f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 16:50:33 GMT
server: AmazonS3
x-amz-request-id: CFRGV56QDWFA31TH
etag: "ff78300fe51089d9883077682bf5f862"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11819
accept-ranges: bytes
content-length: 114856
x-amz-id-2: qNQw/px6MsZkAwdve1wEpHGYhHGeqd+nT++9MKXNEdyIftGKjsTwcRZeCnYwBJyKAHHfe76zK+A=

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4DF5 0
0 81ms
68ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGHBzrCkayFye_90mGszE7OitZf43AT-mukfuQhrjnttCpmIt7Ei73azVbkG0696Kl9AbXfGt49UkdLcnJB_HRy9qUl-X0_awIjUU1ILuonDOz1Vj9eYcg8PvxGftSfflMaN-f_mLfMdQ5MT_nkfySL7yadHfTp6HzNgE7n94xBcOXnHSD7Qf__JjmzyKkzHls94ifc9Wc8fMukYTHMcfcqczFAv99YRDyp7uWblqILsptBs8lML2dHvKgryFoPFSuTxfMBlTHqCQwBUTH_opo-2-bvIvOmEl8RZXQfUKwhju0O_v8xCaAf7hG9kF7zSQHSdkdVecrYCOoSv3HirtPYep4QFjeuvjGqW0V4QdzTKTioQLlozaT7HecOKeR_oUHHE31qITtzz3vV_47Vjvs&sai=AMfl-YSQ89lmqf4P6WcQCefA_GV2W1-RlLu2Klr2l4QcaiHwfqsAT_VuEnj0vGOKJ22KUO_Y3KgtFsvXbtfOM0cDbYU5oBCTb1qNLVmVu6Twc-yVgSfjkEK-dQf2nV576XtH&sig=Cg0ArKJSzB92Qb6whaQdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 4DF5 106 KB
37 KB 67ms
53ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 07:28:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4DF5 41 KB
15 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 07:28:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DF5 117 KB
36 KB 67ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 4DF5 337 KB
113 KB 21ms
20ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 93b837b5caccd2e6b2c54f2899f995ae0077caafb64b2cec75dbc06347f683f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 16:50:33 GMT
server: AmazonS3
x-amz-request-id: CFRGV56QDWFA31TH
etag: "ff78300fe51089d9883077682bf5f862"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11819
accept-ranges: bytes
content-length: 114856
x-amz-id-2: qNQw/px6MsZkAwdve1wEpHGYhHGeqd+nT++9MKXNEdyIftGKjsTwcRZeCnYwBJyKAHHfe76zK+A=

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2D44 22 KB
8 KB 49ms
48ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 07:28:30 GMT
expires: Fri, 17 Mar 2023 07:28:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 21016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatad.js Show response
z.moatads.com/goodway341003946512/ Frame 8A8C 311 KB
105 KB 63ms
62ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/goodway341003946512/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d209cec324d28bdf4a16559aca223302940ab469d498e6cd779bf54a6ed68d4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:50 GMT
server: AmazonS3
x-amz-request-id: AZVVBHTQ2J723V9N
etag: "b41f91a2e847828b94aa1650f7e093cc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13184
accept-ranges: bytes
content-length: 106617
x-amz-id-2: xJ50NvQ7KK9+KZ1TiClkv+t78JFHcy2r8FyZy+dKO+4Zxa9blTT1hSgMLenzyhBguvpPvPBPGtE=

GET
H3 200 index.html Show response
s0.2mdn.net/11581985/1642457886415/ Frame CFFB 89 KB
20 KB 109ms
39ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/11581985/1642457886415/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eab6abdfbfa59c9264ec494a44f981a2f9bda1806436dda3ebb6c88d8281941e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 19964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 16:29:03 GMT
expires: Thu, 17 Mar 2022 16:29:03 GMT
cache-control: public, max-age=86400
last-modified: Mon, 17 Jan 2022 22:18:06 GMT
content-type: text/html
age: 74983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A8C 0
0 69ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0bxwWnV7rGXGYnBLbYDZBNHwqibzpxowW7Eq5sPbQmG98wddv5uGaCsWAv0V_AwnkU7v1dlT8GyJpjFrslBgv_vZoQe6MpbE6HPwZETZb4f1iOMO4Sll1518jhlEFdho7oHzroQMd5BayKrdaoQQt2eceEMNJLA1XRilynUDIKZ03-xzStfIIZNmoVgDpDPKZ-plxrXIItaNZXZpSl9F50UzIuGqm97CB3QhQAshUxvk07uPNNm7k0Y08WoqFbtjGtSB6Po6RxIC04Gka_UoDz7USWN3P5LjgJv0X48wBOwhWQeh6DuVqs7INS8uhWnPF-49wvqhUkKQiHxj-fgiJHRvSROLD4m5_EQ&sai=AMfl-YSTZVf_jeTVSqrwhGNpjXnr9Ut6S4OxkqWU3vD3I4YM5C8vKbp5SBwHoGheXEZLKPOUphcTiKPsSfQT7wbn56OMFXddBAKGylsH4anCbnBAcsjvqjixY5sH0ErG8rw&sig=Cg0ArKJSzOIcZcDI40DgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
DATA 200
OK truncated
/ Frame 8A8C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 203286b4965ebfde9cbe21580acd47c6ef618e5da9020dbf3f35afad9cb525b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1647523126567&de=153988617660&m=0&ar=16e2d13da31-clean&iw=5731c4c&q=7&cb=0&ym=0&cu=1647523126567&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1357%3A1357%3A1435%3A1303&iq=waiting&tt=waiting&tu=waiting&tp=waiting&jk=-1&jm=-1&fs=197504&na=562254653&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame E4D8 28 KB
28 KB 133ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 138669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:47:37 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0115 22 KB
8 KB 43ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 07:28:30 GMT
expires: Fri, 17 Mar 2023 07:28:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 21016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4DF5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bf284293069800466600763a5c6207d850f8a42fe4328949ca9a6f83ed2a805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0E3E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84657ad54ae714e59f44450153cec28117127a69c5fe894ca1707f3458854c5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 24ms
24ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1647523126680&de=416789415652&m=0&ar=16e2d13da31-clean&iw=5731c4c&q=11&cb=0&ym=0&cu=1647523126680&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-bottom%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1357%3A1357%3A1435%3A1303&iq=waiting&tt=waiting&tu=waiting&tp=waiting&jk=-1&jm=-1&fs=197504&na=2100951954&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D9C7 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 07:28:30 GMT
expires: Fri, 17 Mar 2023 07:28:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 21016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatad.js Show response
z.moatads.com/goodway341003946512/ Frame 4DF5 311 KB
105 KB 21ms
20ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/goodway341003946512/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d209cec324d28bdf4a16559aca223302940ab469d498e6cd779bf54a6ed68d4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:50 GMT
server: AmazonS3
x-amz-request-id: AZVVBHTQ2J723V9N
etag: "b41f91a2e847828b94aa1650f7e093cc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13184
accept-ranges: bytes
content-length: 106617
x-amz-id-2: xJ50NvQ7KK9+KZ1TiClkv+t78JFHcy2r8FyZy+dKO+4Zxa9blTT1hSgMLenzyhBguvpPvPBPGtE=

GET
H3 200 index.html Show response
s0.2mdn.net/11581985/1642030774101/ Frame 8845 110 KB
22 KB 38ms
38ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/11581985/1642030774101/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26b8bad9db974b743c9dffe78b1dcc93bff87eb414abd2b8d110b3280bbdca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 22780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 04:10:51 GMT
expires: Fri, 18 Mar 2022 04:10:51 GMT
cache-control: public, max-age=86400
age: 32875
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatad.js Show response
z.moatads.com/goodway341003946512/ Frame 0E3E 311 KB
105 KB 21ms
21ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/goodway341003946512/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d209cec324d28bdf4a16559aca223302940ab469d498e6cd779bf54a6ed68d4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:46 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:50 GMT
server: AmazonS3
x-amz-request-id: AZVVBHTQ2J723V9N
etag: "b41f91a2e847828b94aa1650f7e093cc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13184
accept-ranges: bytes
content-length: 106617
x-amz-id-2: xJ50NvQ7KK9+KZ1TiClkv+t78JFHcy2r8FyZy+dKO+4Zxa9blTT1hSgMLenzyhBguvpPvPBPGtE=

GET
H3 200 index.html Show response
s0.2mdn.net/11581985/1642030774101/ Frame 9701 110 KB
22 KB 44ms
44ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/11581985/1642030774101/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26b8bad9db974b743c9dffe78b1dcc93bff87eb414abd2b8d110b3280bbdca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 22780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 04:10:51 GMT
expires: Fri, 18 Mar 2022 04:10:51 GMT
cache-control: public, max-age=86400
age: 32875
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame CFFB 2 KB
411 B 92ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Red+Hat+Display:700,500,regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642457886415/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

384a9d0be75a1b08b284181098a5ba0d0ca78edf203d27089ff5f568d4d3500f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 12:59:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 13:18:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame CFFB 29 KB
10 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642457886415/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642457886415/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 12:53:13 GMT

GET
H3 200 Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D44 36 KB
14 KB 87ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 11:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:14:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1647523126739&de=436862195905&m=0&ar=16e2d13da31-clean&iw=5731c4c&q=15&cb=0&ym=0&cu=1647523126739&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1357%3A1357%3A1435%3A1303&iq=waiting&tt=waiting&tu=waiting&tp=waiting&jk=-1&jm=-1&fs=197504&na=1043125969&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8845 1 KB
400 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55512fd4729d1dc0eaff22a32c9d3df4f92bddc8d176854930ead03810c56b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 13:15:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 13:18:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8845 29 KB
10 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 12:53:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9701 1 KB
400 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55512fd4729d1dc0eaff22a32c9d3df4f92bddc8d176854930ead03810c56b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 12:29:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 13:18:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 13:18:46 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9701 29 KB
10 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 12:53:13 GMT

GET
H3 200 Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0115 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 11:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:14:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 29ms
28ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GOODWAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1647523126795&de=426637486298&m=0&ar=359f21c1e97-clean&iw=398c506&q=18&cb=0&ym=0&cu=1647523126795&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11581985%3A27087047%3A518143862%3A164881919&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&bo=7628188&bd=326145738&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&gw=goodway341003946512&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1357%3A1357%3A1435%3A1303&jm=-1&fs=197273&na=148209063&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 200 8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v11/ Frame CFFB 29 KB
29 KB 85ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v11/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:700,500,regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 02:09:58 GMT
x-content-type-options: nosniff
age: 40129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29592
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:41:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 02:09:58 GMT

GET
H3 200 Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js Show response
pagead2.googlesyndication.com/bg/ Frame D9C7 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 11:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:14:03 GMT

GET
H3 200 8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v11/ Frame 8845 29 KB
29 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v11/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 02:09:58 GMT
x-content-type-options: nosniff
age: 40129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29592
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:41:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 02:09:58 GMT

GET
H3 200 8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v11/ Frame 9701 29 KB
29 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v11/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 02:09:58 GMT
x-content-type-options: nosniff
age: 40129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29592
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:41:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 02:09:58 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 41ms
40ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642457886415%2Findex.html&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126795&de=426637486298&cu=1647523126795&m=30&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=14&vx=14%3A-%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&pg=14&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164881919&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=22654198&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 200 300x250-DataPool-Building.png
s0.2mdn.net/11581985/1642457886415/ Frame CFFB 14 KB
14 KB 38ms
37ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642457886415/300x250-DataPool-Building.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642457886415/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eed19a0bd8e74462c31d45f36e5e2c02b9b5761366794ed470c6b88af65255e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642457886415/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 17:56:33 GMT
x-content-type-options: nosniff
age: 69734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14313
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 22:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 17:56:33 GMT

GET
H3 200 Trellix-Logo.png
s0.2mdn.net/11581985/1642457886415/ Frame CFFB 5 KB
5 KB 39ms
39ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642457886415/Trellix-Logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642457886415/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8ef896304d0e442fe424594c6d047347ea9a553e733507f101952e15c7f41f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642457886415/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:10:02 GMT
x-content-type-options: nosniff
age: 65325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5281
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 22:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 19:10:02 GMT

GET
H3 200 300x250-Building-bkgd.jpg
s0.2mdn.net/11581985/1642457886415/ Frame CFFB 31 KB
31 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642457886415/300x250-Building-bkgd.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642457886415/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da390f9e1d66d7746b1bc4c562f7b90ca2199d99b905412eeb0d303d41982694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642457886415/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 17:56:33 GMT
x-content-type-options: nosniff
age: 69734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32031
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 22:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 17:56:33 GMT

GET
H3 200 300x250-skyscraper-sunrise.jpg
s0.2mdn.net/11581985/1642457886415/ Frame CFFB 47 KB
47 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642457886415/300x250-skyscraper-sunrise.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642457886415/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfd63a7a6f41659f23d2e7eab923fec7ee42915842ff5bc26610db12239cced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642457886415/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:55:55 GMT
x-content-type-options: nosniff
age: 33772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48513
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 22:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 03:55:55 GMT

GET
H3 200 Trellix_LOGO_F_BW_White.png
s0.2mdn.net/11581985/1642030774101/ Frame 8845 6 KB
6 KB 38ms
38ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Trellix_LOGO_F_BW_White.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e11aa620f3a3d4eaa3c74339edb5885972f7c031dc83e92073bb4d91af311a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:56:11 GMT
x-content-type-options: nosniff
age: 33756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 03:56:11 GMT

GET
H3 200 Gradient-Pool-01.svg
s0.2mdn.net/11581985/1642030774101/ Frame 8845 61 KB
23 KB 39ms
39ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-Pool-01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e485e709a41704ecb4f5c7b8a43b79f8fae9eb048257b50accfc9c9e20838816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23893
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 04:10:52 GMT

GET
H3 200 Gradient-bg.jpg
s0.2mdn.net/11581985/1642030774101/ Frame 8845 18 KB
18 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562ec00fa7e1a22ed4ef64be7f21657b69451746bf5b0be7ba8f1da330ca1c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:56:11 GMT
x-content-type-options: nosniff
age: 33756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 03:56:11 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 55ms
21ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=83&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126567&r=153988617660&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=middle&zMoatPT=article&zMoatSL=mpu-middle%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 56ms
21ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=83&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126567&r=153988617660&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=middle&zMoatPT=article&zMoatSL=mpu-middle%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E3E 0
0 68ms
68ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhcW4B878tkoCWzQJArlpuoaEGH4BXdCTq202Ktf850z3GaKp06hzn7hMYnHh77816iOQkpg8Ba4zWyXFlwBT8kQf4uAJgGJVS7U-msKn1Uep-FkKoi1r4WxjRE0hAvMPTZ6FASLzfRyGchMRV1WbcACXe9_NefQ0Z-48Ql_xWlGoYBcavkGl68AWWzNrl6mjmZnYJd3o6gzzOxIN-9TNGs9Cr9fHcuS1bmjJjhQi0NiTlQzu3ObAZhsrbz0nQNudG4PxBsDveeenT0zEcWUcc-1XUln5pkEFLGpQviXSqIId6aoqQhJRPdFLmG3mzx79DrnW7j-cq4RelMZtkTC7Tu-8azbm4KagdiQ&sai=AMfl-YQYcAdYhAdiihysxaTN9bu6HPxOaUUrVY-TM9pGBzwBFHWjhYvroxwUnCE0R2W4MgnJrT5_RxWaxQckkWzHGdF3AIOMl8iOx5IHGx0NA2xrDxmQh-Z7lQWRthqRE3U&sig=Cg0ArKJSzB75vF2KgwBOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 200 Trellix_LOGO_F_BW_White.png
s0.2mdn.net/11581985/1642030774101/ Frame 9701 6 KB
6 KB 39ms
37ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Trellix_LOGO_F_BW_White.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e11aa620f3a3d4eaa3c74339edb5885972f7c031dc83e92073bb4d91af311a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:56:11 GMT
x-content-type-options: nosniff
age: 33756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 03:56:11 GMT

GET
H3 200 Gradient-Pool-01.svg
s0.2mdn.net/11581985/1642030774101/ Frame 9701 61 KB
23 KB 44ms
43ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-Pool-01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e485e709a41704ecb4f5c7b8a43b79f8fae9eb048257b50accfc9c9e20838816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23893
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 04:10:52 GMT

GET
H3 200 Gradient-bg.jpg
s0.2mdn.net/11581985/1642030774101/ Frame 9701 18 KB
18 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562ec00fa7e1a22ed4ef64be7f21657b69451746bf5b0be7ba8f1da330ca1c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:56:11 GMT
x-content-type-options: nosniff
age: 33756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 03:56:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GOODWAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1647523126957&de=931741957814&m=0&ar=359f21c1e97-clean&iw=398c506&q=21&cb=0&ym=0&cu=1647523126957&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11581985%3A27087047%3A518143862%3A164679749&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&bo=7628188&bd=326145738&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&gw=goodway341003946512&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1357%3A1357%3A1435%3A1303&jm=-1&fs=197273&na=1197122841&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 23ms
18ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=58&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126680&r=416789415652&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=bottom&zMoatPT=article&zMoatSL=mpu-bottom%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 21ms
20ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=58&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126680&r=416789415652&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=bottom&zMoatPT=article&zMoatSL=mpu-bottom%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DF5 0
0 64ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstO0nPu_JVyfChFY6X_W-cmyLBj39rM4cYrOOOZNiTcXsQlLD1MlmutAjHjfWCVEsvDtl3cOdIavux6JnKuiAqwFQEHZIB1WftAmKIQEMD8-lUVaRJoZQNwvILtRIZBSjwXdDt6EhvDmAhXGWe4IacfPTBXleKAFdDJsJkDf-0dN1OaRm2j_xlE8zCfjT-ZO5uoKxlha28pYI-TJ4KPq33IuGmUUQZGrl2QMTh_wInxw2mHXUb-seMxqawwHCO__87h-36Mx-h8mHm0sAOpgOCehl1l8KI3O31TVC98e9VjDzbhiEI6jmLqBXDfPGTy2v-BV9f2JDGgqfihfAAYHVNO8OxbM3fs_18UWg&sai=AMfl-YTWtxSAaCPTZsim9YyAkyGYK7OYSBfzzUWml7v7q4bNHUUc9T0VJCtHK2pHEdnuucONuXcJ_hbgLH20U_ihW8RLYe-MYzum6fZDBFVsHsCYS2pF2miJ0OX8VPOa5J0V&sig=Cg0ArKJSzOQ-1RS4ebrFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:18:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 26ms
25ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=30&fi=1&apd=60&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126739&r=436862195905&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 27ms
26ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=30&fi=1&apd=60&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126739&r=436862195905&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 28ms
27ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=30&fi=1&apd=60&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126739&r=436862195905&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 24ms
23ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=235&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126567&r=153988617660&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=middle&zMoatPT=article&zMoatSL=mpu-middle%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126957&de=931741957814&cu=1647523126957&m=7&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=467579667&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GOODWAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1647523126966&de=216867567330&m=0&ar=359f21c1e97-clean&iw=398c506&q=24&cb=0&ym=0&cu=1647523126966&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11581985%3A27087047%3A518143862%3A164679749&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&bo=7628188&bd=326145738&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&gw=goodway341003946512&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1357%3A1357%3A1435%3A1303&jm=-1&fs=197273&na=484620287&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 20ms
20ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=216&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126680&r=416789415652&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=bottom&zMoatPT=article&zMoatSL=mpu-bottom%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 26ms
25ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=192&fi=1&apd=222&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126739&r=436862195905&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
21ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126966&de=216867567330&cu=1647523126966&m=6&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=1926563735&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D44 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1zh8NTUzYrf7N87ygAeUzoYoAAAAADgB4AQC&bg=!Xl2lXRnNAAba2mK92to7ACkAdvg8WuIbVr19-faRYr0P-bWfl0lpZhI3p36PYOJtmlaJK91lo__P_gIAAAGYUgAAAAJoAQeZAuzTybYxRnJ22rSTSlcIVTHz-Mwct0oGv5DxSiet0-G29_uI_FAWaF0JKdYO9LXwwug6bybZ4zHVV9TGjLwUwhgQfgqE72MdmcO_n7eBbHMJPpcAg7DypoyaHP7UgUePxw8xgW_2x4Aap57IGvS2alU0taLfVMDBKqOJHsX6nF5NYTtsgsQwFWc97J_jQVINa4E9jnp1MAI9AN3JqF1am_XCsye2xXPaXazGdn68wO_xxREdqfnlz0q7OIk-6itNBzTrYDQVcypKn47n_-Ifkw5mlamTxKTbA9ltdUs3DSvZheNmeMABT-AHOctnROFWfiPFbwJFGpJzhHQNHHwW_B8_-IK_E0hRpJR57EoIfwQxjgS0dXAMs9O5aHugVEq_jjgWlL80i15Cb3dBeADnDw7A5aNBPvvjJK_324LnPxOAA8ctcNVQh0YXsXX-T6NNEuxxGrkZqKNKBLFbNX3XVJPuO2pSFSVV_vufy-zxcruRJNZ-pKY-tErB2iCw1fuK9dBRz6Vv-gVv7o7KSWinXi9vB-FioeEWd4ZF-nMccImPLWuo0ipnrHlvzrM3wWqso4Qf5sMfRqno_0TrNHBsKE68KuFnKd9AS0qkZVHcVcxi_EP4Z3Lht9OK9J-qeYt98goNEPOLPmoQ5I0FsrO_cZKb2ahzaXHJRHzFE9FQ1zHfpjYXm6Uwp9vLQMyTzLL5vJCCa1UQFIxy9Dl6X4vagUasxjHDO22khZ515TD4os7EXWT8tcnFSopb0XPqa0kGjAgFE64V1xUlN3WzYnBv7tm6SZHtIGVdFHWFipHZDbd3No9P-FF2hFgLjzvc8__zvyESbsX-HpqEFKT3U_zn8eitaNb75RcVA4z4Z7T4ERTmt_OqsZUvtjsip8iAPllGSjJXntvUFd7Qz8zLMF0Jl6AgWnGhXm0TSygucU8CdpCB7YzQkugdEGfQk3ROM3jom-CmaKSIKRvT5emWQkcIka5HXKvaSgtbl40x7j5F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0115 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOtuRNTUzYqHbN5fb7gO9qZ3wDQAAAAA4AeAEAg&bg=!IyClIGTNAAba2mK92to7ACkAdvg8Wiub2gSguEjiJrpJjWblQD1JGYqj72aGyIKB39U31Ncp5KoH3QIAAAFaUgAAAAJoAQcKAK78bHOGF3WsFLe424TRybBOVfeStbOHrW_4W79HR51czR8aOnUlxJ6dOVt5ahCrcN9oMhyOLrC8a3PWY9itSNa3uuvEOfUd9ADXTlVFpcPBujbMT1lGngIWmi3xgbQuxgu8Ytg_cVipptSuu72gJQO9gmJrToPOMb3-7cmJWdwVVg3hNuVR7dVxx8vedh9meilWpCn2iy5pAZX9IE7yj-2GMYxXZ7CVKWeFiig0ZWGZAuJMRhCIMDNzfzmuVWHpo4kSpTk4aIICPXwIQT7OM5RKFAF4JUywCiuCzh8vWzmRKUQkqjZO7DdI9EbLzUfn8vEF4lXDDAdTS_xUFjKClnN_7TXxBAQAZC0EodNLpHQkaAye5WwfNj0rBNuKmkQprc_12jvaF0b_URQ_aFEn6teN2_q25sjQR1sUFqfV8E9YsQjDQPuuWO2ykpCJPtB7wIljDSRyAhO8do-YZTZWy6EETWdNaQAM_krF18TTIMoSd0EpZpEDu40mlizEI_X-cxUl8PXSixqNsLCRJtf7FeDepfoICcyWSKm8EUgzYU9g5ripwslrB96H4uXzlSOpyZWvlq0vU5sNoFrHesBV4nFqKBrDeikzMEH-EPq_MZ0xnsjOnNJufkHmG87dnZpqPTNz_Pq_y3Le1NRXqcoizRjAdLy_Owvscwg2spQAcBdshw_UHns0ZU8Hl8iv52t3ZwrCD0Oyh_79lDN5M5zmXwbMC1JGTwduF0paPrxMukQuiVt3wzvMtyW3QSnzXkylq4_Wx6lzzIdvbcNE9hm1C34xqSJ33MGCbgsmzqI7uuMG-DjM6wmgHFMR4SFein4DdHiUG56bf_wCHyox_ZJex1pd3gaJmi5Z_1WLLrLzyrPngOsHKiboDmThzD20NlFYvgywShB5s4Dg6PAFoKRD5LNPYGzx8aSofDDVVRErOgr2Aucj0_sUpsoiFWHInEMkLFIPdJhBKRCaSt7hGQTgJ78BpW7wfLct1MqnrTch3y7GI95_cu3pzTLA7nEhdccLJ4tBtVmWg0iuyybTfygvrf0Li6dUBjl0NZjrsMe8DmNjgTmXQ2Z6x0Nkbm_mN176hqMtH5jkqdmQc229TD8JRZ2W0penqG9aNO9ZmGOm0gZ7k4BI0r07gwnAPY_LSFVvIDEhOOb17fOOsfqGZCYWzDroCclTa7vfKgb8iyMuko48RsiF5TRmnqLqpRa4LhUz4mTD5ls

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
30ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642457886415%2Findex.html&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126567&de=153988617660&cu=1647523126567&m=587&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=46&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=14&vx=14%3A-%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&pg=14&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=83&cd=0&ah=83&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-middle&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-middle&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=709046066&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

POST
H/1.1 204
No Content /
02179916.akstat.io/ 0
354 B 40ms
26ms Ping
image/gif 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179916.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 13:18:47 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9C7 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvHTJNTUzYrXfN8G_gQfS5qioAQAAAAA4AeAEAg&bg=!dnWldTHNAAba2mK92to7ACkAdvg8Wty7Lg5W5IYRz-M3DVqNzXr8eWbqpZ50tSNjOccz_AqoZ0A0fgIAAAF9UgAAAAFoAQcKAAb7DZIK1g-ZAwH6GDdQTRy7J50YQwLFWIjT6_xCCmh6_6Yv4WEntyMd0f_N0TXiMF7sM0s5govxNOMGv9xyBy2uGK8MwXODMj6KGBxJuSQagWtH-Bok4TfsDKPJ2h8HcdLfRQt6vDwNWks4EHGMapnLoybjz7WVS7SDKtuMXG0RvTfPhkVqeWR3yO6_Fof5hkAj6qS0_EBsRW6kk7bjfUHgBkwXt5dEPp0NU-3ZMvfSJ5DBgbGR8NjcziGfKwTGbXujaxGFLsWhQUpYFaPuIlFxJJAGAPwGnGEb-tMZBkRril13zeXQwGcPb5Xy6-AD0weh6ye6zV5DlgdGzIF_OxYx9d6zcuD8-FleOVW58D92XYQpSDDsKzS6jQpxw8N6LFmiMOl8VnkLxMrHnAf0AqsVvSQHhU5oMHo9RyWRjrSSY9-U3JAFp6xMY-BKLAgQNBD0khFTIpy3zqkKKwDqQNySxRrU6E7-OxplBhyYzhVKk1BpoiC2yqoRyvEXwTz6S4KTqCYYUS2dtwRA5STu1ophDdacCaAnCBpq62VF7sYrvn98QHJCIcRfe-IKzULZrPwyRzCqtQ9KdUqsS5oQZtTDzjQJ_QvA36zfxb5Opp8vPdmLyTUUbZDhbo3_z1eXnaptcG2loZZcHD6UQ_NHhsgnkq3gSodhWTfG98KUdw62GRYGyCRNMClGbdM2IUvdn7jKiXphiWVDNEMGv0pwT2Z0uWhy9TceGtMLhBfQks-I8q8YhNrVchm-bN0_b6OkmEyadAcKfdr7cg-XghGLoEHjiWIYVw9vgHt8PeFrDxjgNr0GM_UQ-osdfyzFDDI4BJT1K0JVVTLyPP0-YjY8j7hFfv9YZE_kuowpis1JKPgaEIUkJeo3YJou62Er7T_dRd3A2PEsobniX9NhtkcKQCoFbu12gYcv3ZmbqbhnssCeB1URXCy-tGBoVzhDVPlpwTRsyvcqGqnbdIUFdvZNoowuJFusYj9Rdb1y8nrbly5r3jGetpQMLgEzr4aBFGm6CBxsa4nzfUfYWLK0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
33ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126680&de=416789415652&cu=1647523126680&m=552&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=80&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=58&cd=0&ah=58&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-bottom%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-bottom&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-bottom&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=947388525&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 50ms
50ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126739&de=436862195905&cu=1647523126739&m=549&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=33&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=30&an=0&gf=30&gg=0&ix=30&ic=30&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=30&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=0&ah=60&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=1651349880&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:47 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E4D8 42 B
64 B 69ms
68ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvo9EG4bChvCVrR5NCNshvZgBYOmaUVpXvJz-iiq0DDao3SmFg5TGSQ5dj5UeVxiFNM08cUYDl58pG74HY9KJA-cU_1Qt2zTzqXwJ10tZgbL4jG1RNXmaxG-NDBQ-d2DA-KN23eHydvGFg-&sai=AMfl-YRL6j__Cp8GiUlARGLZ4gQbeU5GPU42gsKxib-6BwuefszAAYZzK4iCC_eBSGCpuCZ9_PenCp33msDRLZBlPy-0eDXb331UqpZju3yCaT9_Dqacn5hdrzcGxBF5xgc&sig=Cg0ArKJSzDGPRSpifc1sEAE&id=ampim&o=436,5&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=609&tls=1609&g=100&h=100&tt=1609&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2864335881

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126966&de=216867567330&cu=1647523126966&m=1078&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=1073&an=1&gi=1&gf=1073&gg=1&ix=1073&ic=1073&ez=1&ck=1073&kw=874&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1073&bx=1&ci=1073&jz=874&dj=1&aa=0&ad=955&cn=0&gk=955&gl=0&ik=955&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=874&cd=2&ah=874&am=2&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=48955015&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126966&de=216867567330&cu=1647523126966&m=1079&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=1073&an=1073&gi=1&gf=1073&gg=1073&ix=1073&ic=1073&ez=1&ck=1073&kw=874&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1073&bx=1073&ci=1073&jz=874&dj=1&aa=0&ad=955&cn=955&gk=955&gl=955&ik=955&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=874&cd=874&ah=874&am=874&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=1213906432&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126966&de=216867567330&cu=1647523126966&m=1080&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=1073&an=1073&gi=1&gf=1073&gg=1073&ix=1073&ic=1073&ez=1&ck=1073&kw=874&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1073&bx=1073&ci=1073&jz=874&dj=1&aa=0&ad=955&cn=955&gk=955&gl=955&ik=955&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=874&cd=874&ah=874&am=874&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=144993015&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E3E 42 B
64 B 109ms
62ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNhJQAXEy9KoX7hJvAsWDRCcf2nOc4f4SbMnRWyOuX4r3PG4Pu5Qc3CVIQ-VbecoJslC4Ws-7441pKKEaN6GmYcZQoMDrSzan3fOEooN2Bl25yFx6bW9Ebwv1BvQkcdQPJdcDInxv2ld9D52937YMHysuMl1wSlf9Itqw1of1U&sig=Cg0ArKJSzPjx9vuUl2GDEAE&id=lidar2&mcvt=1001&p=451,1050,701,1350&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2034460781&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647523126444&rpt=722&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
21ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126966&de=216867567330&cu=1647523126966&m=1281&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=1276&an=1073&gi=1&gf=1276&gg=1073&ix=1276&ic=1276&ez=1&ck=1073&kw=874&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1276&bx=1073&ci=1073&jz=874&dj=1&aa=1&ad=1158&cn=955&gn=1&gk=1158&gl=955&ik=1158&co=1158&cp=1074&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1074&cd=874&ah=1074&am=874&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=1041737591&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 35ms
34ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126739&de=436862195905&cu=1647523126739&m=1717&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=33&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=1200&an=30&gi=1&gf=1200&gg=30&ix=1200&ic=1200&ez=1&ck=1200&kw=1029&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1200&bx=30&ci=1200&jz=1029&dj=1&aa=1&ad=1089&cn=0&gn=1&gk=1089&gl=0&ik=1089&co=1089&cp=1029&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1029&cd=60&ah=1029&am=60&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=1181900505&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 38ms
37ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1029&tet=1200&fi=1&apd=1230&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22364980500&ord=1647523126739&r=436862195905&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
44ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126739&de=436862195905&cu=1647523126739&m=1719&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=33&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=1200&an=1200&gi=1&gf=1200&gg=1200&ix=1200&ic=1200&ez=1&ck=1200&kw=1029&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1200&bx=1200&ci=1200&jz=1029&dj=1&aa=1&ad=1089&cn=1089&gn=1&gk=1089&gl=1089&ik=1089&co=1089&cp=1029&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1029&cd=1029&ah=1029&am=1029&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=618079259&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126739&de=436862195905&cu=1647523126739&m=1720&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=33&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=1200&an=1200&gi=1&gf=1200&gg=1200&ix=1200&ic=1200&ez=1&ck=1200&kw=1029&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1200&bx=1200&ci=1200&jz=1029&dj=1&aa=1&ad=1089&cn=1089&gn=1&gk=1089&gl=1089&ik=1089&co=1089&cp=1029&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1029&cd=1029&ah=1029&am=1029&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=1518525456&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8AF7 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 13:05:00 GMT
expires: Fri, 17 Mar 2023 13:05:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C28 783 B
534 B 99ms
50ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

566bb34964e06f2bc75ee9d6097ac23df702b741f7d25ae5d99ed0bdcba8a03d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t+bhR8JRQ/9JmnVBwxJPSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 17 Mar 2022 13:18:49 GMT
date: Thu, 17 Mar 2022 13:18:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-t+bhR8JRQ/9JmnVBwxJPSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AF7 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 22:15:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C28 0
0 93ms
93ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030901&jk=578340538856645&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8AF7 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_KJnKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:18:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030901&jk=578340538856645&bg=!CAulC0_NAAba2mK92to7ACkAdvg8WnTu1v6_fA6X8_zf-Vt0XBo2EcfVv5lHv6Mj1kvU6hoFuzv0rgIAAACEUgAAAAJoAQeZAurnh18tieEA13LMXvf-TGZyGgUQRBpIjBlosQt9EwnqfCwKq33FdCMwEybVZ_rE0LdGnGEkfrObeypqzucbb6wkv0pyp_PUOQNflC3PonlRZkbj-T2ANoqKuzknmqJw8DmWO65cHZ-BuyOzSbr4-eLEic_0gZG1f2Fl4V8AtpVFfZOzgoA0QwXd6j_qXdTYXXf4wATgLowB72SVwgYfS-uVqPFue6KDaVQ0gfKv8u7sBGUF3v8FyiCbJkyUstRocTrayyb3vqseWWl4-OUIkuyCxq_nKroZIAPA9ytK9Ukh_w3eMgnob-aXDJ9h8hPM_PmBxtgih0eGSzbS6Z60fZ-ud-8k4af03S0ywoJKVASo6RoWUJK-SJ5Y7SleDmn71YiouYwkxv2GMiwenHuY68_Se1iJfcjccyQ3N9r1vF38QT2byI1DRAPjoTRC_0jvCJmTuuneJlzbsEBtaXIuJn2T95iLYd4SirXe1txQzOF34G9z7kj2zCxKykGsW5-bL6J6p7zGgZKi1a4FFMvulTbhX5-fFAQ3sd8MDHy7xPSgW5ksn9xhux20xS8VYnG8BZv3Q85SpRBIyqKNgNjDXC3tSP4YFulPrC1ogNK3hed62QhWOINFSzKeKbkBlH_Pxg-WgcDuMZh4IFMyRe9JzK87G_MFZ7A1C5D5orRAIGuMx7JTNEoAAbumz0ftyE3d0-UA5nzh8lC-bR6g84h8CGipTgPh_G1FWvOaU_-UmcGe2k5UyqAE-M76DC24S2jZZiNh6AiObBsst8PkH9T63OWjACFMe6XQJRYPXp9EoKLhBoy__DNvdQbZPHCzCl54DddOT7sH2dA07a6Ned_dQ7n95tFNL6xtQA4ITV9MOlrW_8hdS0AZZmyxUTJTA0puXHrQQRe7G0F7rdh6JxcUvU8bkERKstF43yY-FJLU5r6KqwKCKj3b426Crlbd9VB47LMChhwBVF2MR1nF2FqG4t0cdIrc5UATXDOHQw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126966&de=216867567330&cu=1647523126966&m=5114&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=5109&an=1276&gi=1&gf=5109&gg=1276&ix=5109&ic=5109&ez=1&ck=1073&kw=874&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5109&bx=1276&ci=1073&jz=874&dj=1&aa=1&ad=4991&cn=1158&gn=1&gk=4991&gl=1158&ik=4991&co=1158&cp=1074&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4910&cd=1074&ah=4910&am=1074&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=1728426391&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126795&de=426637486298&cu=1647523126795&m=5319&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=14&vx=14%3A14%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=0&pg=14&pf=14&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5106&cd=8&ah=5106&am=8&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164881919&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=1832764337&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126957&de=931741957814&cu=1647523126957&m=5323&ar=359f21c1e97-clean&iw=398c506&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5120&cd=2&ah=5120&am=2&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=1135141972&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126739&de=436862195905&cu=1647523126739&m=5574&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=33&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=1&ag=5057&an=1200&gi=1&gf=5057&gg=1200&ix=5057&ic=5057&ez=1&ck=1200&kw=1029&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5057&bx=1200&ci=1200&jz=1029&dj=1&aa=1&ad=4946&cn=1089&gn=1&gk=4946&gl=1089&ik=4946&co=1089&cp=1029&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4878&cd=1029&ah=4878&am=1029&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=1129785091&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 32ms
32ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126567&de=153988617660&cu=1647523126567&m=5765&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=46&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=14&vx=14%3A14%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=0&pg=14&pf=14&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5068&cd=83&ah=5068&am=83&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-middle&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=mpu-middle&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=1516323109&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
21ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22364980500&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gmtqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&id=1&ii=4&f=0&j=&t=1647523126680&de=416789415652&cu=1647523126680&m=5751&ar=16e2d13da31-clean&iw=5731c4c&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4344&le=1&lf=0&lg=1&lh=80&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1357%3A1357%3A1435%3A1303&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5059&cd=58&ah=5059&am=58&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980500&dfp=0%2C1&la=22364980500&zMoatW=300&zMoatH=250&zMoatVGUID=6a1cad48-bc63-437c-bfa1-a23a4181434d&zMoatSN=a&zMoatSL=mpu-bottom%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-bottom&zMoatCURL=zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=mpu-bottom&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197504&na=442561466&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:18:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 17 Mar 2022 13:18:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.zdnet.com
URL: https://www.zdnet.com/service-worker.js

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations	1970-01-20 01:39:36	Name: pv Value: 1
www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations	1969-12-31 23:59:59	Name: zdnet_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22aw%22%2C%22subses%22%3A%221%22%2C%22session%22%3A%22a%22%7D
.zdnet.com/	1970-01-20 01:48:47	Name: fly_geo Value: {"countryCode": "de"}
.zdnet.com/	1970-01-20 01:48:47	Name: fly_device Value: desktop
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
www.zdnet.com/	1970-01-20 10:24:19	Name: _mfuuid_ Value: f2363dc0-a8fa-470b-a976-a38993580455
.zdnet.com/	1970-01-20 10:24:19	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Mar+17+2022+13%3A18%3A45+GMT%2B0000+(GMT)&version=6.20.0&hosts=&consentId=ee232e9d-7251-4a2f-81ea-e95bff634837&interactionCount=0&landingPath=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-cuba-ransomware-hit-49-critical-infrastructure-organizations%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1bd621714afad4ac
.www.zdnet.com/	1970-01-20 19:09:55	Name: chsn_cnsnt Value: www.zdnet.com%3AC0001%2CC0002%2CC0003%2CC0004%2CC0005
.www.zdnet.com/	1970-01-20 19:09:55	Name: tglr_tenant_id Value: src_1kYsAcdpfzbZ8UlNLYht1RPg3m2
.www.zdnet.com/	1970-01-20 01:38:44	Name: tglr_transit_id Value: c1d40ccb-6e51-4e52-b190-38b58dec3373
.www.zdnet.com/	1970-01-20 01:38:44	Name: tglr_sess_id Value: 79b8f441-c6aa-469f-a3a2-679dbf949ddf
.www.zdnet.com/	1970-01-20 19:09:55	Name: tglr_sess_count Value: 1
.www.zdnet.com/	1970-01-20 01:38:44	Name: tglr_req Value: https://www.zdnet.com/article/fbi-cuba-ransomware-hit-49-critical-infrastructure-organizations/
.www.zdnet.com/	1970-01-20 01:38:44	Name: tglr_ref Value:
.www.zdnet.com/	1970-01-20 19:09:55	Name: tglr_anon_id Value: 700e157e-c750-4597-99dc-c061f84c3e58
.zdnet.com/	1970-01-20 02:21:55	Name: arrowImp Value: true
.zdnet.com/	1970-01-20 02:21:55	Name: arrowImpCnt Value: 1
.zdnet.com/	1969-12-31 23:59:59	Name: zdnetSessionStarted Value: true
.zdnet.com/	1970-01-20 02:21:55	Name: zdnetSessionCount Value: 1
.cohesionapps.com/	1970-01-20 19:09:55	Name: cohsn_xs_id Value: 2dfe45f2-4140-46b2-bf3c-f0d1d0f24606
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 6a1cad48-bc63-437c-bfa1-a23a4181434d
.www.zdnet.com/	1970-01-20 19:09:55	Name: cohsn_xs_id Value: 2dfe45f2-4140-46b2-bf3c-f0d1d0f24606
.zdnet.com/	1969-12-31 23:59:59	Name: fly_session Value: 09a98b3deadabfc832dae081d91f9387
.doubleclick.net/	1970-01-20 11:00:19	Name: IDE Value: AHWqTUlsm0VXhmoXIrBVp7oJQ0TJ5kwlH7GoqGsgWFX_2OYIBbWDoxyeleK8dFoHKFs
.zdnet.com/	1970-01-20 11:00:19	Name: __gads Value: ID=9d699399040c965f-22f42c855fcd0024:T=1647523125:S=ALNI_MYXYtBmL08CgXTbGy0P15ajqjzG1g
.zdnet.com/	1970-01-20 01:48:47	Name: RT Value: "z=1&dm=zdnet.com&si=03c92762-152b-43c8-9222-f9168c4b9bff&ss=l0v0qa6f&sl=1&tt=1o9&bcn=%2F%2F02179916.akstat.io%2F&ld=2h3"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179916.akstat.io
3f74300a17a7c2fe26913db904f89122.safeframe.googlesyndication.com
a.myfidevs.io
adservice.google.com
at.adtech.redventures.io
bam-cell.nr-data.net
c.go-mpulse.net
cdn.ampproject.org
cdn.cohesionapps.com
cdn.cookielaw.org
confiant-integrations.global.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
googleads4.g.doubleclick.net
ingest.make.rvapps.io
js-agent.newrelic.com
mb.moatads.com
pagead2.googlesyndication.com
protected-by.clarium.io
px.moatads.com
redventuresgamdisplay60805146916.s.moatpixel.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.myfinance.com
taggy.cohesionapps.com
tpc.googlesyndication.com
urs.zdnet.com
www.google.com
www.googletagservices.com
www.myfinance.com
www.zdnet.com
z.moatads.com
www.zdnet.com
104.108.145.172
142.250.181.226
142.250.184.226
151.101.129.194
151.101.194.137
151.101.66.154
162.247.243.146
18.66.139.69
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2006
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:830::200a
2a02:26f0:6c00:287::11a6
2a02:26f0:ef:296::11a6
2a04:4e42:4d::666
2a06:98c1:3120::7
2a06:98c1:3121::7
3.127.86.46
3.230.129.221
34.120.203.121
34.206.125.115
52.56.234.21
54.172.4.218
01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070
01d86c856c5190bdf133e90c526b3d72fd5b2121623673105caa8cd3d55e0906
0258fc4beda23edc6aefebf079cdd6b98ffe37cde48469227e70522b719764dd
0928b9a8dbd48ce560c2c2b2d363d06ed09c268969034fe750ab54f13ccaec36
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ddfc757b968f988a5a80ec7b986d25d036078636fe587483d043d4c120d3cea
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
0f23aaa9d0fec5942a9907b88ad801ff3eff3abede69bf286d869061201c67fe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1890aaa1d2b4409da519b9d692abc4b421f51f60583256aa6ee5d19450f8ff06
1a703d617fb31d56238372d5bf78e9861b3a09b7447a0184bd5f1c178461ed12
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
203286b4965ebfde9cbe21580acd47c6ef618e5da9020dbf3f35afad9cb525b0
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
2436be3280975bf44b35a453a4a590e93e31b6a745cb9d2912278da3ba6870a1
25c94cd4347d09bfe600df0feb45051552d4c333d8fb3cfdf4d03cd7078ee75b
25f30dba8a6198200c0bbe8080d1b9126254eb14884bb4fe48ef71775579e6d6
260a390b3ff12aa966314aa1ef80302259adde51a65f1d90f90ba906e387d958
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
2b2c2165c69994b6350137afa67b92cc5ad6467e94bbb84e5c96641ee4c671c4
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
384a9d0be75a1b08b284181098a5ba0d0ca78edf203d27089ff5f568d4d3500f
3c591927cc6254cd17a33c78e3293b8456851a88c736b300647f7d263dd31740
41b41054221f9790b0e811de4ce9cf3698de3ed02b2d6cabdfa854376a8e7f29
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
499e2ac8c3b1b39eaa429f453f8526a107ecd8ff5e092507aceb902470903736
4c3e5b57a30770f689584ac54b4457ba29fdcddb416b32297750aeb5f16d9e84
4cf19736a481384205203472948e756821cac113669617b04ec04964d5a4a10d
4eed19a0bd8e74462c31d45f36e5e2c02b9b5761366794ed470c6b88af65255e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55512fd4729d1dc0eaff22a32c9d3df4f92bddc8d176854930ead03810c56b9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562ec00fa7e1a22ed4ef64be7f21657b69451746bf5b0be7ba8f1da330ca1c1e
566bb34964e06f2bc75ee9d6097ac23df702b741f7d25ae5d99ed0bdcba8a03d
574c07faaca1d96a147ff9b1e55962b9947819de3d2c17908e3752f75a6148fb
578db569106e9435dd6dc8222eb8b3db7cc7a506cf2cc26c24aa6cc4ec2d22e4
5bf284293069800466600763a5c6207d850f8a42fe4328949ca9a6f83ed2a805
60e0150bdef451ae1bd8cdcd88a690665acd2023101b04d6725f26cc64029f02
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6717fef2469c80e90757494d78c3c422dd5651bf43dc64f072d04dfd1ee2c89d
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6ab5a5259fdfa1dae982640834b74b42942fb86f6f69a0d04e03f915cddc3b91
6beb4dc9812a37e2fcd883fe30c09400c2e4f97b81d052f0162fca58ed75fb0c
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7263125ec31b9bfb6150f5190c8e65ee1f929e3a7073d8cd09443ed1262080f2
77534605d7f4bf6131511e44b4da078721199a58ed38e00b2d26cb97fc9e4a7f
77d963af9a6fd33fd143e96de3816ebbf424ccbf5a0aced977bf4eb9b3ebb095
7abfb9bf1f6fefff44e84689a26e722ef8a8683b8645bb230f0805d23595ea37
7ae5af210b56a93bc7182e423342e6ad1f4783aa087df3d05e64e7dcee4a6678
7d4ff5770358fec54db45a8be051a96a5041e443f17fc068d1ef9fd79e0c7fab
7f1639eeb6e3eb3e2de52c35e650ac2fe53ea34ee8e8cac73807facad51e9b7f
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82f947d14a0a198dfe3cec2fde7896f6e332eb798cc193dad8da9ed2225277cd
84657ad54ae714e59f44450153cec28117127a69c5fe894ca1707f3458854c5a
850953688710173a1efdc0b664106dd47122b3304c72155274f31670dc85e00c
87e4be9904c7a7dc6b6631cd87aa836df597005621d5acf4557a4bcef4f9ecf1
88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9
93b837b5caccd2e6b2c54f2899f995ae0077caafb64b2cec75dbc06347f683f0
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
9b7909cb9edd007095b41a13617b66208e4210fff9c5e411a7db116efefc8e71
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89fefe62a3aefdaae686026c0fe9b8f65206929032b1b905b9ddf6fac51c7c5
a9bdc047a5617c5d6d0aafa2fc46cd7499af2d4740088830c9e4da34cd0a7c30
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9
b1ec89a1c03190db8df843e1dfcfb547111c383f7c0e4c722b99491149e4dfcf
b9b3bdd62c372b0a78468fd830242e508ea16dcf217ebd4d3e5ec745da8b179e
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
c11af48ab0034b28a743e5b97fc32d2bc45de919f861807668bfb05095979840
c26b8bad9db974b743c9dffe78b1dcc93bff87eb414abd2b8d110b3280bbdca2
c323155bda999f53a727824fcb71fb335b716d2e665841ba507c2b7871aa39a8
c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2
c83de3876b70820a0a835648010dc49a5600d6c3dd65f1a1e19ff44d33663083
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf976a05632c1aefb7004168a7827c261474fdd872b776c63a9c0658c9bec4ce
cf9aaf88d8d3f6de1956dee63fc5bc3b360aa205aed4969bcf2e626ca2c4afc3
d209cec324d28bdf4a16559aca223302940ab469d498e6cd779bf54a6ed68d4d
d5101dc961dd056af6aee60f24aee3d15e50f70070dec1e1c5a3d1620596b454
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d999189ef93f6fb7742da9850906afc17e49e768a8888361d709c1a4118e0148
da390f9e1d66d7746b1bc4c562f7b90ca2199d99b905412eeb0d303d41982694
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dbb68c8223310bfe8a802d6b8289a0d010bb49ff723ff006018cef3b7625f013
dc17f18ab317cf950e5077f869cff1deb8e6e791dbb82236f0097545562c1ed4
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
dfd63a7a6f41659f23d2e7eab923fec7ee42915842ff5bc26610db12239cced6
e11aa620f3a3d4eaa3c74339edb5885972f7c031dc83e92073bb4d91af311a02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e619528d9ab1e831a04be0f0b1d656257dd216f3ebd6faf5d088f60c8d65b9
e485e709a41704ecb4f5c7b8a43b79f8fae9eb048257b50accfc9c9e20838816
e5f7cfcae397d7a1faf00acf6eaf4a7c4d4bb3f749d638c1e7899ef6887e9ebe
e67589ca7756914bacb5286a4dd6a50cc2303909367600604804e0c5257e546e
e9f521032c6dc2dc5e50608f589f3c35e71ff09a08b1d4df105818f034d51e41
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
eab6abdfbfa59c9264ec494a44f981a2f9bda1806436dda3ebb6c88d8281941e
eaf765d314b24473895a9ece61135d31023528c3b65129051b2c5a471d780604
eb3bf66a2989b47f461c2d6cc9199615e28e498240b5121ce0321ad61018afa1
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ed32892a0cd4873b119f3e0fc595c269e9daa40e8a00975017e717faa2ba7fd9
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f190d853631866b9d3c914e88de91b630dba243ffeff5939aa723f3929171e41
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f808f80e0a6828022228c0fcd89ff0a7338bc5f6a7ce891327f7e51bc3d46d06
f8ef896304d0e442fe424594c6d047347ea9a553e733507f101952e15c7f41f5
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097
ffb9240b0e50417070fca7723227fa7a4b8e9b3789f42db807d4e8fc2ec54095

www.zdnet.com Open in urlscan Pro 2a04:4e42:4d::666 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

100 %HTTPS

55 %IPv6

24 Domains

34 Subdomains

32 IPs

3 Countries

2868 kBTransfer

8248 kBSize

28 Cookies

22 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:4d::666 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

100 %
HTTPS

55 %
IPv6

24
Domains

34
Subdomains

32
IPs

3
Countries

2868 kB
Transfer

8248 kB
Size

28
Cookies

211 HTTP transactions
9 data transactions