www.itworldcanada.com Open in urlscan Pro
64.140.127.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150#secondary
Effective URL:
https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Submission: On December 08 via api (December 8th 2020, 1:05:04 am UTC) from DE

Summary HTTP 181 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 16 domains to perform 181 HTTP transactions. The main IP is 64.140.127.168, located in London, Canada and belongs to START-, CA. The main domain is www.itworldcanada.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 28th 2020. Valid for: 3 months.

This is the only time www.itworldcanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	64.140.127.168 64.140.127.168	40788 (START-) (START-)
3	95.100.80.173 95.100.80.173	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
11	2600:9000:206... 2600:9000:206f:1400:3:dffb:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.218.225.40 52.218.225.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
23	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
2	46.101.133.82 46.101.133.82	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	2607:f8b0:400... 2607:f8b0:4008:805::2003	15169 (GOOGLE) (GOOGLE)
4	64.140.127.151 64.140.127.151	40788 (START-) (START-)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
31	2600:1480:300... 2600:1480:3000:e5::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
4	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1 1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
181	26

30 64.140.127.168 (London, Canada)

ASN40788 (START-, CA)

www.itworldcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.100.80.173 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-80-173.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:206f:1400:3:dffb:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.itworldcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.225.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2154e040b91690e17ba74fabbe681e87.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

itworldcanada.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.133.82 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4008:805::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.140.127.151 (London, Canada)

ASN40788 (START-, CA)

bb.itwc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2600:1480:3000:e5:: (United States)

ASN33905 (AKAMAI-AMS, EU)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	itworldcanada.com www.itworldcanada.com i.itworldcanada.com	449 KB
38	twimg.com cdn.syndication.twimg.com pbs.twimg.com abs.twimg.com ton.twimg.com	349 KB
27	googlesyndication.com 2154e040b91690e17ba74fabbe681e87.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	1 MB
24	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	289 KB
10	gstatic.com csi.gstatic.com	960 B
8	googletagservices.com www.googletagservices.com	220 KB
8	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	109 KB
6	google.com 1 redirects adservice.google.com www.google.com	524 B
5	iubenda.com cdn.iubenda.com www.iubenda.com hits-i.iubenda.com	103 KB
4	itwc.ca bb.itwc.ca	19 KB
4	disqus.com itworldcanada.disqus.com disqus.com	34 KB
3	disquscdn.com c.disquscdn.com	230 KB
2	google.de adservice.google.de www.google.de	910 B
2	google-analytics.com 1 redirects ssl.google-analytics.com	18 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	28 KB
1	googleapis.com ajax.googleapis.com	33 KB
181	16

	Domain	Requested by
31	pbs.twimg.com	www.itworldcanada.com
30	www.itworldcanada.com	www.itworldcanada.com
23	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.itworldcanada.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.itworldcanada.com tpc.googlesyndication.com
11	i.itworldcanada.com	www.itworldcanada.com
10	csi.gstatic.com	securepubads.g.doubleclick.net
8	www.googletagservices.com	www.itworldcanada.com securepubads.g.doubleclick.net
7	platform.twitter.com	www.itworldcanada.com platform.twitter.com
5	www.google.com	1 redirects securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	abs.twimg.com	www.itworldcanada.com
4	bb.itwc.ca	www.itworldcanada.com bb.itwc.ca ajax.googleapis.com
3	c.disquscdn.com	itworldcanada.disqus.com
2	ton.twimg.com	platform.twitter.com
2	hits-i.iubenda.com	cdn.iubenda.com
2	disqus.com	itworldcanada.disqus.com
2	itworldcanada.disqus.com	www.itworldcanada.com
2	ssl.google-analytics.com	1 redirects www.itworldcanada.com
2	s3-us-west-2.amazonaws.com	www.itworldcanada.com
2	cdn.iubenda.com	www.itworldcanada.com cdn.iubenda.com
1	syndication.twitter.com	1 redirects
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	www.itworldcanada.com
1	stats.g.doubleclick.net	1 redirects
1	www.iubenda.com	cdn.iubenda.com
1	2154e040b91690e17ba74fabbe681e87.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ajax.googleapis.com	www.itworldcanada.com
181	29

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
epubs.itworldcanada.com
www.itbusiness.ca
www.itwc.ca
www.technicity.ca
my.itworldcanada.com
www.nfn.ca
globalnews.ca
ca.linkedin.com
plus.google.com
digital.itwc.ca
lightningpr.ca
www.channeldailynews.com
www.directioninformatique.com
adclick.g.doubleclick.net
www.iubenda.com

Subject Issuer	Validity	Valid
itworldcanada.com Let's Encrypt Authority X3	`2020-10-28` - `2021-01-26`	3 months	crt.sh
www.iubenda.com DigiCert Secure Site ECC CA-1	`2020-02-18` - `2021-05-19`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
i.itworldcanada.com Amazon	`2020-03-11` - `2021-04-11`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-31` - `2022-01-30`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
bb.itwc.ca Let's Encrypt Authority X3	`2020-10-13` - `2021-01-11`	3 months	crt.sh
pbs.twimg.com DigiCert SHA2 High Assurance Server CA	`2020-08-05` - `2021-08-10`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Frame ID: 3C896AE00637378272784611F9B65E50
Requests: 82 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_mnkXI2MGCYL9uY5Vr6dNpX6zq4xfhPOZkm1uUf5IYDhj6KmhGsCYgdWVfles7KcGK4xBMHLPTsYjhB7GIxXZ6EDDUdDtY1CeTa6soU71KOBjZaajeuf5Ekhre1-iv5vVQbVMKqg3M_uoGflFQG5TTiaCdDpFdsSRpXkUuIfqnVtVXOxH9oQA15dV2qD2ybMaSirS6C6YcHi0KFfoeiZPHIUSe13vJnxvNZnci-CwZiifgYgM1tJ5YNphAf59Qv9gOrwJliBSaw&sai=AMfl-YRIsNJvqKacajLX9Sojz4BoyZsfCe1_0JwOmDQpk6d8FdrSAdA-TJ5uWJCVo62qC4XhFqh5LoRUTgWjVydLoCck0ngIQIlLCxe5aOC7M2JJ6LqvBRmrwhlrElqLn6fq&sig=Cg0ArKJSzGHg7ENIgKb_EAE&adurl=
Frame ID: 9FE1D933CF4A6D2E5E1440647A7BA68C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_kBcoh4Nx19umBpHRacmKZvWr1kWJVyavcmPV_yHoXxhn9YwAWHRyXcKAG0rpEoFbD6yasy4FrIz08lMKUHDm7msw9lSYfJ8olTLK4IiI6VHDXBzlDay_OaU2Hnno-OqD-aQEM0yvH2VT0bbNw81zO0BEYHyaZM14cZmQBscatkuiNmvH9jxaF8lBJfcL9tk71i5mXOIgDJDC_kA3B0TV6rOXi0ilOrE9wBFP53rQabtumtKt1jmcHf3cT2im0-cx8XzvE-POEg&sai=AMfl-YQtHMxtEuXj3aROnYVvZ0fJOwR8S2GWeHdb74LOAdjxwKN3o0eK0hbzLk9O63wHVMssUmIPTivBjdlYL7eNweDHV0I9zfomsd08FQ468-LTIDjXaOhf0vcQPT2fo2YE&sig=Cg0ArKJSzPUS-a1N7TGSEAE&adurl=
Frame ID: 6EEC209B7BA79D4CED68CC8AC92F0D33
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteeq46cbVXIOEzdkaYgapEywC0jYRq6hViZAoF6FfwHGGXwG4VywHg4jkQnT_yqWwgJuzD3kNb0PIBDcoqq5HdqCq0xmXTSqhDKohPYek4CinnBtIzocc5_fw95OukpNgd38fTCPF0k6BzCoYrwAP9o8eaYPwMK0y9sSV8Y1dPK4DMzR-xvNfW4fDD1DMGR_5ifaZ9rhGjzdVZ7pGKmNkPxYVyCMl9lfsNGRrngWEOuGYwhBh7sGG0v4SXAor2QJSAM9hqIQttfA&sai=AMfl-YT75gY5kGJPqE8zl8ru9meMPzby4YuX8wCqH2OFvu_y5mGWVlDInHk3UrYVc3QhMauiYCIdfx8vZCp2oJ00_tXmOPGgm4AV3BUq1Lep_FNALYHC8d8nmM3JbpE-HhzB&sig=Cg0ArKJSzBlU_mOFtSlHEAE&adurl=
Frame ID: 513D94ABE2976408C778170E32044F48
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7f6CASzQc36gxnxoqt0yz5KYGCaT8Ld4VtSFLWgiZHUaf33qxOke_YbgDxljeh6RfRpK0-EUzfxEKdLDSo2CKpqkuDbnj9f0pov9G3bpdVZEddQLR8pxo4IrVFkPJnqG6LmyUq6h4fvhzG984u-7Uq8kkOKRJworRcss0K9eTXEWbuw3Gj6WPSAiGo_iKBKZ4tqEXQi10QQrVKCLAM-xgLHF1yRfCelmAojyLH7uEZWmqs2CDTfhRi6Q2d4N4XoA9VBOKDez9Yw&sai=AMfl-YScuM4v2lEOOVvJvM1aY9zYDfM5hzvnyhJXrfoF2o5HpZ0is3xIF4_m1HsckL9iqBNsTVgoxTyWVj1ZeU_oXqZkB_Va_8kLVlUuN2QyI4XJzE2ud9thhqnTpXPTKtwY&sig=Cg0ArKJSzLdHNiBSipg7EAE&adurl=
Frame ID: CB298EAB7B2BAE9662D61529C1A92DD3
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9y0TCnnr3c2ttOkHyedGG6He_397Cnu2qUbR-q5IT0KMB1RhHTQel-Zxojo6sH9GgDGS2Q_Z4tb28ODNmCIx42w_PQWzSNzoFHuKrqdrLjCgiFlCDt7t9fH6LhoPa7qoHddpdzVBxpTseU_GFsgvwftg7IaHjZn7kaJq64s8vQl19gAaok6kxGFORXNb3aPS6oyg0D2JudMuBnA7wJhxnF47f9LtdB64E_etleKMG-XyrEkFE5xGt3HsZ_5ieR3t8jnXKZOhOBA&sai=AMfl-YTwUqjgwn8Yx-VttUHfUbQc6cTx_tInuf9XP6S8J-nUyu2JZnE5Pm1lF85-tunnuMNMXcNJMA9uMfyZ3zZmpKoxYwe5ysv6Z0BlccFnEoq0EfKTvlic93bKrdNhus4r&sig=Cg0ArKJSzKkDJhaVlsEPEAE&adurl=
Frame ID: 628393816FA6C833AACB41CC1DADB649
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGX5Czx4Ig28cach3O63XqOHResr2RI2TxuynAGaIxqvyyA9Lb2Wi_e882jkWP3cfG-1aXU2bIXVa7jHMrdwi_uDGaRGj49U5kbdIkeeKmsx9UvhqRE5xxHfJAisantMwo3RmiMvinDbO5IwOBS6FT1Tzmkdb5n4Kc16rp6lK3t2uXqhknxdic4SHkQfA1fOQn8-CO85i9gnY8lKZzlGXYcA6RvfXIeuiSj1V_uRkV-1VLo3tqzKkq6bltahiGm-5eSFdxUwNkKw&sai=AMfl-YRksBoM01IGjA0MscJpJeovRoqBtaHeUexoCboqaZhJnnA4wmFFxx-XnZyu8XrvC72kA9uYLEPMWE9pDCjggHuqwntsugM7mIgSAOiZ4zH6mg5ImXNiltj1urk4hqfm&sig=Cg0ArKJSzLhTAg7luLBnEAE&adurl=
Frame ID: C4AE24E64F9AF5942D1EC86DDF0CC8B6
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6AB19CAC3480C526F4A7234EC5245CB0
Requests: 4 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itworldcanada&t_i=439150%20https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2F%2F439150&t_u=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&t_e=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&t_d=%0A%0ARansomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released%09&t_t=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&s_o=default
Frame ID: 0A06AA192517C4976B58B7D63080D468
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.itworldcanada.com
Frame ID: D2E589EFE13699CF9DA5740122B89994
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1335936583334318080/iz1ybA8C?format=jpg&name=144x144_2
Frame ID: 66076C4074FB2A9899886AA0C0CBF654
Requests: 44 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: B336E5E1B0E1AF9E642908BD0C768B22
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 87D8F5CF09E0DB81AAEBEA78DCC08E84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

181
Requests

100 %
HTTPS

67 %
IPv6

16
Domains

29
Subdomains

26
IPs

5
Countries

2952 kB
Transfer

5268 kB
Size

8
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/user?screen_name=itworldca
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ITWorldCa
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/itworldcanada/
Title:

Search URL Search Domain Scan URL

URL: http://epubs.itworldcanada.com/
Title: Digital Magazines

Search URL Search Domain Scan URL

URL: https://www.itbusiness.ca/cmo-digital#cmo-talks-podcast
Title: CMO Talks

Search URL Search Domain Scan URL

URL: http://www.itwc.ca/contact-us.php
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.technicity.ca/
Title: Technicity GTA

Search URL Search Domain Scan URL

URL: http://my.itworldcanada.com/index.php/user/register
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/user?screen_name=HowardITWC
Title: @HowardITWC

Search URL Search Domain Scan URL

URL: https://www.nfn.ca/
Title: Nipissing First Nation

Search URL Search Domain Scan URL

URL: https://globalnews.ca/news/7499986/translink-suspicious-network-activity-update/
Title: According to Global News

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150&text=Ransomware+update%3A+Documents+from+Calgary+energy+firm+released
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150&t=Ransomware+update%3A+Documents+from+Calgary+energy+firm+released
Title:

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150&source=https://www.itworldcanada.com/
Title:

Search URL Search Domain Scan URL

URL: http://ca.linkedin.com/pub/howard-solomon/22/5a0/aa4
Title: Join Howard Solomon on LinkedIn

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/b/112118513090353224053/+ItworldcanadaITWC/posts
Title:

Search URL Search Domain Scan URL

URL: http://digital.itwc.ca/f/canadiancio
Title: CanadianCIO

Search URL Search Domain Scan URL

URL: https://www.itbusiness.ca/cmo-digital
Title: CMO Digital

Search URL Search Domain Scan URL

URL: http://digital.itwc.ca/f/computer-dealer-news
Title: CDN Magazine

Search URL Search Domain Scan URL

URL: https://lightningpr.ca/
Title: LightningPR

Search URL Search Domain Scan URL

URL: http://www.itwc.ca/
Title: ITWC.ca

Search URL Search Domain Scan URL

URL: http://www.channeldailynews.com/
Title: Channel Daily News.com

Search URL Search Domain Scan URL

URL: http://www.itbusiness.ca/
Title: IT Business.ca

Search URL Search Domain Scan URL

URL: http://www.directioninformatique.com/
Title: Direction Informatique.com

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjst7GmRm7NEpRcc5xyd47zyGFmcHDzyO4HBbsffxOONIjYFvPzOutYWdvoAnxdChs-GDUZ0YR6NpBBJlyS8hvMERrunK-oLePe_BaNEe4MqsGlZ5RkIVqM5neImRLDCEL-3zX6XbUH5cK7yhQcN89L0Py4YtmhecaKIYZLHZh_r1UonLTG7gt_czN8NaO8H_dvibZM_1KKo2IXH5WkiUZZKtiKIpA3f8yjG6Lnj5ryDoBsJEPu78XNFawM_AEPyeBnVI-qmemw&sai=AMfl-YQ1a8htvX3hJUw-uoA-cPpxeHK5QdJiwr44P5YphaGBgaLhzJHQMyDGhgzmEuXgPbQZZISKm_3xpFzjCNoQgWiKrLlfIRFGaqnYO-nmzZvmk-KRr8ID4ewcGOOcZnf7&sig=Cg0ArKJSzL2CmleAy6IjEAE&urlfix=1&adurl=https://www.cisco.com/c/en/us/products/security/security-outcomes-study.html?CCID=cc000160&DTID=pseggl000015&OID=rptsc023926

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/70629310/cookie-policy?an=no&s_ck=false&newmarkup=yes
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1625686652&utmhn=www.itworldcanada.com&utme=8(unknown*Author*Pub%20Date*Tags*Categories)9(unknown*Howard%20Solomon*12%2F04%2F2020*%22ransomware%22%2C%22security-strategies%22%2C*%22privacy-and-security%22%2C)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released%20%7C%20IT%20World%20Canada%20News&utmhid=1479399287&utmr=-&utmp=%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&utmht=1607389477690&utmac=UA-2214941-1&utmcc=__utma%3D120853079.900002434.1607389478.1607389478.1607389478.1%3B%2B__utmz%3D120853079.1607389478.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1645703181&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652&slf_rd=1&random=4132953452

Request Chain 193

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

181 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 439150 Show response
www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/ 83 KB
23 KB 712ms
293ms Document
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: b4acd2867ac42d216d8dce2ca4fd8e8928f8b7f9419970e8772da7298a516af3

Request headers

Host: www.itworldcanada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:34 GMT
Server: Apache
Link: <https://www.itworldcanada.com/wp-json/>; rel="https://api.w.org/", <https://www.itworldcanada.com/wp-json/wp/v2/posts/439150>; rel="alternate"; type="application/json", <https://www.itworldcanada.com/?p=439150>; rel=shortlink
Set-Cookie: ukw=a%3A1%3A%7Bi%3A0%3Bi%3A1607389474%3B%7D; expires=Fri, 06-Dec-2030 01:04:34 GMT; Max-Age=315360000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Tue, 08 Dec 2020 02:04:34 GMT
Content-Length: 22388
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 347 B
463 B 72ms
21ms Script
application/javascript 95.100.80.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.80.173 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-173.deploy.static.akamaitechnologies.com
Software: nginx/1.15.8 /
Resource Hash: 4f3e36248ba28189d00f60c7784ae5922d2d2fe31249ee5af56155e3c66685cb

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:36 GMT
content-encoding: br
last-modified: Thu, 03 Dec 2020 21:03:39 GMT
server: nginx/1.15.8
etag: "5fc952ab-c4"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 196
expires: Tue, 08 Dec 2020 04:04:36 GMT

GET
H/1.1 200
OK style.min.css
www.itworldcanada.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 297ms
106ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Sep 2020 22:27:01 GMT
Server: Apache
ETag: "d293-5af9dffdf3914-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7907
Expires: Wed, 08 Dec 2021 01:04:34 GMT

GET
H/1.1 200
OK dashicons.min.css
www.itworldcanada.com/wp-includes/css/ 58 KB
35 KB 299ms
102ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/css/dashicons.min.css?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2020 21:13:21 GMT
Server: Apache
ETag: "e681-5ad55970d811c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 35722
Expires: Wed, 08 Dec 2021 01:04:34 GMT

GET
H/1.1 200
OK wp-ulike.min.css
www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/css/ 16 KB
4 KB 302ms
102ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.4.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: a1c8898d33bf3f16912ed47c3129983b26d904bf43b2216072fdc549376057d7

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:18 GMT
Server: Apache
ETag: "411f-5b25cfad5900e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3207
Expires: Wed, 08 Dec 2021 01:04:34 GMT

GET
H/1.1 200
OK wp-ulike-pro.min.css
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/ 74 KB
9 KB 304ms
104ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 97bc6d7d2e33122be7ffaaa19ec6d7a142c5f0e6a3ac7b861910757148498288

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:22 GMT
Server: Apache
ETag: "12784-5b25cfb1465fe-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9117
Expires: Wed, 08 Dec 2021 01:04:34 GMT

GET
H/1.1 200
OK css-boot-min.css
www.itworldcanada.com/wp-content/themes/the-bootstrap/css/ 214 KB
36 KB 308ms
108ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 9d5c9598ba0e6185bb4dea9dadbe8fccd9c524bd992679e90bf993fe74560210

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Sep 2017 17:14:38 GMT
Server: Apache
ETag: "357f3-559012d92fb80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 36492
Expires: Wed, 08 Dec 2021 01:04:34 GMT

GET
H/1.1 200
OK style.css
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/ 41 KB
9 KB 311ms
107ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/style.css
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: c378ee06bbd464704602a25e250f382feda809683cd5c43963b1e6abf30caecb

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jul 2018 19:27:47 GMT
Server: Apache
ETag: "a37f-57136f0e6ec75-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8813
Expires: Wed, 08 Dec 2021 01:04:34 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.itworldcanada.com/wp-includes/js/ 14 KB
5 KB 103ms
103ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2020 21:13:21 GMT
Server: Apache
ETag: "37a6-5ad5597108e5c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4671
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H2 200 core-7477c61df49044b49eabbd94edfbd933.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/ 610 KB
102 KB 30ms
26ms Script
application/javascript 95.100.80.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-7477c61df49044b49eabbd94edfbd933.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.80.173 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-173.deploy.static.akamaitechnologies.com
Software: nginx/1.15.8 /
Resource Hash: df127da678d7ebec429bdf5bb1dd0f2f9ea307b5d7cc9a20e8829f0cfe1e7f9c

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: br
last-modified: Thu, 03 Dec 2020 20:57:32 GMT
server: nginx/1.15.8
etag: "5fc9513c-195c9"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
content-type: application/javascript
content-length: 103881
expires: Wed, 08 Dec 2021 01:04:37 GMT

GET
H/1.1 200
OK twitter-header.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 320 B
685 B 178ms
101ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/twitter-header.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 7f5048402ac1b8b949d2069ced9d69ebe5813abed5a544d1b487c8ba47273185

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Sat, 20 Apr 2019 17:49:24 GMT
Server: Apache
ETag: "140-586f9db20a63f"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 320
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK facebook-header.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 224 B
588 B 179ms
102ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/facebook-header.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 362eee23121468c42d8586373ce7d2f283984d019575d0e46c8af9aea64d8aec

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Sat, 20 Apr 2019 17:48:59 GMT
Server: Apache
ETag: "e0-586f9d9a2dbf7"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 224
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK linkedin-header.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 346 B
711 B 176ms
101ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/linkedin-header.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: d410a1e115fd1b1c3adc9db99cbee7a9bb0400af95a190e0e37f18615a244e41

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Sat, 20 Apr 2019 17:49:15 GMT
Server: Apache
ETag: "15a-586f9da93cf8f"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 346
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 9ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40D8) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 651
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/40D8)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK blockadblock.js Show response
www.itworldcanada.com/block/ 7 KB
2 KB 108ms
108ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/block/blockadblock.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5ec358949de628946007f95c47064a064b07271b39e4d26a6b0c27a17b3a0faa

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2016 22:23:13 GMT
Server: Apache
ETag: "1c13-52c9fa0d09640-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1961
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK 166.thumbnail.jpg
www.itworldcanada.com/wp-content/uploads/userphoto/ 4 KB
4 KB 176ms
100ms Image
image/jpeg 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/uploads/userphoto/166.thumbnail.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f10aeefb066161f38dadd2ed1267852072f9fc1c7a50971b8bf25d4bf8851d84

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Fri, 22 Jan 2016 15:25:46 GMT
Server: Apache
ETag: "fa1-529edd54af280"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4001
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK cccs.png
www.itworldcanada.com/client/ 98 KB
99 KB 104ms
102ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/client/cccs.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 52147fe45e34218aea3b90fc7c43c622ac32d1fc798016f4e2a371c6a36ccd59

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Fri, 28 Jun 2019 19:08:33 GMT
Server: Apache
ETag: "18904-58c670139304c"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 100612
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H2 200 social-twitter.png
i.itworldcanada.com/uploads/ 2 KB
2 KB 28ms
7ms Image
image/png 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-twitter.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68ad5c98ff4e533be77307b324e6665b79f6d284975447165572ea1df524a29c

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:15:14 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 2964
etag: "de128dbea01040e7ab9dab8b02d58a2d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1621
x-amz-cf-id: HnR8Vy5UPJLwUlLmbp8qWL0pjvh2zywRuopQsnc112IijDlRu8U78Q==

GET
H2 200 social-facebook.png
i.itworldcanada.com/uploads/ 1 KB
2 KB 16ms
8ms Image
image/png 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-facebook.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf4512e8a7ee4d972499eb80f3f2e02beef0d56236f6cbe339befb5d1671e3b1

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 09:29:02 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 56136
etag: "c8286a899fba97e71421080b44ccb8fe"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1437
x-amz-cf-id: ArAfWzBQc-n65m_KcqD539XDYS20m4naNnXJwGbWdyJEmtXXu2qk8A==

GET
H2 200 social-linkedin.png
i.itworldcanada.com/uploads/ 2 KB
2 KB 7ms
6ms Image
image/png 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-linkedin.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9622281558f1979c053d598121153f63ca28439d6532e5a9241be4c3e1e8409

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:15:14 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 2964
etag: "a65742486a850f1342b903eb93b923fe"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1672
x-amz-cf-id: ur3YZ5xkD-CkwrNd80YuOoMyFjbXdEyP0yqHI53IkwOd4tVBCuXFFQ==

GET
H2 200 social-google.png
i.itworldcanada.com/uploads/ 2 KB
2 KB 7ms
7ms Image
image/png 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/uploads/social-google.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 709399bef8af81cbb6b283d0ac709a1cfe3579938cff3ca9f782da29f3a2f927

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 17:45:50 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 14:58:13 GMT
server: AmazonS3
age: 26328
etag: "caa9961deecbd083f26ad37267350fb7"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1656
x-amz-cf-id: 7f4ox3ND7St1lpv-RXkLUbhkyf5YT6WDpFNqTLbKY0_yU2sqA9UUIA==

GET
H/1.1 200
OK swipebox.min.css
www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/ 4 KB
2 KB 102ms
102ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.4.4
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 21:13:24 GMT
Server: Apache
ETag: "10d4-5a64319847b74-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1221
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK comment_count.js Show response
www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
872 B 102ms
102ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Apr 2019 13:57:55 GMT
Server: Apache
ETag: "379-5862d74d28e47-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 440
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK comment_embed.js Show response
www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/ 1 KB
937 B 101ms
100ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Apr 2019 13:57:55 GMT
Server: Apache
ETag: "47e-5862d74d28e47-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 505
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK jquery.js Show response
www.itworldcanada.com/wp-includes/js/jquery/ 95 KB
33 KB 109ms
105ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 23:50:39 GMT
Server: Apache
ETag: "17a69-58982a1f21bb4-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 33776
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK jquery-migrate-1.4.1-wp.js Show response
www.itworldcanada.com/wp-content/plugins/enable-jquery-migrate-helper/js/ 24 KB
8 KB 107ms
103ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f1d749ec752d0bf5719ee501fd4c0fda01b71ed35ffc72dc72e1b07d87209544

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:02 GMT
Server: Apache
ETag: "5f74-5b25cf9df9f1e-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7943
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK wp-ulike.min.js Show response
www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/js/ 8 KB
3 KB 109ms
105ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.4.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f9ddba7253d1097099639398e08133ef6c647bef45df95bc6952274f6c64d15c

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:18 GMT
Server: Apache
ETag: "20ff-5b25cfad5caa6-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2141
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK wp-ulike-pro.min.js Show response
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/js/ 6 KB
2 KB 106ms
102ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/js/wp-ulike-pro.min.js?ver=1.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 625d35a1428612400e5733f4bcffd02e6342038986110cd475c5b7b638643407

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 21:08:22 GMT
Server: Apache
ETag: "19f1-5b25cfb14cb8e-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2079
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
s3-us-west-2.amazonaws.com/itworldcanada/js/ 26 KB
27 KB 730ms
189ms Script
application/x-javascript 52.218.225.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/itworldcanada/js/bootstrap.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.225.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f8d1c73670970f54f0c7c9f2993ee14a3ef0e1319c91e5d38ea2e91fce572a9

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:39 GMT
Last-Modified: Tue, 21 Apr 2015 16:14:11 GMT
Server: AmazonS3
x-amz-request-id: 01CCE24F30DA93DC
ETag: "9e3fd459eb511a77c00372f43028ce08"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 26912
x-amz-id-2: YYXLUGefH+RAhEcZuVveECUfSWknXLK4ZkyD4Oq468/aw8TpRMj39Se9Cbysa8vM7EeaRAb3fAY=

GET
H/1.1 200
OK the-bootstrap.min.js Show response
s3-us-west-2.amazonaws.com/itworldcanada/js/ 499 B
902 B 743ms
194ms Script
application/x-javascript 52.218.225.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/itworldcanada/js/the-bootstrap.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.225.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5778b44cba918dfc38ab166b4d6befc29eeeb368e9d7cc1c80179e4919831b79

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:39 GMT
Last-Modified: Tue, 21 Apr 2015 16:14:19 GMT
Server: AmazonS3
x-amz-request-id: 631F84911FE66343
ETag: "e82ba71d4e06fd6f4ba763034589cf25"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 499
x-amz-id-2: zpOowZAq9O2+NrUGTPfF0tJjI08nFDDlDsc/JvPChQmCT2ZUyTv+m+YSB5wWJwZ3YwfFiJi18T0=

GET
H/1.1 200
OK wp-embed.min.js Show response
www.itworldcanada.com/wp-includes/js/ 1 KB
1 KB 107ms
103ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Apr 2020 22:10:21 GMT
Server: Apache
ETag: "59a-5a410a19e194a-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 769
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK jquery.swipebox.min.js Show response
www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/ 13 KB
4 KB 107ms
104ms Script
application/x-javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.4.4
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 21:13:24 GMT
Server: Apache
ETag: "329f-5a64319848344-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3957
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357247
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 21:50:30 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a6e8db27bf98c3ccac74cb36c160b29145406c8ae2b16955f586cc354aa72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "717 / 502 of 1000 / last-modified: 1607382492"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18906
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H2 200 pubads_impl_2020120301.js Show response
securepubads.g.doubleclick.net/gpt/ 279 KB
99 KB 90ms
29ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 09:42:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100510
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 53 KB
21 KB 57ms
27ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 949
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2652
date: Tue, 08 Dec 2020 00:20:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 08 Dec 2020 02:20:25 GMT

GET
H/1.1 200
OK it-world-logo.png.webp
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 6 KB
7 KB 179ms
102ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/it-world-logo.png.webp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: bc5411929c57859f711fad44490fd37f77674b35daddc719f6cd938a34b93f4b

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Mon, 22 Apr 2019 12:52:48 GMT
Server: Apache
ETag: "19c4-5871df20f9c6f"
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6596
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK glyphicons-halflings.png
www.itworldcanada.com/wp-content/themes/the-bootstrap/img/ 9 KB
10 KB 177ms
101ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/img/glyphicons-halflings.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2bafb4e0acfda84da9c417009cca7bba8a132f69cb73911d0a3f95b50a41e7f6

Request headers

Referer: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Mon, 22 Apr 2019 12:55:22 GMT
Server: Apache
ETag: "24b4-5871dfb38bbff"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9396
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itworldcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itworldcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 208 KB
26 KB 96ms
96ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4058487637895219&correlator=3970280996277932&output=ldjh&impl=fifs&eid=21068773%2C21068030%2C21066613%2C21066614&vrg=2020120301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201208&iu_parts=3034%2Cidg.ca.itwcepp&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C900x150%2C160x600%7C300x600%2C300x600%2C300x250%2C300x250%2C900x300%7C970x250%7C900x150%2C1x1&ists=1&prev_scp=pos%3Dleaderboardros%7Cpos%3Dskyscraperros%7Cpos%3Dsupersky%7Cpos%3Dbigboxros%7Cpos%3Dbigbox2ros%7Cpos%3Dfooter%7Cpos%3Dinter&cust_params=wpid%3D439150%26ptype%3Darticle%26c%3Dprivacy-and-security%26t%3Dransomware%252Csecurity-strategies&cookie_enabled=1&bc=31&abxe=1&lmt=1607389477&dt=1607389477549&dlt=1607389476624&idt=849&frm=20&biw=1600&bih=1200&oid=3&adxs=320%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=195%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4251014571%2C2764879362%2C1210744711%2C1640639909%2C823673414%2C3202507738%2C310270821&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150%23secondary&rumc=4058487637895219&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=960x95%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=960x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=2134019709.1607389478&ga_sid=1607389478&ga_hid=1479399287&fws=0%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e587a682432b3fe95491b8329c7951e30aeb0ea5a5aa5c6e5bfe56157170ee56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25988
x-xss-protection: 0
google-lineitem-id: 5521198753,5521200370,5521466762,5465557904,5465557904,5245547999,5553218549
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332673693,138332673789,138328112634,138322099687,138321716652,138305739125,138333209632
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.itworldcanada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2154e040b91690e17ba74fabbe681e87.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2154e040b91690e17ba74fabbe681e87.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK checkmark-like.svg
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/ 1 KB
823 B 104ms
102ms Image
image/svg+xml 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/checkmark-like.svg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: cd7a6996192a36ba247c32e9a19de9c0c3c7f8cc876790594dc93db32c7b051c

Request headers

Referer: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Server: Apache
ETag: "48d-5b25cfb148d0e-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 448
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK checkmark-dislike.svg
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/ 1 KB
885 B 102ms
102ms Image
image/svg+xml 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/checkmark-dislike.svg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5e8dde458697ee3e5605d67f7503ced27c2e78de057c8bc8823c0687618e1439

Request headers

Referer: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Content-Encoding: gzip
Server: Apache
ETag: "56c-5b25cfb1490f6-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 510
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H2 200 GettyImages-658560898-1-620x250.jpg
i.itworldcanada.com/wp-content/uploads/2017/10/ 47 KB
47 KB 9ms
8ms Image
image/jpeg 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2017/10/GettyImages-658560898-1-620x250.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 937171bf8e13eb6101e88c58e044f3318125aae60d388d8e3787717650c0387e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 23:35:12 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 01:22:18 GMT
server: AmazonS3
age: 264566
etag: "bd77d7bd5ac88c4b02ffc0cc12750584"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 48006
x-amz-cf-id: mFlp6cx5ktOfHs-PpNcPdZd9_i6gZ_iN9guX3JGiVQ8KecP5B6AohQ==
expires: Fri, 22 May 2020 01:22:16 GMT

GET
H/1.1 200
OK glyphicons-halflings-white.png
www.itworldcanada.com/wp-content/themes/the-bootstrap/img/ 8 KB
8 KB 103ms
103ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/img/glyphicons-halflings-white.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2b4385df8034110da0ef5043307dce11777d5e8d86dfb92d56d207f94988bc57

Request headers

Referer: https://www.itworldcanada.com/wp-content/themes/the-bootstrap/css/css-boot-min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Mon, 22 Apr 2019 12:55:21 GMT
Server: Apache
ETag: "1ed2-5871dfb2f74ff"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7890
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H/1.1 200
OK social-icons.png
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/universal/ 11 KB
11 KB 101ms
100ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/universal/social-icons.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 19716c9959a569a1b7abac4cf9feaf615c6458a70f9f7948a32355a52ca8c585

Request headers

Referer: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Mon, 22 Apr 2019 12:52:38 GMT
Server: Apache
ETag: "2aa4-5871df17a49df"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 10916
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H2 200 CS_3000x1668-e1522241983325-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2018/03/ 10 KB
10 KB 8ms
7ms Image
image/jpeg 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2018/03/CS_3000x1668-e1522241983325-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e2b459e13b4edcc9195d4170de930b7d9cb0395252b74b7d077cebe6e839bac

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 06:29:31 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 01:03:22 GMT
server: AmazonS3
age: 6633307
etag: "e3842db488f8cc09a454e36c98c24972"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 9980
x-amz-cf-id: dYfMDsenBztalh-Uf7s8erGQsptClwdLvx6B9oN6-qhYryT7sAZZRA==
expires: Fri, 22 May 2020 01:03:21 GMT

GET
H2 200 GettyImages-1183744751-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2020/10/ 10 KB
11 KB 8ms
7ms Image
image/jpeg 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2020/10/GettyImages-1183744751-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44777ca59800589cd56c476fafe777c8715050535e9e5c7af8dce69a14d65cca

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 13:30:34 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 23 Oct 2020 11:57:41 GMT
server: AmazonS3
age: 387244
etag: "199259f269014062a5066c119ab8f496"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10425
x-amz-cf-id: __G1NCk1X_tHfClSBY3dyFnJPUyDW6--FoARgdsepbPNIr9z8aNPUw==
expires: Sat, 23 Oct 2021 11:57:38 GMT

GET
H2 200 GettyImages-1034671072-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2020/12/ 8 KB
8 KB 9ms
8ms Image
image/jpeg 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2020/12/GettyImages-1034671072-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53ebaf3b8f10214fb9fe6ecfda2e63cea96eeaa22de76819e748ebb803d1cece

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 17:39:29 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 16:55:20 GMT
server: AmazonS3
age: 372309
etag: "17e53107a5f6af8a2c9e089403deb0a4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 8055
x-amz-cf-id: b-BIuwPiBPbSAKNm53WMd6It-3vD2WxNdg5qvp2hYBoesjiiEKX_HQ==
expires: Fri, 03 Dec 2021 16:55:16 GMT

GET
H2 200 GettyImages-539475910-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2019/01/ 13 KB
13 KB 9ms
9ms Image
image/jpeg 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2019/01/GettyImages-539475910-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40add3c2d9c5b4bb8c9d5b17d9c507344cb586e1ae825858345d20c4dc5fc4a2

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 08:57:29 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 00:24:36 GMT
server: AmazonS3
age: 576429
etag: "bda1afbd36bb4f04465c6c13c43de2e3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 12956
x-amz-cf-id: 3U87igCx848PJoviAwI800Fy_MoiEBHEyhaSZEWauop9TQNXlPtcQQ==
expires: Fri, 22 May 2020 00:24:34 GMT

GET
H2 200 70629310.js Show response
www.iubenda.com/cookie-solution/confs/js/ 95 B
459 B 22ms
21ms Script
application/javascript 95.100.80.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iubenda.com/cookie-solution/confs/js/70629310.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-7477c61df49044b49eabbd94edfbd933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.80.173 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-173.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 69f13734ed35abbf67d28cfe2429d046ff7a152d678bbef712892d022d41f4b0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
access-control-request-method: *
content-encoding: gzip
content-length: 93
last-modified: Mon, 09 Nov 2020 16:30:20 GMT
server: nginx
etag: "5fa96e9c-5f"
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 09 Dec 2020 01:04:37 GMT

GET
H/1.1 200
OK footer-logo-itworld.png.webp
www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/ 5 KB
5 KB 112ms
104ms Image
image/webp 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/themes/itworld-dev-theme/img/footer-logo-itworld.png.webp
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f09dff45392cb4466fbc2a7891720f65f495b7a5eb2745feef43607f42eb0dad

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 08 Dec 2020 01:04:35 GMT
Last-Modified: Mon, 22 Apr 2019 12:52:43 GMT
Server: Apache
ETag: "1396-5871df1c7c9b7"
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5014
Expires: Wed, 08 Dec 2021 01:04:35 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1625686652&utmhn=www.itworldcanada.com&utme=8(unknown*Author*Pub%20Date*Tags*Categories)9(unknown*Howard%20Solomon*12%2F04%2F202...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652&slf_rd=1&random=4132953452

42 B
107 B

18ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652&slf_rd=1&random=4132953452

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2214941-1&cid=900002434.1607389478&jid=1645703181&_v=5.7.2&z=1625686652&slf_rd=1&random=4132953452
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GettyImages-1049736506-e1606787131474-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2020/11/ 11 KB
11 KB 9ms
7ms Image
image/jpeg 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2020/11/GettyImages-1049736506-e1606787131474-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54361f98333885ce45e91df597a9d4488b808568e2e8621d7870e6c1b5ca0a9e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 02:20:03 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 01:45:35 GMT
server: AmazonS3
age: 600275
etag: "871cb531ec5d2c40813b8ea53341e449"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 11056
x-amz-cf-id: sJhYUWNalcU2Edmq9hzaR9V0dbTlm9tXjtiRg3xxIPcLQMK1noMatg==
expires: Wed, 01 Dec 2021 01:45:32 GMT

GET
H2 200 FEATURE-Gavel-court-300x120.jpg
i.itworldcanada.com/wp-content/uploads/2014/08/ 7 KB
7 KB 10ms
8ms Image
image/jpeg 2600:9000:206f:1400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2014/08/FEATURE-Gavel-court-300x120.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8df44b1e4f8ad283e77835a377d6dd6073a08e92297a69690a641968177f01b

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 16:40:36 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 02:25:16 GMT
server: AmazonS3
age: 894241
etag: "6ffe6c2f01909302085825fd88f48855"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6832
x-amz-cf-id: Iimw1Kq8vocj07jWK5_8-UkJy7xws1_7bT88CPdAVq877lxEiIKeGw==
expires: Fri, 22 May 2020 02:25:15 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FE1 0
0 31ms
31ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_mnkXI2MGCYL9uY5Vr6dNpX6zq4xfhPOZkm1uUf5IYDhj6KmhGsCYgdWVfles7KcGK4xBMHLPTsYjhB7GIxXZ6EDDUdDtY1CeTa6soU71KOBjZaajeuf5Ekhre1-iv5vVQbVMKqg3M_uoGflFQG5TTiaCdDpFdsSRpXkUuIfqnVtVXOxH9oQA15dV2qD2ybMaSirS6C6YcHi0KFfoeiZPHIUSe13vJnxvNZnci-CwZiifgYgM1tJ5YNphAf59Qv9gOrwJliBSaw&sai=AMfl-YRIsNJvqKacajLX9Sojz4BoyZsfCe1_0JwOmDQpk6d8FdrSAdA-TJ5uWJCVo62qC4XhFqh5LoRUTgWjVydLoCck0ngIQIlLCxe5aOC7M2JJ6LqvBRmrwhlrElqLn6fq&sig=Cg0ArKJSzGHg7ENIgKb_EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 9FE1 18 KB
8 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:21:45 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 9FE1 3 KB
2 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FE1 76 KB
29 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H3-Q050 200 3830597088180899695
tpc.googlesyndication.com/simgad/ Frame 9FE1 201 KB
201 KB 30ms
15ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3830597088180899695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64cefb8cbdf6280b9ba39b0a073d86bba4d2770e9c0d6ff1839e62232a56262a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 09:28:14 GMT
x-content-type-options: nosniff
age: 488183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205638
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 20:30:25 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Dec 2021 09:28:14 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28447
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H/1.1 200
OK count.js Show response
itworldcanada.disqus.com/ 1 KB
2 KB 69ms
21ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itworldcanada.disqus.com/count.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2171977
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 10 Nov 2020 20:21:10 GMT
Server: nginx
ETag: "5faaf636-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: EE5o3Mqou4wwu-WGJXyjKPgESqmhylWa5ujMwcwbFrRaqCqiwn1iXQ==

GET
H/1.1 200
OK embed.js Show response
itworldcanada.disqus.com/ 70 KB
23 KB 69ms
22ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://itworldcanada.disqus.com/embed.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7bc5bd90530faeb37a831e70db163ac7877ba4c8bea8d0bfba71398eaccf9acb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:37 GMT
Content-Encoding: gzip
Server: openresty
Age: 18
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23287

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6EEC 0
0 32ms
32ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_kBcoh4Nx19umBpHRacmKZvWr1kWJVyavcmPV_yHoXxhn9YwAWHRyXcKAG0rpEoFbD6yasy4FrIz08lMKUHDm7msw9lSYfJ8olTLK4IiI6VHDXBzlDay_OaU2Hnno-OqD-aQEM0yvH2VT0bbNw81zO0BEYHyaZM14cZmQBscatkuiNmvH9jxaF8lBJfcL9tk71i5mXOIgDJDC_kA3B0TV6rOXi0ilOrE9wBFP53rQabtumtKt1jmcHf3cT2im0-cx8XzvE-POEg&sai=AMfl-YQtHMxtEuXj3aROnYVvZ0fJOwR8S2GWeHdb74LOAdjxwKN3o0eK0hbzLk9O63wHVMssUmIPTivBjdlYL7eNweDHV0I9zfomsd08FQ468-LTIDjXaOhf0vcQPT2fo2YE&sig=Cg0ArKJSzPUS-a1N7TGSEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 6EEC 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:21:45 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 6EEC 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EEC 76 KB
29 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6EEC 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjFmM238evsDeqBb87U1L1ISWVhSJHT6g5uA_EDabG2fRrt8mP1DdPPXxE3Tw7p__NOvmZ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 4412471274773718807
tpc.googlesyndication.com/simgad/ Frame 6EEC 239 KB
239 KB 93ms
92ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4412471274773718807

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e95dfe248505d962c27196c6fb1a8402536aa980bde0eee596dad9d477d4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 20:31:06 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244299
x-xss-protection: 0
expires: Wed, 08 Dec 2021 01:04:37 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 513D 0
0 32ms
31ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteeq46cbVXIOEzdkaYgapEywC0jYRq6hViZAoF6FfwHGGXwG4VywHg4jkQnT_yqWwgJuzD3kNb0PIBDcoqq5HdqCq0xmXTSqhDKohPYek4CinnBtIzocc5_fw95OukpNgd38fTCPF0k6BzCoYrwAP9o8eaYPwMK0y9sSV8Y1dPK4DMzR-xvNfW4fDD1DMGR_5ifaZ9rhGjzdVZ7pGKmNkPxYVyCMl9lfsNGRrngWEOuGYwhBh7sGG0v4SXAor2QJSAM9hqIQttfA&sai=AMfl-YT75gY5kGJPqE8zl8ru9meMPzby4YuX8wCqH2OFvu_y5mGWVlDInHk3UrYVc3QhMauiYCIdfx8vZCp2oJ00_tXmOPGgm4AV3BUq1Lep_FNALYHC8d8nmM3JbpE-HhzB&sig=Cg0ArKJSzBlU_mOFtSlHEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 513D 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:21:45 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 513D 3 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 513D 76 KB
29 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H3-Q050 200 4599635683481586408
tpc.googlesyndication.com/simgad/ Frame 513D 161 KB
161 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4599635683481586408

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0130e4e1051708bb0d8aec1ebdb904334d35180cb2f6f7da306b10b423feec19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 03:43:11 GMT
x-content-type-options: nosniff
age: 336086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164636
x-xss-protection: 0
last-modified: Tue, 27 Oct 2020 16:37:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Dec 2021 03:43:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB29 0
0 33ms
32ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7f6CASzQc36gxnxoqt0yz5KYGCaT8Ld4VtSFLWgiZHUaf33qxOke_YbgDxljeh6RfRpK0-EUzfxEKdLDSo2CKpqkuDbnj9f0pov9G3bpdVZEddQLR8pxo4IrVFkPJnqG6LmyUq6h4fvhzG984u-7Uq8kkOKRJworRcss0K9eTXEWbuw3Gj6WPSAiGo_iKBKZ4tqEXQi10QQrVKCLAM-xgLHF1yRfCelmAojyLH7uEZWmqs2CDTfhRi6Q2d4N4XoA9VBOKDez9Yw&sai=AMfl-YScuM4v2lEOOVvJvM1aY9zYDfM5hzvnyhJXrfoF2o5HpZ0is3xIF4_m1HsckL9iqBNsTVgoxTyWVj1ZeU_oXqZkB_Va_8kLVlUuN2QyI4XJzE2ud9thhqnTpXPTKtwY&sig=Cg0ArKJSzLdHNiBSipg7EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame CB29 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:21:45 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame CB29 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB29 76 KB
29 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame CB29 0
0 43ms
21ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3H0mEaZ9GYRZX5HLY986OCzJVu3u726W8ZX5X1FVY7PJMEFNGzYsitejC54gOsW2fFsgE
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 13244100950558584864
tpc.googlesyndication.com/simgad/ Frame CB29 82 KB
82 KB 14ms
13ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13244100950558584864

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27fd72064f1da6a5ce24630f51640e4e48a87a0acebd9c8b6d046d86f9f24c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 07:35:33 GMT
x-content-type-options: nosniff
age: 494944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84029
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:35:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Dec 2021 07:35:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6283 0
0 42ms
32ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9y0TCnnr3c2ttOkHyedGG6He_397Cnu2qUbR-q5IT0KMB1RhHTQel-Zxojo6sH9GgDGS2Q_Z4tb28ODNmCIx42w_PQWzSNzoFHuKrqdrLjCgiFlCDt7t9fH6LhoPa7qoHddpdzVBxpTseU_GFsgvwftg7IaHjZn7kaJq64s8vQl19gAaok6kxGFORXNb3aPS6oyg0D2JudMuBnA7wJhxnF47f9LtdB64E_etleKMG-XyrEkFE5xGt3HsZ_5ieR3t8jnXKZOhOBA&sai=AMfl-YTwUqjgwn8Yx-VttUHfUbQc6cTx_tInuf9XP6S8J-nUyu2JZnE5Pm1lF85-tunnuMNMXcNJMA9uMfyZ3zZmpKoxYwe5ysv6Z0BlccFnEoq0EfKTvlic93bKrdNhus4r&sig=Cg0ArKJSzKkDJhaVlsEPEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 6283 18 KB
7 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:21:45 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 6283 3 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6283 76 KB
29 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6283 0
0 44ms
20ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQbhVoBFwKg3PCAB1uGf1aEKQqN9oDQN536QW_dLKoj72Ue2dx67tDdxM4wUn83JIeDZel
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 11762517898652782915
tpc.googlesyndication.com/simgad/ Frame 6283 65 KB
65 KB 22ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11762517898652782915

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d25c8c31f3339bb96ca8a6ebdc9a57dac681b2cfac5f3ed2472787e85866c87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:25:49 GMT
x-content-type-options: nosniff
age: 16728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66494
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:34:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 20:25:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C4AE 0
0 37ms
32ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGX5Czx4Ig28cach3O63XqOHResr2RI2TxuynAGaIxqvyyA9Lb2Wi_e882jkWP3cfG-1aXU2bIXVa7jHMrdwi_uDGaRGj49U5kbdIkeeKmsx9UvhqRE5xxHfJAisantMwo3RmiMvinDbO5IwOBS6FT1Tzmkdb5n4Kc16rp6lK3t2uXqhknxdic4SHkQfA1fOQn8-CO85i9gnY8lKZzlGXYcA6RvfXIeuiSj1V_uRkV-1VLo3tqzKkq6bltahiGm-5eSFdxUwNkKw&sai=AMfl-YRksBoM01IGjA0MscJpJeovRoqBtaHeUexoCboqaZhJnnA4wmFFxx-XnZyu8XrvC72kA9uYLEPMWE9pDCjggHuqwntsugM7mIgSAOiZ4zH6mg5ImXNiltj1urk4hqfm&sig=Cg0ArKJSzLhTAg7luLBnEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame C4AE 18 KB
7 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:21:45 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame C4AE 3 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4AE 76 KB
29 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C4AE 0
0 38ms
21ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSc0MtbHlmG7eANvKQLSc5uZtIG8Cq1wOrwbJHJarfUHLizDPuDi_7vKHYgt9_jm7z8Pzkg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 6800834552302256798
tpc.googlesyndication.com/simgad/ Frame C4AE 139 KB
139 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6800834552302256798

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e97d7ed6678e4f92cb4285db854f0f3812aa440cb71b4f39a07113aa83058a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 16:55:34 GMT
x-content-type-options: nosniff
age: 202143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142231
x-xss-protection: 0
last-modified: Mon, 09 Mar 2020 14:44:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Dec 2021 16:55:34 GMT

GET
DATA 200
OK truncated
/ Frame 6AB1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6f6fb23b04471654e797f823a381300bb8354782187b121a30b644097a790e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 2388702041837970548
tpc.googlesyndication.com/simgad/ 119 KB
120 KB 17ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2388702041837970548?

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c8ca65b736d8366b5e2557ea7a55022d9284c493875dd9fd08b7e8423ee0282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 21:23:07 GMT
x-content-type-options: nosniff
age: 445290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122342
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 18:06:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Dec 2021 21:23:07 GMT

GET
H3-Q050 200 view%3Fxai%3DAKAOjsvj1eWbO24isVz1DvUZPrgRdpjLbjNgsXqsvltqscfa25LhJ4fzfEkhy6HujGaAmERRrg6y4JHlmS1GcYTf-4FbAIDxQx0g18909mjQLHxr2DHPZAIhEOITOy4xji2bhlnVLq7iUTmSjmpKoEzWRMmv7EH3T5-Zd-XXhsv1wLrunsjRIeLr...
securepubads.g.doubleclick.net/pcs/ 0
22 B 42ms
32ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvj1eWbO24isVz1DvUZPrgRdpjLbjNgsXqsvltqscfa25LhJ4fzfEkhy6HujGaAmERRrg6y4JHlmS1GcYTf-4FbAIDxQx0g18909mjQLHxr2DHPZAIhEOITOy4xji2bhlnVLq7iUTmSjmpKoEzWRMmv7EH3T5-Zd-XXhsv1wLrunsjRIeLrQSdVutZS_bQM1JkEWl5dm7dTHDr2lOd128_nIoSKcrKLxz7IS-uqFOewIpSul2XVBSI84tskU75_1UjrYLEVDA1ZNFgtIGk%26sai%3DAMfl-YRnmYZDEAg8c6u2XWE_RZzsAaRs9P6NsTIwMWMfKuKNa08iKjH512htALd2AXfwkuvnwKDUcBICSez77Esh8v7Zw_fUwlpQKVXVkEPJ8w08mM_Z61yh103OY6zW5Bb_%26sig%3DCg0ArKJSzPVrYI1jcJP8EAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FE1 0
22 B 32ms
32ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3cB4VerdKmyYAgjI6ZOkOTXjDvT5WrBiyEJVAstJKBWeVQw1gT5o6fuIdeG04BXVGwpB4J9HgEf0NqQN5ep3OHqi6dcDRR8lKmLcATQ4u9EQI6utFMlG8nIwhSdMLXo-jmKoUSw5hIS1CZwEd-AwICnLzvxZWX6LGctbKw-Pdp38x6IwaUrxmyhJE16iUZm6bmn_BWyoxKF2KDPcrfTrfKRUamVeb-sJlmNpKPAFfH7wnqPumxl5ZFGePZZ_EWKF_lvAzIfz1M5YJ&sai=AMfl-YT3eQKpEPCqFVqPavjn3L_uZTOsF2bFH1HFOJSUlhg9ZTwmCm4B05b5pqIrmIcXZV-eTWbekhfJVRU_zqB1PDkWZobdoqvVr_yYIWmIKmEalOSark6T3wPM91ix-h7w&sig=Cg0ArKJSzHzjEPMpHva9EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9FE1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7d667bec0fa72fd6ff7f349a2915f3c1e7d4acfab2a8630db3857c4f46bd323

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 6AB1 53 KB
20 KB 21ms
21ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 949
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

GET
DATA 200
OK truncated
/ Frame 6EEC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f435abe2604c557329c7e76902801a0ae943edf6be11fed8c5550f13ed6e07e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 513D 0
22 B 41ms
40ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJzWaz_Mnw-CbpIsN4_uG7VY1i_hEYmG2CMxZwUJHkL_ARvFQwoNawYcVnKi71PhaJ7t5LdFfELztnnzqKboELkL_oNUWRhd7iqUC4dTu-3xJLCCUqJ6ARfdQKVRKsC1qYhGjDbF7PRugfaelOrJNdSXSGdCe8_NUGlGt2OYibEG3yMIdSFOcEm7tFIyphbbDrZlgRocQJ4dZo5p-X8feHJnGm6m75Mi98JnRHAVbKjhoRarhhlEG1xm__PX_DcVaelqbEcH7MV1hD&sai=AMfl-YRYRyUY9UKqjxBBavAkCiX3C8zl_puNZZ0cVsAyraZxoJnrV3xEAzRlw_J8KTY4TON7zfQdUwcw14peiqjz4ZnkBv7YrpDAKikiebzG8mlbKAwJKdsrvOeHNXB6mATa&sig=Cg0ArKJSzADi1XMnLjm8EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 513D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af1b24ca9cc3d0edc1489512fefc29a3c3b9a69d59a81ae2b04b167473635463

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB29 0
22 B 37ms
37ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwseJf7zt-BfgGZQ8XdvdT85lMZ5r6AhV66a918tWM_ofB6YCzorD6UtJPnvjs1iHwKIoiWWd9ICCZ49xATaGbKjVl9NQXP-UNMTCe_tQ63aht4cTO4r0bYeSfcjMOrVZEYLL45KJ24x7FMGqjwZF8tg13xNiCDU5TNCAQN5tFOBB2G8DqlGEvBoQJPsoNKBssPLIXTykxoHJF2q-mqYVPTk0EG05h58rNwIW0cVHpVOAZNwq6Zhzikd2LR0W6TS7YkIQNDFdtX2bD&sai=AMfl-YQNDKcvyBVRBQdBunAV5YQcovKI3AQBQCEZB3260rKqwAFQIShkCclHl0mHNuG_JGFkS9byPGymwSJAlHB8nBVfehjXfknYCufTZC5k8IHV_xBCPkV27XUQGVC_oUbk&sig=Cg0ArKJSzAI7W8JV7A0-EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB29 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95957960cbd935566a373d81a5e8ba5a27b3bb6ec324682887dc73860c229f02

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6283 0
22 B 31ms
31ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvkb5DEUTtRkE_PHxMYKI2JtV5Jimxjc3x4_9VwnCpcrnqAtaTsCTH3Cr0XEwJEm9ILtLmfDr6_hOeUpdZDHo0JF3-r2owlRjDFewZnSyEiZYMtPqPpaP0-HXs0nIkQC6BkjF3DYPqxsMjKKgy22h90pMAK444ni-Iw6DEAfo4jPtMh4BXPBDCpvkLreRQE7-s92jBmgzICJ-AUzm7YpeWrVOfPK5uw23l1qEAwsOHfFIuXkEKPIHkOK8T9OfdJURdmUOcM-wTYl6Q&sai=AMfl-YRQscIHk0iRyiikh_KB0Xp_8Eh9B1guPwrA7syL0VYZxqx72ROScVe8DInl4sZU8SKRPnZ7rMshKpDWT-ServLnUe3n23yyHhuf_B5ig0m-MooI1PgLx-FX4uRURoP9&sig=Cg0ArKJSzHVgTVDAfFU-EAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6283 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b750ae14cb51a12c4975ceb7bda24d0a97872f67c8458a3dfc894b24701c97d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C4AE 0
22 B 30ms
30ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswbPhan1SvS8hYnxNDgGcAlmua1XVIZ_kJWLXp9nHxiK8DyfvHHt_0M7vJ8H10fsgFZfX8s9rfxVsNaaf-wewmTFQVGR2cmKYGKGBw1sQwmlN0xJ7MDvU4nMrob0CVYNXP1B7egEJVkQXUPw6Vosqk9VQ457uZBfpBKC456BIafpaZC4as_l5C3Q4ka4KZyj-yVrt0wXgMZPfjzFV2e425WoZ_6WnW_viy7bEt7SPWopX6fkZ1YhygaPqJotasZgLJFCjjZmKTNZ0f&sai=AMfl-YSEzAJHYlMl19KBnM8Ro0VwNzddB7GQZ-hz7izYBnnDWr639GrFH2-AsWmCFef75CRIht1KtB5opyRyK4xvSJ0V5agLv0dexqCXqsHDZK_xFBbogqYmc16lpbn1nWU8&sig=Cg0ArKJSzEMFspHWg3YuEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4AE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 007b02fc04f56cc79fbceb5b51bef20af4f87484855f1e1323bdedd27b687817

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 0
23 KB 31ms
14ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1565048
strict-transport-security: max-age=300; includeSubdomains
content-length: 22655
cf-request-id: 06e17a1457000005bf81800000000001
timing-allow-origin: *
last-modified: Thu, 19 Nov 2020 22:06:27 GMT
server: cloudflare
etag: "5fb6ec63-587f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 5fe292cd5ee405bf-FRA
x-amz-cf-id: U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires: Fri, 19 Nov 2021 22:20:27 GMT

GET
H2 200 common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js
c.disquscdn.com/next/embed/ 0
93 KB 31ms
15ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 609687
strict-transport-security: max-age=300; includeSubdomains
content-length: 94783
cf-request-id: 06e17a1459000005bfa90f8000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 23:25:14 GMT
server: cloudflare
etag: "5fc57f5a-1723f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 5fe292cd5ee705bf-FRA
x-amz-cf-id: qTlIsgJeiVKYLpKJk7-tZpsLzHRMZ2jhKj-dLst3ozr307jdRNXxtw==
expires: Tue, 30 Nov 2021 23:43:04 GMT

GET
H2 200 lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
c.disquscdn.com/next/embed/ 0
114 KB 37ms
21ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1488851
strict-transport-security: max-age=300; includeSubdomains
content-length: 116379
cf-request-id: 06e17a1457000005bf990b1000000001
timing-allow-origin: *
last-modified: Fri, 20 Nov 2020 19:08:20 GMT
server: cloudflare
etag: "5fb81424-1c69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C1
accept-ranges: bytes
cf-ray: 5fe292cd5ee905bf-FRA
x-amz-cf-id: yaoISWtZa_Htm13y7eXpFluexrytRU8scoM6I0rwGiOxoIOb1BdMdg==
expires: Sat, 20 Nov 2021 19:30:24 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
10 KB 53ms
15ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:38 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9280
X-XSS-Protection: 1; mode=block

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
404 B 24ms
23ms XHR
text/plain 46.101.133.82
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-7477c61df49044b49eabbd94edfbd933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.133.82 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
server: nginx
x-influxdb-build: OSS
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://www.itworldcanada.com
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: 5810f229-38f1-11eb-843a-0242ac110003
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version: 1.8.2
x-request-id: 5810f229-38f1-11eb-843a-0242ac110003

OPTIONS
H2 204 write
hits-i.iubenda.com/ Frame 0
0 89ms
35ms Other
text/plain 46.101.133.82
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Server: 46.101.133.82 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://www.itworldcanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 08 Dec 2020 01:04:38 GMT
access-control-allow-origin: https://www.itworldcanada.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9FE1 53 KB
20 KB 21ms
21ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6EEC 0
45 B 32ms
31ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpf_v039ECDsHZjrF3y3V9sYFTtCwe33gvv_kAplTZTwHFFgmzS88FNTgSjYI1Nrj8w8B-ghE5vmift-ZeRzxJghkxARLjXQ9pkw7fpQU4JTOHoJvMZ-feVkvqzqFhH6XchKCMhB7Y52TvmE2YlHOsul8a-_TSApWGlYYwbxbisX-HyG7ZFd0vYGPZ1_6C4U4sWSXOBCUDdS_pqiCz2NhCizS6VIRO0u-B0bic2sMclbh3BFQWCim9rmLhT5lpMbAxM2VynxhAIkCt&sai=AMfl-YSNGv3I8alFg6FLgUuCXTIC3hQxMdvVhbV2vZjfYqfQrZ899esgCDU8DVIoxmt3anSNeUC22TqWHHZiJVu8LD20gIevJ0xgEOLdm0sd2LTSNMKJSAKNn6872b0PdXLZ&sig=Cg0ArKJSzKcK9vjO5r9TEAE&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 6AB1 0
45 B 376ms
132ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6yxy&chm=1&c=4058487637895219&ctx=2&qqid=COCmz7aYve0CFQmndwod2-EH8g&met.4=fb.2~lb.3~ol.5~idt.gu~dt.-6r&met.1=1.kifa6ysg~14.0~15.0~16.0~17.0~18.0~19.0~20.5~21.5~22.1v~23.1v&met.7=CCgQChgBIEcoRzBeOBhoSHBceKajAYABi6MBiAH1pgOwAQG4AQM&met.3=113.5j_2~112.5j_3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 513D 53 KB
20 KB 21ms
21ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CB29 53 KB
20 KB 21ms
20ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 6283 53 KB
20 KB 21ms
20ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame C4AE 53 KB
20 KB 22ms
22ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9FE1 0
45 B 357ms
134ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6yyr&chm=1&c=4058487637895219&ctx=2&qqid=CNqmz7aYve0CFQmndwod2-EH8g&met.4=fb.2~lb.3y~ol.7m~idt.j9~dt.-4c&met.3=197.3r~298.3u~123.3a_n~118.5b~118.5c~118.6d~118.6e~117.7m~143.7r_1~118.7w_1~118.7w~118.82~118.8f~113.8q_2~112.8q_3&met.1=1.kifa6yq1~14.0~15.0~16.0~17.0~18.0~19.0~20.7m~21.7m~22.1f~23.1f&met.7=CCIQBBgBIAQoBDAEaARwI3iZArABAbgBAw~CBwQChgBIAUoBTAiOB1ABUgGUAZYIGAGaBRwIXi0PoABuzqIAZuRAbABAbgBAw~CBwQChgBIAUoBTAiOB1oFHAieLgMgAHWC4gBshiwAQG4AQM~CCoQChgBIAUoBTAtOCg~CBcQBhgBIAUoBTAzOC5oFHAjeOzHDIABxsYMiAHGxgywAQG4AQM~CCIQBhgBII0BKI0BMK4BOCFojgFwrgF4FrABAbgBAw~CCgQChgBIKACKKACMLgCOBdooQJwtgJ4qqMBgAGLowGIAfWmA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 513D 0
54 B 322ms
133ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6yz7&chm=1&c=4058487637895219&ctx=2&qqid=CNymz7aYve0CFQmndwod2-EH8g&met.4=fb.2~lb.43~ol.6a~idt.hh~dt.-64&met.3=197.40~298.41~123.40_2~118.4l~118.5i~118.61~118.62~117.6a~118.6j~118.6n~143.6u_1~118.6v~113.7d_1~112.7d_1&met.1=1.kifa6yrt~14.1~15.1~16.1~17.1~18.1~19.1~20.6a~21.6a~22.3x~23.3x&met.7=CCIQBBgBIAMoAzADaANwI3gWsAEBuAED~CBwQChgBIAMoAzAKOAdoBHAKeNc6gAG7OogBm5EBsAEBuAED~CBwQChgBIAQoBDALOAdoBXAKePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAQoBDAYOBQ~CBcQBhgBIAQoBDAZOBVoBnAQeJCHCoABnIYKiAGchgqwAQG4AQM~CCIQBhgBIJIBKJIBMLwBOCpokwFwuwF4FrABAbgBAw~CCgQChgBIOsBKOsBMIYCOBto7AFwgQJ4pqMBgAGLowGIAfWmA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 6EEC 53 KB
20 KB 21ms
21ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20875
x-xss-protection: 0
server: cafe
etag: 6584356153132086148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 01:48:48 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 0A06 0
0 146ms
146ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=itworldcanada&t_i=439150%20https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2F%2F439150&t_u=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&t_e=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&t_d=%0A%0ARansomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released%09&t_t=Ransomware%20update%3A%20Documents%20from%20Calgary%20energy%20firm%20released&s_o=default

Requested by

Host: itworldcanada.disqus.com
URL: https://itworldcanada.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

Connection: keep-alive
Content-Length: 2759
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 04 Dec 2020 23:33:23 GMT
ETag: W/"lounge:view:8301440192.8e13e3cc2a377b8f527aa2497470e770.2"
Content-Encoding: gzip
Date: Tue, 08 Dec 2020 01:04:38 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

POST
H2 204 csi
csi.gstatic.com/ Frame CB29 0
322 B 309ms
132ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6z00&chm=1&c=4058487637895219&ctx=2&qqid=CN2mz7aYve0CFQmndwod2-EH8g&met.4=fb.2~lb.42~ol.66~idt.hc~dt.-69&met.3=197.40~298.41~123.40_2~118.4h~118.5h~118.5x~118.5x~117.65~118.6e~118.6i~143.6y_1~118.6z~113.82_1~112.82_1&met.1=1.kifa6yry~14.0~15.0~16.0~17.0~18.0~19.0~20.66~21.66~22.3s~23.3s&met.7=CCIQBBgBIAMoAzADaANwJHgWsAEBuAED~CBwQChgBIAMoAzAPOAxoBHANeNc6gAG7OogBm5EBsAEBuAED~CBwQChgBIAQoBDASOA5oBHARePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAQoBDAWOBM~CBsQBhgBIAQoBDA4ODQ~CBcQBhgBIAQoBDAXOBNoBXASeKeRBYABvZAFiAG9kAWwAQG4AQM~CCIQBhgBIJIBKJIBMLgBOCZokgFwuAF4FrABAbgBAw~CCgQChgBIOgBKOgBMJ4CODZo6AFw_AF4pqMBgAGLowGIAfWmA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6283 0
45 B 303ms
133ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6z07&chm=1&c=4058487637895219&ctx=2&qqid=CN6mz7aYve0CFQmndwod2-EH8g&met.4=fb.2~lb.45~ol.61~idt.h7~dt.-6e&met.3=197.42~298.43~123.42_2~118.4c~118.5i~118.5s~118.5t~117.61~118.6a~118.6d~143.6w_1~118.6x~113.84_1~112.83_2&met.1=1.kifa6ys3~14.1~15.0~16.1~17.1~18.1~19.1~20.61~21.61~22.3n~23.3n&met.7=CCIQBBgBIAMoAzADaA1wLXgWsAEBuAED~CBwQChgBIAMoAzASOA9oCHAQeNc6gAG7OogBm5EBsAEBuAED~CBwQChgBIAQoBDATOA9oCXAQePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAQoBDAcOBk~CBsQBhgBIAQoBDAyOC4~CBcQBhgBIAQoBDAeOBpoFHAbeKeIBIABvocEiAG-hwSwAQG4AQM~CCIQBhgBIJQBKJQBMLQBOCBolQFwswF4FrABAbgBAw~CCgQChgBIOMBKOMBMJgCODRo4wFw-AF4pqMBgAGLowGIAfWmA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C4AE 0
45 B 303ms
133ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6z0a&chm=1&c=4058487637895219&ctx=2&qqid=CN-mz7aYve0CFQmndwod2-EH8g&met.4=fb.4~lb.44~ol.5w~idt.h1~dt.-6k&met.3=197.42~298.43~123.41_2~118.47~118.5e~118.5o~118.5o~117.5w~118.65~118.68~143.6w_1~118.6x~113.81_1~112.81_1&met.1=1.kifa6ys9~14.0~15.0~16.0~17.0~18.0~19.0~20.5w~21.5w~22.3i~23.3i&met.7=CCIQBBgBIAQoBDAEaApwKngWsAEBuAED~CBwQChgBIAUoBTATOA5oCXAReNc6gAG7OogBm5EBsAEBuAED~CBwQChgBIAUoBTATOA5oCXARePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAYoBjAaOBQ~CBsQBhgBIAYoBjAtOCc~CBcQBhgBIAYoBjAdOBdoFXAceIDYCIABl9cIiAGX1wiwAQG4AQM~CCIQBhgBIJMBKJMBMLIBOB9olAFwsgF4FrABAbgBAw~CCgQChgBIN4BKN4BMJMCODRo3wFw9QF4pqMBgAGLowGIAfWmA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame 6EEC 0
318 B 392ms
127ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6z0s&chm=1&c=4058487637895219&ctx=2&qqid=CNumz7aYve0CFQmndwod2-EH8g&met.4=fb.2~lb.43~ol.8b~idt.hm~dt.-5z&met.3=197.42~123.40_2~118.4q~118.4q~118.64~118.65~298.6h~116.6h_1~118.6q~118.6s~117.8b~116.8b~118.8d~113.94_1~112.93_1&met.1=1.kifa6yro~14.0~15.0~16.1~17.1~18.1~19.1~20.8b~21.8b~22.57~23.57&met.7=CCIQBBgBIAMoAzADaANwI3gWsAEBuAED~CBwQChgBIAMoAzALOAdoBHAKeNc6gAG7OogBm5EBsAEBuAED~CBwQChgBIAQoBDALOAhoBXALePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAQoBDAZOBU~CBsQBhgBIAQoBDASOA4~CBcQBhgBIAQoBDB8OHhoBXBheK_1DoABy_QOiAHL9A6wAQG4AQM~CCIQBhgBIOoBKOoBMKcCOD1o7AFwiwJ4LbABAbgBAw~CCgQChgBIK4CKK4CMMQCOBZorwJwwwJ4pqMBgAGLowGIAfWmA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cube.js Show response
bb.itwc.ca/js/ 9 KB
9 KB 403ms
98ms Script
text/x-javascript 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/js/cube.js
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 1f822027b6c82d89cf087cfcf56e7e755a870111faf04c87cf626108f7b5263e

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:21 GMT
Last-Modified: Thu, 30 May 2019 19:45:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag: "240f-58a2024af034e"
Content-Type: text/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9231

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame D2E5 0
0 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.itworldcanada.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1148464
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Dec 2020 01:04:38 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 200
OK moment~timeline~tweet.ae149926685a43cb146e35371430188e.js Show response
platform.twitter.com/js/ 23 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/418E) /
Resource Hash: a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:52 GMT
Server: ECS (fcn/418E)
Age: 1148466
Etag: "e124818066aeec3e87b656a0a1df57e4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 7650

GET
H/1.1 200
OK timeline.687eed636a16648c9f0b1f72d7fa68bd.js Show response
platform.twitter.com/js/ 21 KB
7 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.687eed636a16648c9f0b1f72d7fa68bd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:52 GMT
Server: ECS (fcn/40E6)
Age: 1148453
Etag: "4802138c5d5b0d168458837da333276e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6648

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 177 KB
13 KB 19ms
19ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_itworldca_old&dnt=false&domain=www.itworldcanada.com&lang=en&screen_name=itworldca&suppress_response_codes=true&t=1785988&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D5A) /

Resource Hash

1cbdc0b15434f8b7f725e35120afddc941835780a24eb713889837af8946b232

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 13312
x-xss-protection: 0
x-response-time: 170
last-modified: Tue, 08 Dec 2020 01:00:52 GMT
server: ECS (lcy/1D5A)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Tue, 08 Dec 2020 01:09:38 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 41dc49e793ea22094d4cfadfe5c06849
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 00d695d200ae8a54
access-contol-allow-origin: platform.twitter.com

GET
H2 200 iz1ybA8C
pbs.twimg.com/card_img/1335936583334318080/ Frame 6607 6 KB
6 KB 35ms
17ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335936583334318080/iz1ybA8C?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

9d261f76de2248c76f152511e022260bfd959163213ec1b20669fa6671148e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5800
x-response-time: 28
last-modified: Mon, 07 Dec 2020 13:15:56 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12e178cc22f92f2bbe613760d3f60498
akamai-request-bc: [a=2.20.189.157,b=171827278,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 1f4c6.png
abs.twimg.com/emoji/v2/72x72/ Frame 6607 846 B
963 B 32ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4c6.png

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F96) /

Resource Hash

91335a026fc4334c5bc86581833e56f2cb0d31a2984e83583236f4a9772f03e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
x-content-type-options: nosniff
age: 13782844
x-ton-expected-size: 846
x-cache: HIT
content-length: 846
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (frc/8F96)
etag: "tEF4hiKE3VypG3c4OgBjjQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fc8dbe02a632f3ec028d9a5c843164b8
accept-ranges: bytes
expires: Wed, 08 Dec 2021 01:04:38 GMT

GET
H2 200 un5gslFZ
pbs.twimg.com/card_img/1334276417203277826/ Frame 6607 5 KB
5 KB 30ms
13ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334276417203277826/un5gslFZ?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 4837
x-response-time: 30
last-modified: Wed, 02 Dec 2020 23:19:02 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5a57646b61a010608c0d9656c1ed14cc
akamai-request-bc: [a=2.20.189.157,b=171827281,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 3VayvMnm
pbs.twimg.com/card_img/1335946293554769923/ Frame 6607 4 KB
4 KB 28ms
11ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335946293554769923/3VayvMnm?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 3649
x-response-time: 29
last-modified: Mon, 07 Dec 2020 13:54:31 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0102f11aa12250a0607f91c821cdc3c4
akamai-request-bc: [a=2.20.189.157,b=171827285,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 1f449.png
abs.twimg.com/emoji/v2/72x72/ Frame 6607 423 B
737 B 29ms
7ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f449.png

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FB1) /

Resource Hash

9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
x-content-type-options: nosniff
age: 10132755
x-ton-expected-size: 423
x-cache: HIT
content-length: 423
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECAcc (frc/8FB1)
etag: "LFXrh3o/sfOGHVbERP/uFQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6f0e48e5eb99b612b9c73708adfaf2ac
accept-ranges: bytes
expires: Wed, 08 Dec 2021 01:04:38 GMT

GET
H2 200 YuX3kb7D
pbs.twimg.com/card_img/1334456088666763264/ Frame 6607 6 KB
6 KB 27ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334456088666763264/YuX3kb7D?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5813
x-response-time: 30
last-modified: Thu, 03 Dec 2020 11:12:59 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6d3e1ebd0cc22d2ba04086de702f7256
akamai-request-bc: [a=2.20.189.157,b=171827284,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 8oPHVc2h
pbs.twimg.com/card_img/1336014546478059520/ Frame 6607 8 KB
9 KB 53ms
36ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1336014546478059520/8oPHVc2h?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

977ca6b7906a4d16c6666805396b2163aaddeb6bec49cda925f20b8dec1b56d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 8296
x-response-time: 32
last-modified: Mon, 07 Dec 2020 18:25:44 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b32dbc0df8e7e1addbef9adb09a98d9a
akamai-request-bc: [a=2.20.189.157,b=171827292,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 AJBapCmX
pbs.twimg.com/card_img/1333886245894717442/ Frame 6607 9 KB
9 KB 30ms
13ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333886245894717442/AJBapCmX?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

ddb7f028e2d7feef307275850a96ab7450bc59ea4f45882bed8f17948d52a219

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 9221
x-response-time: 33
last-modified: Tue, 01 Dec 2020 21:28:38 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b49579200da1ee8b8dfaa21d7b2c4da4
akamai-request-bc: [a=2.20.189.157,b=171827289,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 1f4bb.png
abs.twimg.com/emoji/v2/72x72/ Frame 6607 511 B
651 B 29ms
7ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4bb.png

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E8C) /

Resource Hash

819bc014b47155dcf02f579f114823affaecab4a19d0e0346a280037b5fd1728

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
x-content-type-options: nosniff
age: 10132755
x-ton-expected-size: 511
x-cache: HIT
content-length: 511
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (frc/8E8C)
etag: "+ARrg/cVsLpXGNxUSpDBGA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9a00014e4717ed5a0d146a399e769880
accept-ranges: bytes
expires: Wed, 08 Dec 2021 01:04:38 GMT

GET
H2 200 6pTktlcL
pbs.twimg.com/card_img/1336000012531032064/ Frame 6607 5 KB
5 KB 130ms
126ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1336000012531032064/6pTktlcL?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 4733
x-response-time: 27
last-modified: Mon, 07 Dec 2020 17:27:59 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 681066c67ae96a870e521ccfe99e20f5
akamai-request-bc: [a=2.20.189.157,b=171827312,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_FL_MIAMI,o=20940]

GET
H2 200 6GF5KFCX
pbs.twimg.com/card_img/1335888240373608448/ Frame 6607 51 KB
51 KB 19ms
15ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335888240373608448/6GF5KFCX?format=jpg&name=1200x627

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

82fd32ca1b865a8184024f0f84f05aa06bfa79a27e598d804193becc9b3e22b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 52001
x-response-time: 90
last-modified: Mon, 07 Dec 2020 10:03:50 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 85a6a2616ed662eb0b3e945590ad35d8
akamai-request-bc: [a=2.20.189.157,b=171827314,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 zbKK4M7Y
pbs.twimg.com/card_img/1335888211785211904/ Frame 6607 25 KB
26 KB 31ms
27ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335888211785211904/zbKK4M7Y?format=jpg&name=1200x627

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

4b40447ac6803c7967a6db273bfafcda8e161b7b32f2e2c25e24693e86aae9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 25749
x-response-time: 83
last-modified: Mon, 07 Dec 2020 10:03:43 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0d5311f1ec1ebc30732ba53ee70e0e02
akamai-request-bc: [a=2.20.189.157,b=171827315,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 E-0JHBSN
pbs.twimg.com/card_img/1334579076963528704/ Frame 6607 10 KB
10 KB 17ms
13ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334579076963528704/E-0JHBSN?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

0155c8aec6021d07eba9a80bd27f35a093ae8c4fc9a7a7f731b4e5a90a6b5e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 9967
x-response-time: 31
last-modified: Thu, 03 Dec 2020 19:21:41 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4a02dd75fb9392d54a717b3b89af97bf
akamai-request-bc: [a=2.20.189.157,b=171827320,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 1f33b.png
abs.twimg.com/emoji/v2/72x72/ Frame 6607 835 B
978 B 10ms
6ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f33b.png

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA8) /

Resource Hash

cec65ee7ed23f5724798c193f8570661a789c210836ee2c8cb7dd16aacbcee18

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
x-content-type-options: nosniff
age: 18445010
x-ton-expected-size: 835
x-cache: HIT
content-length: 835
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:29 GMT
server: ECAcc (frc/8EA8)
etag: "PMtdmpls9tAhrdseUWTMCw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 266f448d5faec4386f6eecf8f3939db0
accept-ranges: bytes
expires: Wed, 08 Dec 2021 01:04:38 GMT

GET
H2 200 OOoHU7ja
pbs.twimg.com/card_img/1334911109585920003/ Frame 6607 6 KB
6 KB 18ms
15ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334911109585920003/OOoHU7ja?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5751
x-response-time: 25
last-modified: Fri, 04 Dec 2020 17:21:04 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4ab49bcc22f22bcaa6fcefac39df5b1c
akamai-request-bc: [a=2.20.189.157,b=171827323,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 xLvEW5g3
pbs.twimg.com/card_img/1333907074791710723/ Frame 6607 5 KB
6 KB 18ms
14ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333907074791710723/xLvEW5g3?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

f07242a796179a5a0fbb8d23b885f4f6f7b5b74190ed7e1bbb8dc4f31d4ea296

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5555
x-response-time: 29
last-modified: Tue, 01 Dec 2020 22:51:24 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5e06bdfee01f2f1343847237d3652057
akamai-request-bc: [a=2.20.189.157,b=171827326,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame 6607 53 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:48 GMT
Server: ECS (fcn/4195)
Age: 1148466
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 10ms
7ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:48 GMT
Server: ECS (fcn/4195)
Age: 1148466
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 yL2oxjWh_normal.jpg
pbs.twimg.com/profile_images/1260203853540188160/ Frame 6607 2 KB
3 KB 14ms
13ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1260203853540188160/yL2oxjWh_normal.jpg

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

e66e1dc6e3acf767cf93a2e582232e70169db2dd55b107986cdd453831acb347

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2263
x-response-time: 20
last-modified: Tue, 12 May 2020 13:41:06 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a02cd301d59f509d43e4f8905271fdf1
akamai-request-bc: [a=2.20.189.157,b=171827296,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 M5sthnel_normal.jpg
pbs.twimg.com/profile_images/1312837190511136769/ Frame 6607 2 KB
2 KB 18ms
17ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1312837190511136769/M5sthnel_normal.jpg

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

32383f2281d2466d1db9c294ec6e4b403e4a309544412405d52effc9bced861f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2035
x-response-time: 17
last-modified: Sun, 04 Oct 2020 19:27:12 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c70c4179e080d26d1dbc2a08af2b399a
akamai-request-bc: [a=2.20.189.157,b=171827298,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 EoqqvuMUUAEQbqU
pbs.twimg.com/media/ Frame 6607 21 KB
21 KB 31ms
30ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EoqqvuMUUAEQbqU?format=jpg&name=360x360

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

6565ac4f2b9d4d98bd12f9a69adcd947b10dbf9143ce63d0e26c681eb459dfda

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 21140
x-response-time: 48
last-modified: Mon, 07 Dec 2020 21:58:03 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e29615fc76c3049fcd25d0a37eb56fde
akamai-request-bc: [a=2.20.189.157,b=171827300,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 EopuzshUcAEsPZ1
pbs.twimg.com/media/ Frame 6607 19 KB
19 KB 30ms
30ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EopuzshUcAEsPZ1?format=jpg&name=360x360

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

ec5eef8293c6aae268347d13da74a7faa0189c1b3b89d6e40cf4b9e6e02c7d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 19229
x-response-time: 42
last-modified: Mon, 07 Dec 2020 17:36:10 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b1e4a45a3f627fc9b9335b0ffe2d8767
akamai-request-bc: [a=2.20.189.157,b=171827304,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 6607 44 KB
7 KB 8ms
7ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455839
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 64ae87e129e8b165f1ce1176293cd112
accept-ranges: bytes
expires: Tue, 15 Dec 2020 01:04:38 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 8ms
8ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455839
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 64ae87e129e8b165f1ce1176293cd112
accept-ranges: bytes
expires: Tue, 15 Dec 2020 01:04:38 GMT

GET
DATA 200
OK truncated
/ Frame 6607 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6607 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6607 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6607 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6607 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6607 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6607 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame 6AB1 0
21 B 164ms
128ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kifa6yyc&chm=1&c=4058487637895219&ctx=2&qqid=COCmz7aYve0CFQmndwod2-EH8g&met.6=6.1_CgsYyAUgSCoECAISAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame CB29 0
21 B 164ms
128ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kifa6z06&chm=1&c=4058487637895219&ctx=2&qqid=CN2mz7aYve0CFQmndwod2-EH8g&met.6=6.1_CgsY2QUgSCoECAISAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iz1ybA8C
pbs.twimg.com/card_img/1335936583334318080/ Frame 6607 6 KB
6 KB 6ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335936583334318080/iz1ybA8C?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

9d261f76de2248c76f152511e022260bfd959163213ec1b20669fa6671148e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5800
x-response-time: 28
last-modified: Mon, 07 Dec 2020 13:15:56 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12e178cc22f92f2bbe613760d3f60498
akamai-request-bc: [a=2.20.189.157,b=171827585,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 un5gslFZ
pbs.twimg.com/card_img/1334276417203277826/ Frame 6607 5 KB
5 KB 6ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334276417203277826/un5gslFZ?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 4837
x-response-time: 30
last-modified: Wed, 02 Dec 2020 23:19:02 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5a57646b61a010608c0d9656c1ed14cc
akamai-request-bc: [a=2.20.189.157,b=171827614,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 3VayvMnm
pbs.twimg.com/card_img/1335946293554769923/ Frame 6607 4 KB
4 KB 7ms
7ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335946293554769923/3VayvMnm?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 3649
x-response-time: 29
last-modified: Mon, 07 Dec 2020 13:54:31 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0102f11aa12250a0607f91c821cdc3c4
akamai-request-bc: [a=2.20.189.157,b=171827641,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 YuX3kb7D
pbs.twimg.com/card_img/1334456088666763264/ Frame 6607 6 KB
6 KB 8ms
7ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334456088666763264/YuX3kb7D?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5813
x-response-time: 30
last-modified: Thu, 03 Dec 2020 11:12:59 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6d3e1ebd0cc22d2ba04086de702f7256
akamai-request-bc: [a=2.20.189.157,b=171827671,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 8oPHVc2h
pbs.twimg.com/card_img/1336014546478059520/ Frame 6607 8 KB
9 KB 6ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1336014546478059520/8oPHVc2h?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

977ca6b7906a4d16c6666805396b2163aaddeb6bec49cda925f20b8dec1b56d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 8296
x-response-time: 32
last-modified: Mon, 07 Dec 2020 18:25:44 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b32dbc0df8e7e1addbef9adb09a98d9a
akamai-request-bc: [a=2.20.189.157,b=171827701,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 AJBapCmX
pbs.twimg.com/card_img/1333886245894717442/ Frame 6607 9 KB
9 KB 7ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333886245894717442/AJBapCmX?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

ddb7f028e2d7feef307275850a96ab7450bc59ea4f45882bed8f17948d52a219

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 9221
x-response-time: 33
last-modified: Tue, 01 Dec 2020 21:28:38 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b49579200da1ee8b8dfaa21d7b2c4da4
akamai-request-bc: [a=2.20.189.157,b=171827719,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 6pTktlcL
pbs.twimg.com/card_img/1336000012531032064/ Frame 6607 5 KB
5 KB 7ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1336000012531032064/6pTktlcL?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 4733
x-response-time: 27
last-modified: Mon, 07 Dec 2020 17:27:59 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 681066c67ae96a870e521ccfe99e20f5
akamai-request-bc: [a=2.20.189.157,b=171827745,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 3VayvMnm
pbs.twimg.com/card_img/1335946293554769923/ Frame 6607 4 KB
4 KB 7ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1335946293554769923/3VayvMnm?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 3649
x-response-time: 29
last-modified: Mon, 07 Dec 2020 13:54:31 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0102f11aa12250a0607f91c821cdc3c4
akamai-request-bc: [a=2.20.189.157,b=171827761,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H/1.1 200
OK cryptojs.js Show response
bb.itwc.ca/js/ 8 KB
8 KB 99ms
99ms Script
text/x-javascript 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/js/cryptojs.js
Requested by: Host: bb.itwc.ca
URL: https://bb.itwc.ca/js/cube.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 75fb7639af36293cf3b45f8eb3cde61b59dcc6b9dec93e23785a9eb62e119d73

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 01:04:21 GMT
Last-Modified: Sat, 24 Mar 2018 02:29:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag: "1fe9-5681f50ed26f8"
Content-Type: text/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8169

GET
H2 200 un5gslFZ
pbs.twimg.com/card_img/1334276417203277826/ Frame 6607 5 KB
5 KB 6ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334276417203277826/un5gslFZ?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 4837
x-response-time: 30
last-modified: Wed, 02 Dec 2020 23:19:02 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5a57646b61a010608c0d9656c1ed14cc
akamai-request-bc: [a=2.20.189.157,b=171827787,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 YuX3kb7D
pbs.twimg.com/card_img/1334456088666763264/ Frame 6607 6 KB
6 KB 8ms
7ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334456088666763264/YuX3kb7D?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5813
x-response-time: 30
last-modified: Thu, 03 Dec 2020 11:12:59 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6d3e1ebd0cc22d2ba04086de702f7256
akamai-request-bc: [a=2.20.189.157,b=171827816,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 E-0JHBSN
pbs.twimg.com/card_img/1334579076963528704/ Frame 6607 10 KB
10 KB 6ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334579076963528704/E-0JHBSN?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_b /

Resource Hash

0155c8aec6021d07eba9a80bd27f35a093ae8c4fc9a7a7f731b4e5a90a6b5e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 9967
x-response-time: 31
last-modified: Thu, 03 Dec 2020 19:21:41 GMT
server: tsa_b
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4a02dd75fb9392d54a717b3b89af97bf
akamai-request-bc: [a=2.20.189.157,b=171827833,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 OOoHU7ja
pbs.twimg.com/card_img/1334911109585920003/ Frame 6607 6 KB
6 KB 8ms
8ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334911109585920003/OOoHU7ja?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5751
x-response-time: 25
last-modified: Fri, 04 Dec 2020 17:21:04 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4ab49bcc22f22bcaa6fcefac39df5b1c
akamai-request-bc: [a=2.20.189.157,b=171827859,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 OOoHU7ja
pbs.twimg.com/card_img/1334911109585920003/ Frame 6607 6 KB
6 KB 8ms
8ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1334911109585920003/OOoHU7ja?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5751
x-response-time: 25
last-modified: Fri, 04 Dec 2020 17:21:04 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4ab49bcc22f22bcaa6fcefac39df5b1c
akamai-request-bc: [a=2.20.189.157,b=171827891,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 xLvEW5g3
pbs.twimg.com/card_img/1333907074791710723/ Frame 6607 5 KB
6 KB 8ms
7ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1333907074791710723/xLvEW5g3?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

f07242a796179a5a0fbb8d23b885f4f6f7b5b74190ed7e1bbb8dc4f31d4ea296

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 5555
x-response-time: 29
last-modified: Tue, 01 Dec 2020 22:51:24 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5e06bdfee01f2f1343847237d3652057
akamai-request-bc: [a=2.20.189.157,b=171827921,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

OPTIONS
H/1.1 200
OK /
bb.itwc.ca/index.php/api/activity/recordActivity/ Frame 0
0 410ms
105ms Other
application/json 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/index.php/api/activity/recordActivity/
Protocol: HTTP/1.1
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/7.1.33
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.itworldcanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 08 Dec 2020 01:04:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Accept
Content-Length: 16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a7c3d6e57cad2e4cd0eba9aa7401fad40b203b7c890e85bd3df97c5a297d74c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6614
x-xss-protection: 0

POST
H/1.1 201
Created / Show response
bb.itwc.ca/index.php/api/activity/recordActivity/ 139 B
856 B 113ms
112ms XHR
application/json 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://bb.itwc.ca/index.php/api/activity/recordActivity/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.140.127.151 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/7.1.33
Resource Hash: af1da5265575e7348ba304770de518ed7c24dd2f981b6a3dc469107e029fea11

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
Authorization: itwc:1f813bd5f6f34300b1c7734952e4ec42111bb725dfcef0e7d86f97f365f7f37b:1607389478898
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 08 Dec 2020 01:04:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Accept
Content-Length: 139
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 40ms
39ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.itworldcanada.com&doc=complete&pg_h=5730&pg_w=1600&pg_hs=5730&c=7&aa_c=0&av_h=967.688&av_w=582.857&av_a=768694.286&s=30&all_s=30&b=417.188&all_b=417.188&d=1.182&all_d=1.182&ard=0.587&all_ard=0.587&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6pTktlcL
pbs.twimg.com/card_img/1336000012531032064/ Frame 6607 5 KB
5 KB 6ms
6ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1336000012531032064/6pTktlcL?format=jpg&name=144x144_2

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, EU),

Reverse DNS

Software

tsa_a /

Resource Hash

a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 4733
x-response-time: 27
last-modified: Mon, 07 Dec 2020 17:27:59 GMT
server: tsa_a
date: Tue, 08 Dec 2020 01:04:38 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 681066c67ae96a870e521ccfe99e20f5
akamai-request-bc: [a=2.20.189.157,b=171827953,c=g,n=DE_HE_FRANKFURT,o=20940]

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:04:38 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame B336 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 07 Dec 2020 22:43:44 GMT
expires: Tue, 07 Dec 2021 22:43:44 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8454
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 39ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120301&jk=4058487637895219&bg=!T0ylTGzNAAXKjztBylgtvtt0ae2UvgIAAABOUgAAAAtoAQcKAH0ObTMZ2MTJwceiY7yTNH1itymDmExGmbpcqArMMmu5InpJjLApoH7SYHLPVhG8378x2D1GEPr6VHP6S27p1-_xIR7DNF3wVAeMWZvzRsGRz-j6Gub2GhyCrDUXmNTxMQCBwg6CRvgtLNSb0pgVrk3oFzcKwBxdPJv87kAlkpkB2kFz3x5cKpuCs4RfkTPp2Zm2i1LnUy58fds4n1_cjIXy_TrIOhVOVDgtUim9Hq-k_sZ69bVtn-Yp3irPR7-kGfzXZLxiW3zlWpqAXCTRQZO9Qi3hFiCEZnH6dfeTd7wFhaMq2DmsWnqEePXE0gyNbqcL2yD4YPou8Al0fYGDmTjbkkoY0MX3rgJQ0n2u9I2YdJsXXwdCE62Dml6AZnO6giZrNHWpOe1JviGKS4CdJNpkcCfajkVG6uyzD8BP9tRGWBsLYC2oVDvBi0Xlcyc5geO7sdfIU0Kwg08HH3YXtn_8ykDd6nlP2oFpX213G-B5L-42K8Jw8X3Aib0v_49tC9PE1A1pthwyIXQgZGbCmoV4X6okmcY6OGDPNc0LOjE4JzLiaLexLxazl-pIrE--aPiCTCms3b3oJ88dVFIUrm19BHEaxfiYs2rKF_uyd-auN8ziz9uZB6-ehx70SxOX9Qg5Ha52O2g16LZgBpy1VSm_oz9xztmaNJ2bcuDgVoBlYoCxGaFCEZ7W11Zj0Ts90YUX8PQRJ_PHljpZ1ksMGJ-ucS5_NBrqvWSbj-1q2nXut_cbP_-rAhCjE7eGQf2D6RyvpcLmMM1BMCE69WNyVavxEv8H_SIeQcugWw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6EEC 42 B
71 B 40ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv49Ow73CeW2DrM1gM5ccX6PKv-qeT6kl0bVtHusrUZaK7hTF7s0Dy3kGQR2q-wDQ9MEP4Q6iTfCQiTEocRcZ8qx896EtxQV3tNVjJuh4Y&sig=Cg0ArKJSzKC4muHfrcbNEAE&adk=2764879362&tt=-1&bs=1600%2C1200&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&p=489,970,1089,1270&mcvt=1031&rs=3&ht=0&tfs=191&tls=1222&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=90&niot_cbk=104&md=2&btr=0&cpmav=0&lm=2&rst=1607389477798&dlt&rpt=153&isd=0&msd=489&xdi=0&ps=1600%2C5730&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-4-10-10-0-0-0&tvt=1219&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fransomware-update-documents-from-calgary-energy-firm-released%2F439150&r=v&id=osdim&vs=4&uc=11&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x600&itpl=3&v=20201204

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 87D8
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.itworldcanada.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1148465
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Dec 2020 01:04:39 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E6)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 08 Dec 2020 01:04:39 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 08 Dec 2020 01:04:39 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: f4fb9fb55d69d371e5ef03053ea53119
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 125
x-transaction: 004a35f20074b384
x-tsa-request-body-time: 13
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

POST
H3-Q050 204 csi
csi.gstatic.com/ 0
44 B 128ms
128ms Other
image/gif 2607:f8b0:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kifa6ypq&c=4058487637895219&e=21068773%2C21068030%2C21066613%2C21066614&ctx=1&met.9=1.xc~2.17g~3_1.19q~7_1.0~7_2.0~7_3.0~7_4.0~7_5.0~7_6.0~7_7.0~4_1.1dq~5_1.1dv~5_2.1fj~5_3.1fo~5_4.1ft~5_5.1fy~5_6.1g3~5_7.1ga~6_7.1gg~6_1.1li~6_3.1ly~6_4.1lz~6_5.1lz~6_6.1m0~6_2.1nu&met.3=112.1dk_1~298.1iv~298.1iw~298.1j0~298.1j0~298.1j0~298.1j1~298.1j1~155.1ii_l~132.1j7~132.1j8~132.1kr_1~132.1kr~132.1kr~132.1l5_1~132.1l6~132.1l7~132.1l9_1~132.1la~132.1la~132.1lf~132.1lg~132.1lg~132.1lh~132.1li~132.1li~130.1lj~132.1lp~130.1ly~130.1lz~130.1lz~130.1m0~132.1m3~132.1m3~143.1m3_3~132.1md~132.1me~132.1me~132.1me~132.1me~132.1me~132.1me~132.1me~130.1nu~132.1o4~132.1o4~143.1oy_3~129.1q2~143.1rt_3~143.1uo_2~132.1we~129.1xg~143.1xj_4~132.1xp~132.229~132.22a~132.22a~132.22b~132.22d~132.22e~143.232_2~132.23c~132.23d~129.24e~143.25x_3~143.28s_3~130.2ay~130.2ay~130.2ay~130.2ay~130.2ay~130.2ay~130.2az~154.2az~113.2b4_2~129.2bc~143.2bn_2~153.2dr~143.2eh_2~143.2hb_3~129.2ia~143.2k6_3~143.2n1_3~143.2pw_2~143.2sq_2~143.2vl_2~143.2yf_2~143.319_2~143.343_3&met.10=1_7.IMMTEAAIgIcBGICYdSgA~1_6.IMMTEICoRgiAnIMCGICYdSgB~1_4.IMMTEAAI-MkEGICYdSgA~1_2.IMMTEKD-Cgig_goYgJh1KAE~1_5.IMMTEJCyAQj4yQQYgJh1KAE~1_1.IMMTEAAIgNMOGICYdSgA~1_3.IMMTEAAIoP4KGICYdSgA&met.1=1.kifa6xc5~6.0~7.1~8.2z~9.2z~10.bn~11.3b~12.bn~13.jt~14.pd~15.jv~16.1wu~17.1x1~18.1xc~19.2ax~20.2ax~21.2b2~22.18u~23.18u&qqid.1=CNqmz7aYve0CFQmndwod2-EH8g&qqid.2=CNumz7aYve0CFQmndwod2-EH8g&qqid.3=CNymz7aYve0CFQmndwod2-EH8g&qqid.4=CN2mz7aYve0CFQmndwod2-EH8g&qqid.5=CN6mz7aYve0CFQmndwod2-EH8g&qqid.6=CN-mz7aYve0CFQmndwod2-EH8g&qqid.7=COCmz7aYve0CFQmndwod2-EH8g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/article/ransomware-update-documents-from-calgary-energy-firm-released/439150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:04:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.itworldcanada.com/	1970-01-20 08:01:01	Name: wpusers Value: MjAyMC0xMi0wOCAwMS4wNC4zOA==
.itworldcanada.com/	1970-01-19 23:51:25	Name: __gads Value: ID=b400a0a2db39d38b-228c8cc45cb90034:T=1607389477:S=ALNI_MY2VLytRhge45SaOiIL1VrfAoGkoQ
.itworldcanada.com/	1970-01-19 14:29:50	Name: __utmt Value: 1
.itworldcanada.com/	1970-01-20 08:01:01	Name: __utma Value: 120853079.900002434.1607389478.1607389478.1607389478.1
.itworldcanada.com/	1970-01-19 18:52:37	Name: __utmz Value: 120853079.1607389478.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.itworldcanada.com/	1970-01-19 14:29:51	Name: __utmb Value: 120853079.1.10.1607389478
.itworldcanada.com/	1969-12-31 23:59:59	Name: __utmc Value: 120853079
www.itworldcanada.com/	1970-01-23 06:05:49	Name: ukw Value: a%3A1%3A%7Bi%3A0%3Bi%3A1607389474%3B%7D

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js(Line 6) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][setOption] The option "debug" he was assigned to "true"
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][on] A type of event "detected" was added
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][on] A type of event "notDetected" was added
console-api	log	URL: https://www.itworldcanada.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp(Line 23) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][onload->eventCallback] A check loading is launched
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_creatBait] Bait has been created
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][check] An audit was requested with a loop
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][check] A check is in progress ...
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (1/5 ~1ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (2/5 ~51ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (3/5 ~101ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (4/5 ~151ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_checkBait] A check (5/5 ~201ms) was conducted and detection is negative
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_stopLoop] A loop has been stopped
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][_destroyBait] Bait has been removed
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][emitEvent] An event with a negative detection was called
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][emitEvent] Call function 1/1
console-api	log	URL: https://www.itworldcanada.com/block/blockadblock.js(Line 57) Message: [BlockAdBlock][clearEvent] The event list has been cleared

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2154e040b91690e17ba74fabbe681e87.safeframe.googlesyndication.com
abs.twimg.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bb.itwc.ca
c.disquscdn.com
cdn.iubenda.com
cdn.syndication.twimg.com
csi.gstatic.com
disqus.com
hits-i.iubenda.com
i.itworldcanada.com
itworldcanada.disqus.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
s3-us-west-2.amazonaws.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagservices.com
www.itworldcanada.com
www.iubenda.com
104.244.42.136
151.101.12.134
151.101.128.134
216.58.207.34
2600:1480:3000:e5::
2600:9000:206f:1400:3:dffb:fe80:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6812:a813
2607:f8b0:4008:805::2003
2a00:1450:4001:800::2008
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:817::2001
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2003
2a00:1450:400c:c02::9b
46.101.133.82
52.218.225.40
64.140.127.151
64.140.127.168
95.100.80.173
007b02fc04f56cc79fbceb5b51bef20af4f87484855f1e1323bdedd27b687817
0130e4e1051708bb0d8aec1ebdb904334d35180cb2f6f7da306b10b423feec19
0155c8aec6021d07eba9a80bd27f35a093ae8c4fc9a7a7f731b4e5a90a6b5e6a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19716c9959a569a1b7abac4cf9feaf615c6458a70f9f7948a32355a52ca8c585
1cbdc0b15434f8b7f725e35120afddc941835780a24eb713889837af8946b232
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f822027b6c82d89cf087cfcf56e7e755a870111faf04c87cf626108f7b5263e
2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a
24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2b4385df8034110da0ef5043307dce11777d5e8d86dfb92d56d207f94988bc57
2bafb4e0acfda84da9c417009cca7bba8a132f69cb73911d0a3f95b50a41e7f6
32383f2281d2466d1db9c294ec6e4b403e4a309544412405d52effc9bced861f
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
362eee23121468c42d8586373ce7d2f283984d019575d0e46c8af9aea64d8aec
3e97d7ed6678e4f92cb4285db854f0f3812aa440cb71b4f39a07113aa83058a4
40add3c2d9c5b4bb8c9d5b17d9c507344cb586e1ae825858345d20c4dc5fc4a2
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
435e924da98a1e7860c54be3a06a25265be2a721d08d56972f6b80d6a2b0d324
43e95dfe248505d962c27196c6fb1a8402536aa980bde0eee596dad9d477d4e2
44777ca59800589cd56c476fafe777c8715050535e9e5c7af8dce69a14d65cca
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
47a6e8db27bf98c3ccac74cb36c160b29145406c8ae2b16955f586cc354aa72e
4b40447ac6803c7967a6db273bfafcda8e161b7b32f2e2c25e24693e86aae9b5
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4f3e36248ba28189d00f60c7784ae5922d2d2fe31249ee5af56155e3c66685cb
4f8d1c73670970f54f0c7c9f2993ee14a3ef0e1319c91e5d38ea2e91fce572a9
52147fe45e34218aea3b90fc7c43c622ac32d1fc798016f4e2a371c6a36ccd59
53ebaf3b8f10214fb9fe6ecfda2e63cea96eeaa22de76819e748ebb803d1cece
54361f98333885ce45e91df597a9d4488b808568e2e8621d7870e6c1b5ca0a9e
5778b44cba918dfc38ab166b4d6befc29eeeb368e9d7cc1c80179e4919831b79
5e8dde458697ee3e5605d67f7503ced27c2e78de057c8bc8823c0687618e1439
5ec358949de628946007f95c47064a064b07271b39e4d26a6b0c27a17b3a0faa
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d
625d35a1428612400e5733f4bcffd02e6342038986110cd475c5b7b638643407
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
63593c3ab30f05decc504035e40c4a222bb373f0060609075dfce34b75e56614
64cefb8cbdf6280b9ba39b0a073d86bba4d2770e9c0d6ff1839e62232a56262a
6565ac4f2b9d4d98bd12f9a69adcd947b10dbf9143ce63d0e26c681eb459dfda
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68ad5c98ff4e533be77307b324e6665b79f6d284975447165572ea1df524a29c
68ff40a10387e560ef22b632a00f0959db1c15ae7176973528e907695aca7f2a
69f13734ed35abbf67d28cfe2429d046ff7a152d678bbef712892d022d41f4b0
6a7c3d6e57cad2e4cd0eba9aa7401fad40b203b7c890e85bd3df97c5a297d74c
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
709399bef8af81cbb6b283d0ac709a1cfe3579938cff3ca9f782da29f3a2f927
75fb7639af36293cf3b45f8eb3cde61b59dcc6b9dec93e23785a9eb62e119d73
763be30b61a869ec8bc6044b2714bae2a5f2587d6dcd0a371772f9bf3e87ae8d
7bc5bd90530faeb37a831e70db163ac7877ba4c8bea8d0bfba71398eaccf9acb
7e2b459e13b4edcc9195d4170de930b7d9cb0395252b74b7d077cebe6e839bac
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7f5048402ac1b8b949d2069ced9d69ebe5813abed5a544d1b487c8ba47273185
819bc014b47155dcf02f579f114823affaecab4a19d0e0346a280037b5fd1728
82fd32ca1b865a8184024f0f84f05aa06bfa79a27e598d804193becc9b3e22b9
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
91335a026fc4334c5bc86581833e56f2cb0d31a2984e83583236f4a9772f03e3
937171bf8e13eb6101e88c58e044f3318125aae60d388d8e3787717650c0387e
95957960cbd935566a373d81a5e8ba5a27b3bb6ec324682887dc73860c229f02
977ca6b7906a4d16c6666805396b2163aaddeb6bec49cda925f20b8dec1b56d9
97bc6d7d2e33122be7ffaaa19ec6d7a142c5f0e6a3ac7b861910757148498288
9c8ca65b736d8366b5e2557ea7a55022d9284c493875dd9fd08b7e8423ee0282
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
9d261f76de2248c76f152511e022260bfd959163213ec1b20669fa6671148e2c
9d5c9598ba0e6185bb4dea9dadbe8fccd9c524bd992679e90bf993fe74560210
a1c8898d33bf3f16912ed47c3129983b26d904bf43b2216072fdc549376057d7
a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a7d667bec0fa72fd6ff7f349a2915f3c1e7d4acfab2a8630db3857c4f46bd323
a9f2fc4b8fa42caed13503c64f2f322d13cccd5417b94d5f45077d1d421a7edf
af1b24ca9cc3d0edc1489512fefc29a3c3b9a69d59a81ae2b04b167473635463
af1da5265575e7348ba304770de518ed7c24dd2f981b6a3dc469107e029fea11
b4acd2867ac42d216d8dce2ca4fd8e8928f8b7f9419970e8772da7298a516af3
b750ae14cb51a12c4975ceb7bda24d0a97872f67c8458a3dfc894b24701c97d4
b9622281558f1979c053d598121153f63ca28439d6532e5a9241be4c3e1e8409
bc5411929c57859f711fad44490fd37f77674b35daddc719f6cd938a34b93f4b
bf4512e8a7ee4d972499eb80f3f2e02beef0d56236f6cbe339befb5d1671e3b1
c3660b95b7f11ff57aee6fcbecb2bd153481ac38a3d1f37f339f63cf6fdd77d3
c378ee06bbd464704602a25e250f382feda809683cd5c43963b1e6abf30caecb
cd7a6996192a36ba247c32e9a19de9c0c3c7f8cc876790594dc93db32c7b051c
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cec65ee7ed23f5724798c193f8570661a789c210836ee2c8cb7dd16aacbcee18
d25c8c31f3339bb96ca8a6ebdc9a57dac681b2cfac5f3ed2472787e85866c87b
d410a1e115fd1b1c3adc9db99cbee7a9bb0400af95a190e0e37f18615a244e41
d6f6fb23b04471654e797f823a381300bb8354782187b121a30b644097a790e2
dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91
dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b
ddb7f028e2d7feef307275850a96ab7450bc59ea4f45882bed8f17948d52a219
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df127da678d7ebec429bdf5bb1dd0f2f9ea307b5d7cc9a20e8829f0cfe1e7f9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595
e587a682432b3fe95491b8329c7951e30aeb0ea5a5aa5c6e5bfe56157170ee56
e66e1dc6e3acf767cf93a2e582232e70169db2dd55b107986cdd453831acb347
e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199
ec5eef8293c6aae268347d13da74a7faa0189c1b3b89d6e40cf4b9e6e02c7d1f
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452
f07242a796179a5a0fbb8d23b885f4f6f7b5b74190ed7e1bbb8dc4f31d4ea296
f09dff45392cb4466fbc2a7891720f65f495b7a5eb2745feef43607f42eb0dad
f10aeefb066161f38dadd2ed1267852072f9fc1c7a50971b8bf25d4bf8851d84
f1d749ec752d0bf5719ee501fd4c0fda01b71ed35ffc72dc72e1b07d87209544
f27fd72064f1da6a5ce24630f51640e4e48a87a0acebd9c8b6d046d86f9f24c6
f435abe2604c557329c7e76902801a0ae943edf6be11fed8c5550f13ed6e07e8
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f8df44b1e4f8ad283e77835a377d6dd6073a08e92297a69690a641968177f01b
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
f9ddba7253d1097099639398e08133ef6c647bef45df95bc6952274f6c64d15c

www.itworldcanada.com Open in urlscan Pro 64.140.127.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

181 Requests

100 %HTTPS

67 %IPv6

16 Domains

29 Subdomains

26 IPs

5 Countries

2952 kBTransfer

5268 kBSize

8 Cookies

26 Outgoing links

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.itworldcanada.com Open in urlscan Pro
64.140.127.168 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

100 %
HTTPS

67 %
IPv6

16
Domains

29
Subdomains

26
IPs

5
Countries

2952 kB
Transfer

5268 kB
Size

8
Cookies

181 HTTP transactions
15 data transactions