www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::666 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
Submission Tags: falconsandbox
Submission: On April 19 via api (April 19th 2021, 5:11:38 pm UTC) from US

Summary HTTP 39 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 39 HTTP transactions. The main IP is 2a04:4e42:1b::666, located in United States and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a04:4e42:1b:... 2a04:4e42:1b::666	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:fb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.202.41.184 34.202.41.184	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.65.188 151.101.65.188	54113 (FASTLY) (FASTLY)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	13.33.139.107 13.33.139.107	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
39	13

14 2a04:4e42:1b::666 (United States)

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmg1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:fb9 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.41.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-41-184.compute-1.amazonaws.com

a.myfidevs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.188 (United States)

ASN54113 (FASTLY, US)

at.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.139.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-107.cph50.r.cloudfront.net

cdn.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:192::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

686eb704.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	zdnet.com www.zdnet.com	536 KB
6	cookielaw.org cdn.cookielaw.org	109 KB
4	myfinance.com static.myfinance.com www.myfinance.com	56 KB
3	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net	127 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	120 KB
2	cbsi.com at.cbsi.com	4 KB
2	myfidevs.io a.myfidevs.io	166 B
2	go-mpulse.net c.go-mpulse.net	51 KB
1	akstat.io 686eb704.akstat.io	354 B
1	cohesionapps.com cdn.cohesionapps.com	18 KB
1	onetrust.com geolocation.onetrust.com	520 B
1	cbsistatic.com cmg1.cbsistatic.com	36 KB
39	12

	Domain	Requested by
13	www.zdnet.com	www.zdnet.com
6	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
3	confiant-integrations.global.ssl.fastly.net	www.zdnet.com confiant-integrations.global.ssl.fastly.net
2	securepubads.g.doubleclick.net	www.zdnet.com securepubads.g.doubleclick.net
2	at.cbsi.com	www.zdnet.com
2	www.myfinance.com	static.myfinance.com
2	a.myfidevs.io	static.myfinance.com
2	static.myfinance.com	www.zdnet.com
2	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net
1	686eb704.akstat.io	c.go-mpulse.net
1	ad.doubleclick.net	www.zdnet.com
1	cdn.cohesionapps.com	www.zdnet.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cmg1.cbsistatic.com	www.zdnet.com
39	14

This site contains links to these domains. Also see Links.

Domain
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
lmntrix.com
www.techproresearch.com
www.cnet.com
redventures.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
narratives.zdnet.com
privacyportal.onetrust.com
cbsi.secure.force.com
academy.zdnet.com
onetrust.com

Subject Issuer	Validity	Valid
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2021-06-18`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.cbsistatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-22` - `2022-01-25`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
*.myfidevs.io Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-05` - `2022-04-06`	a year	crt.sh
*.at.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-12-17` - `2021-12-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
cdn.cohesionapps.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
Frame ID: 8070A280F1B255C9049DFDC1D0A1F533
Requests: 41 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 11128C4BC2F6FBC8A2461FE8BE0643E3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Page Statistics

39
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

1058 kB
Transfer

3592 kB
Size

0
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://lmntrix.com/Lab/Lab_info.php?id=112
Title: have found

Search URL Search Domain Scan URL

URL: http://www.techproresearch.com/downloads/cybersecurity-strategy-research-common-tactics-issues-with-implementation-and-effectiveness/
Title: Cybersecurity strategy research: Common tactics, issues with implementation, and effectiveness

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/wannacry-notpetya-ransomware-hackers-2017-less-popular-malwarebytes/
Title: not being as popular as it was last year

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/enterprises-can-avoid-ransom-payments-when-they-have-solid-data-backup-plans/
Title: Avoid ransomware payments by establishing a solid data backup plan

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/atlanta-ransomware-attack-hit-mission-critical-systems/
Title: Atlanta ransomware attack hit 'mission critical' systems

Search URL Search Domain Scan URL

URL: https://redventures.com/CMG-terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://redventures.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/79ba7c84-ebc2-4740-8d11-bf1cc4501e59/ae88e03f-2b16-4276-9980-27124ba4b2c1
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/ 542 KB
152 KB 2423ms
2403ms Document
text/html 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b7f41d93dc10b5edd9423e4326cb1b0da472f759dbc1990f182371be62ebd7cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 07201673-65f1-4543-b658-c6d0cc4191d8
x-xss-protection: 1; mode=block
set-cookie: nemo_highlander=critical_css:2:c; expires=Thu, 22-Apr-2021 14:00:00 GMT; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
date: Mon, 19 Apr 2021 17:11:20 GMT
via: 1.1 varnish
cache-control: max-age=5400, private
expires: Mon, 19 Apr 2021 18:41:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-length: 154466

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 43ms
23ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Apr 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JAEaYPmlzGBPWdORjSAaYw==
age: 238
vary: Accept-Encoding
content-length: 5617
cf-request-id: 098cb692260000d6d15f185000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:23 GMT
server: cloudflare
etag: 0x8D8F2581726E85D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0c6caa1d-301e-00dd-7e1e-278b48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6427c0636cd8d6d1-FRA

GET
H2 200 optanon-v1.1.0.js Show response
cmg1.cbsistatic.com/privacy/optanon/ 36 KB
36 KB 27ms
10ms Script
text/javascript 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cmg1.cbsistatic.com/privacy/optanon/optanon-v1.1.0.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Nov 2020 17:51:25 GMT
server: ContentServer
age: 2224931
etag: "46e2aa30cbebb708b5fc468d57d56d8b"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public, max-age=604800
x-content-type-options: nosniff
strict-transport-security: max-age=900
accept-ranges: bytes
content-length: 36582
x-xss-protection: 1; mode=block
expires: Thu, 21 Jan 2021 07:58:02 GMT

GET
H2 200 uncritical.css
www.zdnet.com/a/fly/css/core/ 326 KB
55 KB 7ms
6ms Stylesheet
text/css 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/css/core/uncritical.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7494d0499f9743fae987fc2acb871cd7f7b84c4a5543b1be9827d5ae973cac95

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/fly/css/core/uncritical.css
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding, Accept
content-length: 56514
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 09:38:03 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "468a5ec957a517ba38d18ea753d21a49"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Apr 2021 09:49:46 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame 1112 205 KB
50 KB 41ms
9ms Script
application/javascript 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:11:20 GMT
Content-Encoding: br
Last-Modified: Mon, 08 Mar 2021 16:42:04 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 dp-zdnet-headshot-feb-20201.jpg
www.zdnet.com/a/hub/i/r/2020/02/06/6f24b751-729c-4ed9-9fae-979667f1d3b3/thumbnail/40x40/85b0ebe5a0348cdc66d105b991ab3a53/ 822 B
915 B 19ms
8ms Image
image/jpeg 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/hub/i/r/2020/02/06/6f24b751-729c-4ed9-9fae-979667f1d3b3/thumbnail/40x40/85b0ebe5a0348cdc66d105b991ab3a53/dp-zdnet-headshot-feb-20201.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e4b830539c7c1da552be847860876d573320cc555d62bd7b4b638d7809543b56

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/hub/i/r/2020/02/06/6f24b751-729c-4ed9-9fae-979667f1d3b3/thumbnail/40x40/85b0ebe5a0348cdc66d105b991ab3a53/dp-zdnet-headshot-feb-20201.jpg
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding, Accept
content-length: 776
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Aug 2020 19:21:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"63a8dcb8bf0191a749d96db8e724814f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
via: 1.1 varnish
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Jun 2021 06:10:31 GMT

GET
H2 200 5b3b428460b200b219dec555-1280x7201jul032018104933poster.jpg
www.zdnet.com/a/hub/i/r/2018/07/03/a67d17c4-180c-400d-96c3-9553656fb269/thumbnail/570x322/fb3bb0e290ceaa12b75d14394d4f4106/ 14 KB
15 KB 20ms
11ms Image
image/jpeg 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/hub/i/r/2018/07/03/a67d17c4-180c-400d-96c3-9553656fb269/thumbnail/570x322/fb3bb0e290ceaa12b75d14394d4f4106/5b3b428460b200b219dec555-1280x7201jul032018104933poster.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

af2dc09d58e1c26ff325d6e74aadb7df0eec7a76175f699856a985b59e8bcb6d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/hub/i/r/2018/07/03/a67d17c4-180c-400d-96c3-9553656fb269/thumbnail/570x322/fb3bb0e290ceaa12b75d14394d4f4106/5b3b428460b200b219dec555-1280x7201jul032018104933poster.jpg
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding, Accept
content-length: 14731
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Sep 2020 23:37:43 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"488399be6a3ddfe6e2a8156b50c2b84e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
via: 1.1 varnish
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 May 2021 23:21:31 GMT

GET
H2 200 medusa-adv.js Show response
www.zdnet.com/a/fly/bundles/zdnetjs/js/utils/ 537 B
473 B 21ms
12ms Script
application/javascript 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/bundles/zdnetjs/js/utils/medusa-adv.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

193912cd0d3b49f497bde819b8ffec467e546934e73fe980544fa3f2a59a1a01

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/fly/bundles/zdnetjs/js/utils/medusa-adv.js
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding, Accept
content-length: 335
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 20:26:44 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2b9638b904368f3bb0c4d12c61d7607d"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Apr 2021 07:22:59 GMT

GET
H2 200 malware-upload-jpg.jpg
www.zdnet.com/a/hub/i/r/2015/08/03/e4620246-6146-4c72-b707-a08c919e7c1e/resize/220x165/c60914c57805d5870c370d626dfdd286/ 19 KB
16 KB 13ms
12ms Image
image/jpeg 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/hub/i/r/2015/08/03/e4620246-6146-4c72-b707-a08c919e7c1e/resize/220x165/c60914c57805d5870c370d626dfdd286/malware-upload-jpg.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3f673411e4617d53fd324e15c060927e71ec9e5db5013535efe6b1c9236c13fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/hub/i/r/2015/08/03/e4620246-6146-4c72-b707-a08c919e7c1e/resize/220x165/c60914c57805d5870c370d626dfdd286/malware-upload-jpg.jpg
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding, Accept
content-length: 16514
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Sep 2020 23:45:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"b5703024c620708cc851317c85a15adc"
strict-transport-security: max-age=31536000
content-type: image/jpeg
via: 1.1 varnish
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 May 2021 09:33:38 GMT

GET
H2 200 require-2.1.2.js Show response
www.zdnet.com/a/fly/js/libs/ 16 KB
6 KB 15ms
8ms Script
application/javascript 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/fly/js/libs/require-2.1.2.js
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding, Accept
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 20:26:26 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e921115a1eb49ccddea7411babc40494"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Apr 2021 08:23:59 GMT

GET
H2 200 mag-white01.png
www.zdnet.com/a/fly/1618332683-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 15ms
9ms Image
image/png 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/fly/1618332683-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/fly/1618332683-asset/bundles/zdnetcss/images/core/mag-white01.png
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
via: 1.1 varnish
x-content-type-options: nosniff
vary: Accept-Encoding, Accept
content-length: 1265
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Apr 2021 15:40:45 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 16:45:49 GMT

GET
H2 200 Semibold.woff2
www.zdnet.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 12ms
10ms Font
application/octet-stream 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
origin: https://www.zdnet.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
:path: /bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.zdnet.com
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
via: 1.1 varnish
last-modified: Tue, 30 Mar 2021 19:25:08 GMT
etag: "60637b14-4f78"
vary: Accept-Encoding, User-Agent
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
timing-allow-origin: *
content-length: 20344
expires: Thu, 31 Mar 2022 14:01:33 GMT

GET
H2 200 Regular.woff2
www.zdnet.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 11ms
9ms Font
application/octet-stream 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
origin: https://www.zdnet.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
:path: /bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.zdnet.com
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:20 GMT
via: 1.1 varnish
last-modified: Thu, 25 Mar 2021 18:20:10 GMT
etag: "605cd45a-4f20"
vary: Accept-Encoding, User-Agent
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
timing-allow-origin: *
content-length: 20256
expires: Tue, 29 Mar 2022 14:15:44 GMT

GET
H2 200 e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/ 3 KB
2 KB 32ms
17ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OEOyq06PFOqP2wdlgJHyA==
age: 6211
vary: Accept-Encoding
content-length: 1219
cf-request-id: 098cb692a700004a689124d000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:56 GMT
server: cloudflare
etag: 0x8D87C42F9703542
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 717d6a01-601e-00a8-611b-d40cf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6427c0643ee74a68-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
520 B 47ms
30ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6427c064ecde4ab5-FRA
cf-request-id: 098cb6931300004ab58a07f000000001

GET
H2 200 myFinance.js Show response
static.myfinance.com/widget/ 173 KB
53 KB 81ms
52ms Script
application/javascript 2606:4700:20::681a:fb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/myFinance.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9cf67bd1586cb531ce43f1b859cc24ce1fb41d7e932ab1a9dd42edca2cad84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 118
strict-transport-security: max-age=15552000
x-amz-request-id: TD9SJ72M4GGWQDW2
x-amz-id-2: /XMKQShQB7RB4x2wjvIPGVdp8VSVwfwDHREb1fOUQJFDjKbYbz7ruG0Dpzvh0iDyCKC8FN85B3g=
last-modified: Fri, 09 Apr 2021 17:41:01 GMT
server: cloudflare
etag: W/"8da2f919947e2a89e12268635f90b80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DhPRKSmekE7GDn7UVo4AKZ1xlOhJdAu640ec%2F%2F%2F87LD5P%2Fq32iI%2BMpTQx0v%2Ff6G0C57FxAGRgQwDc988pxpQKBd3qo4PDHoUjxAMLxuqkjEwS0VmsIUWihIobBr9sW2uGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 098cb6931e0000324045b6d000000001
cf-ray: 6427c064f9953240-FRA

GET
H2 200 myFinance.css
static.myfinance.com/widget/ 4 KB
2 KB 46ms
17ms Stylesheet
text/css 2606:4700:20::681a:fb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/myFinance.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

431817fa21d4c16dc23ff06237191f5c72b9f960d6f3231f7898be40c34cdd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7012
strict-transport-security: max-age=15552000
x-amz-request-id: AJ8HFSER7TEZ4N0Y
x-amz-id-2: lbV+umHFklSbFl2EIVQeGkpVrCWP+OYSRCEJXV6ufKAPMP1ien8Kav5Nw4JcsocQaO2Hd1I7/Xo=
last-modified: Mon, 27 Jan 2020 15:45:18 GMT
server: cloudflare
etag: W/"343cb2ab0257e64730be244a8662b4f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jXn3ElGvrNGobb2YUqHDl21itn2U%2BQgZd%2BG8LYEw0onzv3D%2BRUp1kMusWVRi3iyhEaIZBxc5qWqIpcjrTeeO6J5dB0HloDYn5M6MSctyVPtAikPh9hZQboexp6Ipugh7dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-request-id: 098cb6931d00003240b6b1b000000001
cf-ray: 6427c064f9923240-FRA

GET
H2 200 ring-animated.svg
www.zdnet.com/a/fly/1618332683-asset/bundles/zdnetcss/images/video/ 704 B
841 B 8ms
7ms Image
image/svg+xml 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/fly/1618332683-asset/bundles/zdnetcss/images/video/ring-animated.svg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/css/core/uncritical.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/fly/1618332683-asset/bundles/zdnetcss/images/video/ring-animated.svg
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zdnet.com
referer: https://www.zdnet.com/a/fly/css/core/uncritical.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/a/fly/css/core/uncritical.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
via: 1.1 varnish
x-content-type-options: nosniff
vary: Accept-Encoding, Accept
content-length: 704
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Apr 2021 16:54:48 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5f87ac7f571b5a0b1cdc101b49cdc8de"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 16:55:43 GMT

GET
H2 200 logo.png
www.zdnet.com/a/fly/1618332683-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 7ms
7ms Image
image/png 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/fly/1618332683-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/css/core/uncritical.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/fly/1618332683-asset/bundles/zdnetcss/images/core/logo.png
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zdnet.com
referer: https://www.zdnet.com/a/fly/css/core/uncritical.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/a/fly/css/core/uncritical.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
via: 1.1 varnish
x-content-type-options: nosniff
vary: Accept-Encoding, Accept
content-length: 4105
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Apr 2021 15:40:45 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 16:26:42 GMT

GET
H2 200 main.default.js Show response
www.zdnet.com/a/fly/d0ea4f-fly/js/ 812 KB
244 KB 8ms
8ms Script
application/javascript 2a04:4e42:1b::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/d0ea4f-fly/js/main.default.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0af3af3de26b4ee89d8d0beb03ba6b857bcad8a76236769428b4a78ad0ef7461

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /a/fly/d0ea4f-fly/js/main.default.js
pragma: no-cache
cookie: nemo_highlander=critical_css:2:c; fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.zdnet.com
referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding, Accept
content-length: 249236
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Apr 2021 15:35:03 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "f547079f0e37b32758726c1fb550887b"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Apr 2021 15:36:15 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.7.0/ 338 KB
72 KB 14ms
13ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 39GJ8QXxSjBaTmaIgt+tLg==
age: 6658
vary: Accept-Encoding
content-length: 73268
cf-request-id: 098cb693470000d6d1923a4000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:45 GMT
server: cloudflare
etag: 0x8D86C1D8DA49AF8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80f44d55-601e-002b-3e3a-04ac5e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6427c0653870d6d1-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 1112 2 KB
1 KB 57ms
40ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5396174&v=1.720.0&if=&sl=0&si=39905026-c06a-46f4-b340-066d00be53c3-qrtmeu&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 317b0b99170ba5f3340c4809dd8bd02aaedf2acf2bfea49dd82b7ae5cb4978f6

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:11:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 792

OPTIONS
H2 204 record
a.myfidevs.io/ Frame 0
0 340ms
114ms Preflight 34.202.41.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Protocol: H2
Server: 34.202.41.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-41-184.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: *
server: Python/3.7 aiohttp/3.7.4.post0

POST
H2 204 record Show response
a.myfidevs.io/ 0
166 B 152ms
152ms XHR
text/plain 34.202.41.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Requested by: Host: static.myfinance.com
URL: https://static.myfinance.com/widget/myFinance.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.41.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-41-184.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-api-key: yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 19 Apr 2021 17:11:21 GMT
access-control-allow-credentials: true
server: Python/3.7 aiohttp/3.7.4.post0
access-control-allow-headers: *
access-control-allow-methods: POST

POST
H2 200 v1.5 Show response
www.myfinance.com/api/au/ 1 KB
1 KB 329ms
328ms XHR
application/json 2606:4700:20::681a:fb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?mf_referrer=https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Requested by

Host: static.myfinance.com
URL: https://static.myfinance.com/widget/myFinance.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dabc1e2b45f09c74d35f9779078e5fc7dd75cc05e67956fee758889511855391

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/json
vary: Accept, Accept-Language, Origin, Cookie
cf-request-id: 098cb6942c000005b373870000000001
allow: POST, GET
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QwQjXtjR72ODjYlKlkNQzwrWE3auG%2FBboB95yVKBwZpSntfpxol4TWSh3TFRBtJSbCIWKCV17ZL6jBtFJC6xV1QYfixg%2BP5re2tA%2BFx87yT4CwOh77R6pyoeHxwIYA%3D%3D"}]}
content-language: en-us
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6427c066a93805b3-FRA
expires: Mon, 19 Apr 2021 17:11:21 GMT

OPTIONS
H2 200 v1.5
www.myfinance.com/api/au/ Frame 0
0 158ms
128ms Preflight
text/html 2606:4700:20::681a:fb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?mf_referrer=https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Server

2606:4700:20::681a:fb9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-type: text/html; charset=utf-8
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken, x-api-key, Access-Control-Allow-Origin
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-request-id: 098cb693a2000005b331aa8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qWSb2Z1eO5aDkV9rxB7oi%2FFPiN67EcATJEikTExU3unZqzxYCqFkmMnMqDAhWmxAointePJNbP9dHlXpUzDSUIXkRE2Rt%2B7ZBO4DH%2FQxauWKcH2gvbpztG4hpRuNzA%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6427c065cf2a05b3-FRA
content-encoding: br

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/ 60 KB
14 KB 25ms
25ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zmR4HzWDnD/K8NKWX2k29A==
age: 4774
vary: Accept-Encoding
content-length: 14179
cf-request-id: 098cb6939800004a68849f3000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:59 GMT
server: cloudflare
etag: 0x8D87C42FB4B3E93
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49f866d8-c01e-0144-5e0a-b442df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6427c065cb3d4a68-FRA

OPTIONS
H2 200 diff
at.cbsi.com/lib/api/v1/zdnet/prod/config/ Frame 0
0 194ms
150ms Preflight
text/html 151.101.65.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Protocol

Server

151.101.65.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: 0c38a8649442549ad9aecddc90505c47
server: Google Frontend
accept-ranges: bytes
date: Mon, 19 Apr 2021 17:11:21 GMT
via: 1.1 varnish
x-served-by: cache-ams21040-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1618852281.370979,VS0,VE129
vary: Accept-Encoding, Origin
x-abtest: none
strict-transport-security: max-age=300
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 155 KB
36 KB 287ms
21ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/d0ea4f-fly/js/main.default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7474fcafa32829b033a2a713fc4eebaa0061dba59a84c4860f1c2cf6c3158eb0

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:11:21 GMT
Content-Encoding: gzip
Age: 727
X-Cache: HIT
Connection: keep-alive
Content-Length: 36216
x-amz-id-2: FuUmSqNkhGjS3Sf3DNz0Oxqxbc49wVZcTcZ3ybg6hQN42veM2vTpoWYbib/OvkPd7U1vWNkKJwc=
X-Served-By: cache-hhn4047-HHN
Last-Modified: Mon, 19 Apr 2021 16:51:05 GMT
Server: AmazonS3
X-Timer: S1618852282.557702,VS0,VE0
ETag: "0ec455daad7289241c4e3ae8827e60a0"
x-amz-request-id: ZB1WDE63V10AYN8Y
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 54

GET
H2 200 diff Show response
at.cbsi.com/lib/api/v1/zdnet/prod/config/ 22 KB
4 KB 23ms
21ms Fetch
application/json 151.101.65.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/d0ea4f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

78261500cc1726b63c6da90d804138cc18e644c47b03c5fcf047084ac5c75c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cat: qmiBIvHvH
Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
version: v2.22.3
variant: core
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-abtest: none
date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
x-dns-prefetch-control: off
x-cache: HIT
ttl: 900s
content-length: 4360
x-xss-protection: 1; mode=block
x-served-by: cache-ams21040-AMS
access-control-allow-origin: *
server: Google Frontend
x-timer: S1618852282.524001,VS0,VE1
x-frame-options: SAMEORIGIN
etag: W/c8b4d241d3ea38db32b70892d116569f2f9999df
x-download-options: noopen
vary: Accept-Encoding, Origin
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 544e10745161f8128089f7285cdbf7d9
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 87ms
30ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/d0ea4f-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8c27d38cb386f45d320fee3176cfcdb0457053bca21bc96104e02d3b0275cfe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "847 / 859 of 1000 / last-modified: 1618843586"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21083
x-xss-protection: 0
expires: Mon, 19 Apr 2021 17:11:21 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/ 12 KB
4 KB 15ms
14ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6g5s6eICehvPXWb9nycIcQ==
age: 184
vary: Accept-Encoding
content-length: 3328
cf-request-id: 098cb6941400004a686305f000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:38 GMT
server: cloudflare
etag: 0x8D86C1D890DBAF3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6f0ee0a3-601e-0046-6d17-b30670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6427c0668d494a68-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/ 45 KB
11 KB 37ms
36ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VdPW9mUL+ZgJ7oO59gDKyw==
age: 202
vary: Accept-Encoding
content-length: 11094
cf-request-id: 098cb6941400004a68c128f000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:40 GMT
server: cloudflare
etag: 0x8D86C1D8A75F320
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8f590607-301e-015a-26e5-2b9832000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6427c0668d4c4a68-FRA

GET
H2 200 cohesion-latest.min.js Show response
cdn.cohesionapps.com/cohesion/ 64 KB
18 KB 142ms
46ms Script
application/javascript 13.33.139.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-107.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6eec3d1bb7840b90a12773450973e667da9aa73a56aba2696af335c8cfa69ad

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b22fcba0e29d171d5dfd9d7a13eae16a"
last-modified: Thu, 08 Apr 2021 12:08:07 GMT
server: AmazonS3
age: 48928
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4b9325465b369de0e96cbaa528af33e0.cloudfront.net (CloudFront)
date: Mon, 19 Apr 2021 03:35:54 GMT
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: VIuMY1Y9RqrKcJ2x36dL15zlc04brrgdVFfyjJyEBCLz3KIiFWR5iA==

GET
H2 200 ;ord=1618852281487
ad.doubleclick.net/ddm/ad/pfobuxpuzb/ 43 B
632 B 92ms
32ms Image
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/pfobuxpuzb/;ord=1618852281487?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 17:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021041501.js Show response
securepubads.g.doubleclick.net/gpt/ 299 KB
105 KB 33ms
32ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 17:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 08:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107555
x-xss-protection: 0
expires: Mon, 19 Apr 2021 17:11:21 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202104121324/ 191 KB
58 KB 21ms
20ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 158d7c3c8d931a587c66b7947fdc4a9e9c741dade62fff14a88430482835c4a2

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:11:21 GMT
Content-Encoding: gzip
Age: 137
X-Cache: HIT
Connection: keep-alive
Content-Length: 58345
x-amz-id-2: 908L94XXz/NPt0KLX41VlOO4giUVLlYahLMwy6e+tsmEe3jKW4sfJCS/beaVT8/z3WqIaUhxItI=
X-Served-By: cache-hhn4047-HHN
Last-Modified: Mon, 12 Apr 2021 17:25:04 GMT
Server: AmazonS3
X-Timer: S1618852282.770578,VS0,VE0
ETag: "433db6c7dd2773cf1cb7be08520ec08b"
x-amz-request-id: 5FMZFTNP4W280YTR
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 161

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202101191641/ 79 KB
27 KB 56ms
20ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202101191641/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2d8bac091e29c39bb1b5995e3f5abf35d0331050a857cd3deb2cb2826d566a1

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:11:21 GMT
Content-Encoding: gzip
Age: 298
X-Cache: HIT
Connection: keep-alive
Content-Length: 26593
x-amz-id-2: wC6kFOAPbaebhfMFD+nb5jor1u3x38MdiR+B7P4rhSv4P0gQEuPJk5Mcn4OyKF6ZxHwDsbKu+qY=
X-Served-By: cache-hhn4047-HHN
Last-Modified: Tue, 19 Jan 2021 21:59:32 GMT
Server: AmazonS3
X-Timer: S1618852282.806280,VS0,VE0
ETag: "1574083588e7972c691e251d9d319ee9"
x-amz-request-id: 3JP3QZS58QV1RGJM
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 18

POST
H/1.1 204
No Content /
686eb704.akstat.io/ 0
354 B 51ms
32ms Ping
image/gif 2a02:26f0:7100:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://686eb704.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:7100:192::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 19 Apr 2021 17:11:22 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 19 Apr 2021 17:11:22 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/(Line 386) Message: Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api	log	URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/(Line 96) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/(Line 96) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/(Line 244) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_sourcepoint with class optanon-category-4
console-api	log	URL: https://www.zdnet.com/article/shrug-ransomware-victim-heres-how-to-retrieve-your-locked-files-for-free/(Line 244) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_cohesion with class optanon-category-2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

686eb704.akstat.io
a.myfidevs.io
ad.doubleclick.net
at.cbsi.com
c.go-mpulse.net
cdn.cohesionapps.com
cdn.cookielaw.org
cmg1.cbsistatic.com
confiant-integrations.global.ssl.fastly.net
geolocation.onetrust.com
securepubads.g.doubleclick.net
static.myfinance.com
www.myfinance.com
www.zdnet.com
13.33.139.107
142.250.186.102
142.250.186.98
151.101.113.194
151.101.65.188
2606:4700:10::6814:b844
2606:4700:20::681a:fb9
2606:4700::6810:9540
2a02:26f0:6c00:1b8::11a6
2a02:26f0:7100:192::11a6
2a04:4e42:1b::666
34.202.41.184
0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0af3af3de26b4ee89d8d0beb03ba6b857bcad8a76236769428b4a78ad0ef7461
158d7c3c8d931a587c66b7947fdc4a9e9c741dade62fff14a88430482835c4a2
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
193912cd0d3b49f497bde819b8ffec467e546934e73fe980544fa3f2a59a1a01
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
317b0b99170ba5f3340c4809dd8bd02aaedf2acf2bfea49dd82b7ae5cb4978f6
3f673411e4617d53fd324e15c060927e71ec9e5db5013535efe6b1c9236c13fa
431817fa21d4c16dc23ff06237191f5c72b9f960d6f3231f7898be40c34cdd2b
5a9cf67bd1586cb531ce43f1b859cc24ce1fb41d7e932ab1a9dd42edca2cad84
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
7474fcafa32829b033a2a713fc4eebaa0061dba59a84c4860f1c2cf6c3158eb0
7494d0499f9743fae987fc2acb871cd7f7b84c4a5543b1be9827d5ae973cac95
78261500cc1726b63c6da90d804138cc18e644c47b03c5fcf047084ac5c75c16
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
8c27d38cb386f45d320fee3176cfcdb0457053bca21bc96104e02d3b0275cfe8
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
af2dc09d58e1c26ff325d6e74aadb7df0eec7a76175f699856a985b59e8bcb6d
b7f41d93dc10b5edd9423e4326cb1b0da472f759dbc1990f182371be62ebd7cb
c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
d2d8bac091e29c39bb1b5995e3f5abf35d0331050a857cd3deb2cb2826d566a1
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
dabc1e2b45f09c74d35f9779078e5fc7dd75cc05e67956fee758889511855391
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b830539c7c1da552be847860876d573320cc555d62bd7b4b638d7809543b56
e6eec3d1bb7840b90a12773450973e667da9aa73a56aba2696af335c8cfa69ad
f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:1b::666 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

50 %IPv6

12 Domains

14 Subdomains

13 IPs

2 Countries

1058 kBTransfer

3592 kBSize

0 Cookies

23 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::666 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

1058 kB
Transfer

3592 kB
Size

0
Cookies

39 HTTP transactions
7 data transactions